Symantec's anti-virus engine updated, flaw could cause Blue Screen of Death

The Blue Screen of Death could occur if this flaw is not fixed by the end user.
The Blue Screen of Death could occur if this flaw is not fixed by the end user.

Symantec released an update to its anti-virus engine (AVE) to repair a kernel-level flaw making the software susceptible to a memory access violation when parsing a specifically-crafted portable-executable (PE) header file.

Symantec said the critical vulnerability, CVE-2016-2208, affected Symantec anti-virus engine version 20151.1.0.32. These malformed PE files do not require any user interaction to trigger the parsing of the malformed files, but they can be received through email, downloading a document or application or by visiting a malicious web site.

“The most common symptom of a successful attack would result in an immediate system crash, aka Blue Screen of Death,” the company wrote in its update.

The fix is included in Symantec AVE version 20151.1.1.4, which was delivered to customers through its live update system.

The company credited Tavis Ormandy with Google's Project Zero for reporting the vulnerability.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS