Patch/Configuration Management, Vulnerability Management

Symantec’s anti-virus engine updated, flaw could cause Blue Screen of Death


Symantec released an update to its anti-virus engine (AVE) to repair a kernel-level flaw making the software susceptible to a memory access violation when parsing a specifically-crafted portable-executable (PE) header file.

Symantec said the critical vulnerability, CVE-2016-2208, affected Symantec anti-virus engine version 20151.1.0.32. These malformed PE files do not require any user interaction to trigger the parsing of the malformed files, but they can be received through email, downloading a document or application or by visiting a malicious web site.

“The most common symptom of a successful attack would result in an immediate system crash, aka Blue Screen of Death,” the company wrote in its update.

The fix is included in Symantec AVE version 20151.1.1.4, which was delivered to customers through its live update system.

The company credited Tavis Ormandy with Google's Project Zero for reporting the vulnerability.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.