Tavis Omandy: Symantec antivirus product contains critical vulnerabilities

Tavis Omandy, a security researcher at Google, has been able to find critical flaws in various antivirus products.

The antivirus products AVG, Sophos, ESET, Kaspersky, Avast, Trend Micro, MalwareBytes, Comodo and Symantec have all been checked by Tavis Omandy, and in each antivirus solution he was able to find critical vulnerabilities.

The latest vulnerability he has found, is in the Symantec antivirus solution.

Tavis Omandy claims that he is capable of performing remote code executions by using the vulnerabilities in the earlier mentioned antivirus products.

Multiple critical RCE flaws in all Symantec/Norton AV products are being fixed later today, some of which will require user action to patch.

— Tavis Ormandy (@taviso) June 28, 2016

The vulnerabilities have not been disclosed with the public, but Tavis Omandy does state that Symantec is working on a patch, which will need user interaction to be enabled.