An article review.

Called “as bad as it gets” by experts, the vulnerability impacts practically all Symantec and Norton security products

A vulnerability recently disclosed by Google’s Project Zero has put both enterprise and commercial customers of Symantec and Norton at risk, according to an article published this week by Ars Technica.

The vulnerability, which has been confirmed by Symantec as well, can be triggered by merely receiving an email and can allow code to be executed at the highest privilege level–even going so far as to corrupt Windows’ kernel memory. Because of the ease at which the vulnerability can be exploited and the access afforded by it experts are warning that the exploit is, “as bad as it gets.”

The good news is that Symantec is pushing out updates which should be automatically installed by most residential customers, while enterprise clients should make sure their update policies will allow the patches to be applied as soon as possible.

Original article by Dan Goodin of Ars Technica.