Saturday, January 5, 2013
0
Follow @TheHackersPost
Symantec PGP Desktop Zero Day Vulnerability
Symantec product PGP Whole Disk Encryption which is used to encrypt all the contents on the disk on a block-by-block basis having Zero-Day Vulnerability, Exploitation of this issue allows an attacker to execute arbitrary code within the kernel. An attacker would need local access to a vulnerable computer to exploit
this vulnerability.according to a pastebin note.
Note was posted on 25th Dec by Nikita Tarakanov, claiming that pgpwded.sys kernel driver distributed with Symantec PGP Desktop contains an arbitrary memory overwrite vulnerability. Affected version of software is Symantec PGP Desktop 10.2.0 Build 2599 (up-to date).
Symantec confirmed Through a blog post that its a potential issue, but it cannot easily be exploited. Vulnerability is limited to systems running Windows XP and Windows 2003 only. An attacker would need local access to a vulnerable computer to exploit this vulnerability.
Note posted by Nikita also provide technical details on the issue, that help Symantec encryption engineering team to understand the issue.
"However, the exploit would be very difficult to trigger as it relies on the system entering an error condition first. Once in this error condition, the exploit could allow an attacker with lower privileges to run some arbitrary code with higher privileges." Kelvin Kwan said.
Vendor is planning a fix in an upcoming maintenance pack in February.
Categories : Symantec , Symantec 0 Day , Vulnerability , Zero Day Vulnerability
About Author:
Nauman Ashraf is a security researcher, developer and blogger. He is Founder and Chief Editor of The Hackers Post. Follow him on
Twitter
Subscribe to:
Post Comments
(
Atom
)
0 Responses to “ Symantec PGP Desktop Zero Day Vulnerability ”
Post a Comment