It turns out Symantec has been using code derived from open source libraries, which would be fine, except that they haven’t updated the libraries in at least 7 years. Travis Ormandy, an English hacker who works for Google, discovered and unveiled the security flaws. He called the problem “as bad as it gets” for security, and noted that “An attacker could easily compromise an entire enterprise fleet using a vulnerability like this.” You might recognize this as a very bad thing. You can Travis’s his full blog post over here.
What can you do?
k to patch out the problem once it was discovered – the vulnerabilities have been closed with the most recent update. Most of their products should update automatically, but you should absolutely check to make sure you have the newest, safest version of any Symantec or Norton product installed on your machine.Вебмастерам придется устанавливать HTTPS сертификаты