Administration

Symantec antivirus vulnerability poses risk for students, faculty, staff

Credit: Angela Kendall / Penn StateCreative Commons

This article, part of Penn State’s ongoing Secure Penn State series, details a recent vulnerability to Symantec security products as well as the actions students, faculty and staff members need to take to protect personal and institutional information.

While antivirus software offers necessary protection against the growing threats of cybercrime, these security tools are not immune to their own vulnerabilities and need to be consistently updated to protect against potential security flaws.

Recently, a vulnerability to Symantec Endpoint Protection and other Symantec security products was discovered that could cause the computers and servers of Penn State students, faculty and staff members to become infected with malicious code.

According to Richard Sparrow, the acting security operations manager of Penn State’s Office of Information Security, part of the seriousness of the Symantec vulnerability is the fact that it doesn’t require any action from the user.

Unlike other security threats that infect a machine after a user clicks on a suspicious link or opens a malicious email attachment, the Symantec vulnerability occurs as a result of the software’s regularly scheduled virus scans.

“Users just have to receive an infected email, and the Symantec antivirus software will scan it as usual,” Sparrow said. “But during the scanning process, the antivirus software could potentially spread malicious code to the machine.”

By exploiting this vulnerability in Symantec’s scanning process, cybercriminals could gain control of a user’s machine without being detected, a security threat that Sparrow says could have worldwide impact. 

“I think this vulnerability has the potential to spread malware very quickly because of the nature of antivirus scanning software,” Sparrow said. “Right now, the biggest mistake a user can make is to not keep their software up to date.”

How to protect yourself

To protect personal and University-owned computers from this vulnerability, students, faculty and staff members who use Symantec products for antivirus protection should immediately update to the most recent version of Symantec Endpoint Protection for their operating system.

Mac users with administrative rights:

Students, faculty and staff members who have administrative rights to their Mac computers need to have “LiveUpdate” turned on in order for Symantec Endpoint Protection to automatically mitigate the vulnerability.

Windows users with administrative rights:

Students, faculty and staff members who have administrative rights to their Windows-based computers can download and install the new version of Symantec Endpoint Protection by visiting downloads.its.psu.edu. Instructions for downloading and installing the new version of the software are also available.

Mac and Windows users without administrative rights:

Students, faculty and staff members without administrative rights to their Mac or Windows-based computers will need to contact their local IT support.

For help

For assistance, contact your local IT support, call the IT Service Desk at 814-865-4357, or email itservicedesk@psu.edu.

For more information about cybersecurity at Penn State, visit the Office of Information Security’s website. For tips on creating strong passwords, boosting mobile security and backing up data, visit Penn State’s Online Safety and Security website.

Last Updated July 11, 2016

Contact