Jan 06, 2012

How serious of a security risk does the theft of Norton Antivirus source code create?

I heard today that hackers have stolen the source code for Norton Antivirus, which is what I use at my (small) office. I'm thinking of switching to a different anti-malware/virus program to be safe. Am I overreacting, or is this putting Norton users at risk?


I think you are ok unless you are using an old, non-consumer version of Norton.  It only compromises Symantec Endpoint Protection, which is an enterprise product, and Antivirus 10.2.  Both are years old, and Antivirus 10.2 is not even supported any longer.  As long as you are not  using either of those, you are fine.  I think most companies that take security seriously are not likely to still be running this software, so the impact/risk will probably be minimal. 

The version that was stolen is apparently the older enterprise version, so it may not be the one you are using.

Symantec downplays source-code trophy theft

"In response, Symantec said the leaked code related to enterprise (not consumer) products of 2006-07 vintage. It downplayed the significance of the hack and sought to assure the industry that everything was under control.

Even if the leak related to up-to-date source code, it would be of only limited use to hackers, except as a "trophy scalp". Nonetheless the hack raises questions about the security of Symantec's ecosystem and the circumstances when it is prepared to share source code."
Answer this