Offensive Security said the flaws could be used to gain full system access
By Jeremy Kirk July 30, 2014 Symantec's Endpoint Protection product has three zero-day flaws that could allow a logged-in user to move to a higher access level on a computer, according to a penetration testing and training company.The three flaws, all known as privilege escalation vulnerabilities, were found during a security test of a financial services company, said Mati Aharoni, lead trainer and developer for Offensive Security, in a phone interview late Tuesday.Offensive Security, famous for its Kali Linux penetration testing software, released a short video on Tuesday demonstrating a successful exploit. It plans to preview proof-of-concept code during its "Advanced Windows Exploitation" training class at the Black Hat security conference in Las Vegas next month.
Full Article