January 25, 2013
Symantec PGP Whole Disk Encryption 0-Day
Symantec product PGP Whole Disk Encryption which is used to encrypt all the contents on the disk on a block-by-block basis having Zero-Day Vulnerability, according to a pastebin note.Note was posted on 25th Dec by Nikita Tarakanov, claiming that pgpwded.sys kernel driver distributed with Symantec PGP Desktop contains an arbitrary memory overwrite vulnerability. Affected version of software is Symantec PGP Desktop 10.2.0 Build 2599 (up-to date).Through a blog post, Symantec confirmed that its a potential issue, but it cannot easily be exploited. Vulnerability is limited to systems running Windows XP and Windows 2003 only. An attacker would need local access to a vulnerable computer to exploit this vulnerability.Note posted by Nikita also provide technical details on the issue, that help Symantec encryption engineering team to understand the issue. “However, the exploit would be very difficult to trigger as it relies on the system entering an error condition first. Once in this error condition, the exploit could allow an attacker with lower privileges to run some arbitrary code with higher privileges.“ Kelvin Kwan said.Vendor is planning a fix in an upcoming maintenance pack in February.via The Hacker News
Posted in InfoEdit