This week, Tavis Ormandy of Google's Project Zero security research team disclosed a major vulnerability in security products by Symantec (and their consumer-targeted Norton brand) which arguably make users of these products less secure than they would be without an antivirus program at all.
This vulnerability is particularly bad—exploiting the vulnerability requires no user interaction. The vulnerability exists in a default configuration, and code execution occurs at the highest privilege level, if not the kernel itself. According to Ormandy, open source libraries used in the products such as libmspack and unrarsrc had not been updated "in at least 7 years."
This problem is not, itself, an aberration, and is not limited to Symantec. Security software necessarily requires high access privileges to operate effectively, though when it is itself insecure or otherwise malfunctioning, it becomes a much higher liability due to the extent to which it has control over the system. These software issues, combined with logistical and political problems in the antivirus industry itself, are making users less secure.
Purely programmatic problems
In March, a mishap in free and paid enterprise versions of Panda Antivirus flagged core program files as malware, in turn prompting the removal of files from System32, leaving computers inoperable if rebooted. Affected systems often lost their networking capabilities, leading to the helpful response from Panda to not reboot systems as they deployed an update to fix the issue...over the network.
A variety of issues have been identified in Comodo Antivirus this year, again from the work of Tavis Ormandy and team. Among these was the bundled program "GeekBuddy" which installs and starts a poorly protected VNC server. This disclosure is actually the "fixed" version of this program, as disclosures made in 2015 noted that the VNC server had no password at all.
On the topic of passwords, Ormandy discovered a vulnerability in Trend Micro Antivirus in which the bundled password manager launches a local web server that listens for API commands from the internet, without a whitelist or same origin policy—effectively allowing remote code execution. In a message to Trend Micro, Ormandy stated that "Anyone on the internet can steal all of your passwords completely silently, as well as execute arbitrary code with zero user interaction. I really hope the gravity of this is clear to you, because I'm astonished about this."
But We have a solution to your problem we provides Mcafee Customer Support services you may call at 0800-069-8567 Toll-Free Number for more info also you may visit our site here Mcafee Support Number