Please be aware of this new vulnerability related to Symantec's Anti-Virus Engine (AVE). AVE is one of the components of Symantec Endpoint Protection (SEP) as well as other Symantec products.
Security Advisories Relating to Symantec Products - Symantec Antivirus Engine Malformed PE Header Parser Memory Access Violation (SYM16-008)
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160516_00
There is no need to install a new version of SEP throughout your organization: Engine updates are delivered via LiveUpdate. Simply run LiveUpdate to protect your organization. The new AVE is included in certified LiveUpdate definitions sequence 177598, which appears as 5/16/2016 rev. 24 in the GUI.
The new Anti-Virus Engine v 20151.1.1.4 is not vulnerable to the Malformed PE Header Parser Memory Access Violation. To manually confirm that this new Engine version is in use by SEP:
Open the directory C:\ProgramData\Symantec\Symantec Endpoint Protection\CurrentVersion\Data\Definitions\VirusDefs\20160516.024 (or the latest that is present) and examine the file NAVENG32.DLL.
More details about Engines can be found in:
How to check the version of AV Engine, IPS Engine and Eraser Engine from the client computer
http://www.symantec.com/docs/TECH95856
This Symantec Antivirus Engine Malformed PE Header Parser Memory Access Violation vulnerability has been assigned CVE-2016-2208 "Symantec AVE malformed PE header parser memory access violation"
Symantec would like to thank Tavis Ormandy with Google's Project Zero, for reporting this to us and working with us as we addressed the issue.
With thanks and best regards,
Mick