I just came across this US-CERT alert: https://www.us-cert.gov/ncas/alerts/TA16-187A Original release date: July 05, 2016 Overview Symantec and Norton branded antivirus products contain multiple vulnerabilities. Some of these products are in widespread use throughout government and industry. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system. ... A heap overflow vulnerability in the ASPack unpacker could allow an unauthenticated remote attacker to gain root privileges on Linux or OSX platforms. The vulnerability can be triggered remotely using a malicious file (via email or link) with no user interaction. --------- How ironic! This does not seem to have been picked up by Mac news websites.