The Project Zero team at Google published details of multiple critical vulnerabilities in all platform editions of Symantec Endpoint Protection.
The report said the "vulnerabilities are as bad as it gets", with the potentila for remote exploits corrupting kernel memory without requiring any user action.
Symantec has responded by publishing a long list of security advisories.
http://googleprojectzero.blogspot.com/2016/06/how-to-compromise-enterprise-endpoint.html