Note: Please do not post Personally Identifiable Information like email address, personal phone number, physical home address, product key etc.

Issue abstract:

Detailed description:

Product & version number:

OS details:

What is the error message you are seeing?

norton has blocked a vulnerable driver. The driver panorama9.agent.service.sys has been blocked due to vulnerabilities that can make your PC’s operating system unstable or even increase the risk of hacker attacks. If you need to add an exception to load this driver, you should disable blocking vulnerable drivers in settings.

So, what must I do with these warning? Is this dangeres? How can I solve this?

Hello @ludwigvan_osselaer

Do you trust this driver?

related pics here
related threads here

=============================
Is this your panorama9 here & here

=============================

Drivers are small programs that allow the operating system to interact with hardware devices; if a driver has known vulnerabilities, attackers could potentially exploit them to gain unauthorized access or control.

Hello @ludwigvan_osselaer

@ludwigvan_osselaer If you are NOT using a device that is owned and maintained by an employer or using it in a managed environment. AND, have not installed this software yourself this is an issue. It is used for remote management of managed assets as Guru bjm described. Please advise to use how this is on this device and what your usage scenario is so we can better assist.

SA

I don’t know what the program is for and would like to remove it but don’t know how. Is it a program that should be searched for within norton?

You don’t know what panorama9 is…?
https://en.wikipedia.org/wiki/Panorama9
https://x.com/panoramanine
https://www.facebook.com/Panorama9/

are you using “panorama9”?
can you post related screenshot?

Do you trust the driver? … panorama9.agent.service.sys

did you reach out to support@panorama9.com
did you share related screenshot with support@panorama9.com

====================================

AI Overview
A vulnerable driver in Panorama9 could indicate a security risk that allows attackers to gain access to a system.

• Drivers are small programs that allow the operating system to communicate with hardware devices.
• If a driver has known vulnerabilities, attackers could exploit them to gain unauthorized access or control.
• The Panorama9 agent is a software application that monitors a system’s hardware health, software updates, and network performance.

How to mitigate the risk [2, 3]

• Use Hypervisor-Protected Code Integrity (HVCI) to block vulnerable drivers by default. [2, 3]
• Configure the vulnerable driver list WDAC policy or a custom version of the list. [4]
• Turn on additional protection features using the Windows Defender App Control Policy Wizard. [4]

Additional information [5]

• You can use the Panorama9 Deployment Debug Tool to troubleshoot and get feedback about what is going on. [5]
• You can temporarily suspend notifications if you’re doing maintenance work on a server. [6]
• You can use the command-line to enable or disable the Panorama9 Connect client. [6]

Generative AI is experimental.

[1] Norton has blocked a vulnerable driver

[2] https://research.checkpoint.com/2024/breaking-boundaries-investigating-vulnerable-drivers-and-mitigating-risks/

[3] https://blogs.vmware.com/security/2023/10/hunting-vulnerable-kernel-drivers.html

[4] https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/strategies-to-monitor-and-prevent-vulnerable-driver-attacks/4103985

[5] Troubleshooting remote installation on MS Windows | P9 | Support

[6] Configure the P9 Agent for Microsoft Windows | P9 | Support

================================================