Threat Level: green Handler on Duty: Russ McRee

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Critical Symantec Endpoint Protection Vulnerability

Published: 2016-06-29
Last Updated: 2016-06-29 19:26:52 UTC
by Johannes Ullrich (Version: 1)
7 comment(s)

Google's "Project Zero" released details about a number of critical vulnerabilities in Symantec's Endpoint Protection prodoct [1]. The vulnerabilities allow for arbitrary code execution on systems with this product installed. Other Symantec products are affected as well , since the vulnerabilities affect the core scanning engine in Symantec Endpoint Protection.

Symantec has released updates, and given the details released by Google you should update as soon as possible. You will need to update the actual Symantec product, which is different from performing a signature update (the signature update happens automatically)

[1] http://googleprojectzero.blogspot.ca/2016/06/how-to-compromise-enterprise-endpoint.html

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

Keywords:
7 comment(s)
Diary Archives