Threat Level: green Handler on Duty: Tom Webb

SANS ISC: InfoSec Handlers Diary Blog - Symantec AV Vulnerability Latest InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Symantec AV Vulnerability Latest

Published: 2006-05-29
Last Updated: 2006-05-29 21:21:41 UTC
by Kevin Liston (Version: 2)
0 comment(s)
Symantec has updated their advisory (http://www.symantec.com/avcenter/security/Content/2006.05.25.html)

They confirm that the following versions are affected:
Symantec Client Security-
   3.0 all builds
   3.1 all builds

Symantec Antivirus Corporate Edition-
   10.0 all builds

   10.1 all builds


The following patches are available:
Symantec Client Security-
   3.0 Builds 3.0.2.2010 and 3.0.2.2020
   3.1 Builds
3.1.0.394 and 3.1.0.400

Symantec Antivirus Corporate Edition-
   10.0 Builds
10.0.2.2010 and 10.0.2.2020
   10.1 Builds
10.1.0.394 and 10.1.0.400

Symantec recommends that you upgrade to a "patchable" version.  This may be bad news for some organizations.

Some have reported that the patching process is not trivial, and can be difficult to roll out in some environments.

At this time, there have been no reports of proof-of-concept-code or exploit code other than that held privately by eEye.

We have not received any reports of exploitation in the wild.
Keywords:
0 comment(s)
Diary Archives