Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Symantec AV Vulnerability Latest SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Symantec AV Vulnerability Latest
Symantec has updated their advisory (http://www.symantec.com/avcenter/security/Content/2006.05.25.html)

They confirm that the following versions are affected and patches are available:
Symantec Client Security-
   3.0 Builds 3.0.2.2010 and 3.0.2.2020
   3.1 Builds
3.1.0.394 and 3.1.0.400

Symantec Antivirus Corporate Edition-
   10.0 Builds
10.0.2.2010 and 10.0.2.2020
   10.1 Builds
10.1.0.394 and 10.1.0.400

Some have reported that the patching process is not trivial, and can be difficult to roll out in some environments.

At this time, there have been no reports of proof-of-concept-code or exploit code other than that held privately by eEye.

We have not received any reports of exploitation in the wild.
Kevin Liston

292 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!