Endpoint Protection

 View Only
Back to discussions
Expand all | Collapse all

Bloodhound.Flash.24

ℬrίαη

ℬrίαηApr 30, 2014 11:59 AM

Definitely need to update your content :)

  • 1.  Bloodhound.Flash.24

    Posted Apr 30, 2014 11:51 AM

    Would virus def. 4/28/14 r16 protect against Bloodhound.Flash.24 or do I need 4/30/14 r2 ?

    For some reason I cant update my SEPM to the latest ver. Never had an issue before - maybe because everyone is trying to download?

     



  • 2.  RE: Bloodhound.Flash.24

    Posted Apr 30, 2014 11:55 AM

    You need to update, see here:

    http://www.symantec.com/security_response/writeup.jsp?docid=2014-042909-5556-99

    April 29, 2014 revision 008 is the first to offer protection against it.

    Also, first discovered April 29th so April 28th defs would not protect against it.



  • 3.  RE: Bloodhound.Flash.24

    Posted Apr 30, 2014 11:57 AM

    I should have added that this is SEPM 12.1.1

     



  • 4.  RE: Bloodhound.Flash.24

    Posted Apr 30, 2014 11:59 AM

    Definitely need to update your content :)



  • 5.  RE: Bloodhound.Flash.24

    Posted Apr 30, 2014 12:06 PM

     

    Its saying - no updates found for symantec endpoint protection manager catalog 12.1

    However manager virus ver is 4/28/14 r16

     

     



  • 6.  RE: Bloodhound.Flash.24

    Posted Apr 30, 2014 12:10 PM

    Latest should be 4/30/2014 r2

    http://www.symantec.com/security_response/definitions.jsp



  • 7.  RE: Bloodhound.Flash.24

    Posted Apr 30, 2014 12:19 PM

    You can RUN live update manually

    Downloading LiveUpdate content manually to Symantec Endpoint Protection Manager

    http://www.symantec.com/business/support/index?page=content&id=HOWTO80806



  • 8.  RE: Bloodhound.Flash.24

    Posted Apr 30, 2014 01:22 PM

    You can update the defintion manually on infected system if you not want to update the sepm.(.exe from link)

    If possible then update the defintion on sepm. (.jdb from link)

    http://www.symantec.com/security_response/definitions/download/detail.jsp?gid=sep

     



  • 9.  RE: Bloodhound.Flash.24

    Posted Apr 30, 2014 02:25 PM

    Yeah I tried to run LU but having issues. It wont update???? this is a first

     



  • 10.  RE: Bloodhound.Flash.24

    Broadcom Employee
    Posted Apr 30, 2014 02:49 PM

    can you use the jdb file and also look into Liveupdate log/

     



  • 11.  RE: Bloodhound.Flash.24

    Posted May 01, 2014 01:06 AM

    Can you update the jdb file?

    What the issue while run LU?



  • 12.  RE: Bloodhound.Flash.24

    Posted May 01, 2014 04:08 AM

    Also: I recommend using IPS as well as AV and ensuring that all releases of Flash used throughout your organization are updated.  There is a latest version available now from Adobe which is not vulnerabile to that zero-day, and there are also IPS signatures against malicious Flash exploit traffic.

    More info:

    Adobe Patches Exploited Flash Player Vulnerability
    https://www-secure.symantec.com/connect/blogs/adobe-patches-exploited-flash-player-vulnerability

     

    Many thanks!

    Mick



  • 13.  RE: Bloodhound.Flash.24

    Posted May 01, 2014 07:37 AM

    LU worked but I am having a strange issue. This morning new virus def. never downloaded. When I look at the schedule I have it set for start 2:00AM end 4:00AM daily but when I look in show LU status its saying next LU time is today at 11:30:59AM. Any ideas? I rebooted everything and no change.



  • 14.  RE: Bloodhound.Flash.24

    Posted May 05, 2014 02:45 AM

    See this article for schedule the exact to download

    Configuring the LiveUpdate download schedule for Symantec Endpoint Protection Manager

    Article:HOWTO54810  |  Created: 2011-06-29  |  Updated: 2011-12-20  |  Article URL http://www.symantec.com/docs/HOWTO54810