Endpoint Protection

Hello,

I found this interesting link which I think should be looked at by Symantec developers.

https://googleprojectzero.blogspot.be/2016/06/how-to-compromise-enterprise-endpoint.html

Today we’re publishing details of multiple critical vulnerabilities that we discovered, including many wormable remote code execution flaws.

These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible. In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.


As Symantec use the same core engine across their entire product line, all Symantec and Norton branded antivirus products are affected by these vulnerabilities, including:


Norton Security, Norton 360, and other legacy Norton products (All Platforms)
Symantec Endpoint Protection (All Versions, All Platforms)
Symantec Email Security (All Platforms)
Symantec Protection Engine (All Platforms)
Symantec Protection for SharePoint Servers
And so on.


Some of these products cannot be automatically updated, and administrators must take immediate action to protect their networks. Symantec has published advisories for customers, available here.


Let’s take a look at a sample of the vulnerabilities we found.

Kind Regards,

They're aware.

A new SEP version was just released two days ago, 12.1.6 MP5, which fixes these. Not sure about other Symantec products yet though.

New fixes and component versions in Symantec Endpoint Protection 12.1.6 MP5
https://support.symantec.com/en_US/article.INFO3801.html

hi, is this related to the small business version too ?