SEP 11 Critical Vulnerability - CVE-2012-4953
Created: 06 Nov 2012 | 8 comments
Is there any additional available about CVE-2012-4953? There is only the US-CERT announcment at http://www.kb.cert.org/vuls/id/985625. I can't find any information here on Symantec's site. I'm looking to understand the vector and remediation options better. The current statement that there will be no fix for a critical vuln in the still supported (but EOL) SEP 11 is a serious concern.
David
Discussion Filed Under:
Comments 8 Comments • Jump to latest comment
I cannot find anything either.
Your best bet would be to call support to see what they have. Or perhaps if you can works with your SE on it, they may be able to get you something.
SEP Knowledge Base
Endpoint SWAT
Contact the Support..
Phone numbers to contact Tech Support:-
Regional Support Telephone Numbers:
United States: 800-342-0652 (407-357-7600 from outside the United States)
Australia: 1300 365510 (+61 2 8220 7111 from outside Australia)
United Kingdom: +44 (0) 870 606 6000
India: Toll-Free 000 800 4401 456 directly
IDD call: +61 2 8220 7111
Additional contact numbers: http://www.symantec.com/business/support/contact_techsupp_static.jsp
Customer Care Contact Numbers for Licensing Issues:-
http://www.symantec.com/support/assistance_care.jsp
How to create a new case in MySupport
http://www.symantec.com/business/support/index?page=content&id=TECH58873
The SEP product team has received the vulnerability report (VU#985625) from CERT and we are actively working on a response that will include all affected versions of Symantec products as well as mitigation plans . Please be assured that all versions of SEP 12.1 are unaffected by CERT VU#985625. We will provide an official advisory on Wednesday, November 7 PST.
Thank you for your patience until that time.
Scott Sawoya
SEP Product Management Team
Scott,
Will there be a KB addressing this vulnerability?!
The official Symantec Security Advisory for the SEP Decomposer CAB File Issue (CERT VU#985625) has been posted.
The Security Advisory for CERT VU#985625 provides an overview, as well as technical details on this issue. The advisory also includes steps for mitigation.
The link can be found here: http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20121107_00
Thank you for your patience.
Scott Sawoya
SEP Product Management Team
The official Symantec Security Advisory for the SEP Decomposer CAB File Issue (CERT VU#985625) has been updated and is now live at the link below.
http://www.symantec.com/security_response/security...
Highlights of the changes in this update:
Thank you.
Scott Sawoya
SEP Product Management Team
We have released a Fix Tool for this issue that automates replacement of the decomposer engine for Symantec Endpoint Protection 11 RU5 to RU7 MP3.
The tool will update each RU5 to RU7 MP3 client to Decomposer version 1.2.8 and will need to be run on each client system. The SYM12-017 Symantec Legacy Decomposer CAB File Issues KB article has been updated with detailed instructions on the use of this tool. The tool can also be downloaded directly from the KB article, here: http://www.symantec.com/business/support/index?pag...
Thank you for your continued patience on this issue.
Scott Sawoya
SEP Product Management
Just adding new information that may be of interest:
With thanks and best regards,
Mick
Would you like to reply?
Login or Register to post your comment.