Endpoint Protection

 View Only

  • 1.  SEP security update

    Posted Nov 19, 2015 02:56 AM
    I have SEP 12.1.5 installed in my environment. I understand that Symantec has released a security update SYM15-011 for 12.1.6 MP1. I would like to know if this update is applicable for 12.1.5 systems as well. Do I need to update this patch on my system? Is there any impact if I do not apply this update on my system? Please help


  • 2.  RE: SEP security update

    Posted Nov 19, 2015 03:15 AM

    either update the clients or the SEPM.

    The management console for Symantec Endpoint Protection Manager (SEPM) is susceptible to OS command execution, Java code execution elevation of privilege. SEP clients are susceptible to a binary planting vulnerability that could result in arbitrary code running with system privileges on a client due to only partially addressing this issue in previous releases.

     

    To fully mitigate CVE-2015-8113, one side of the client-server connection has to be upgraded to RU6 MP3. Administrators can choose to update the SEPM server or the client only to SEP 12.1-RU6-MP3 and the issue will be resolved.

    https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20151109_00



  • 3.  RE: SEP security update

    Posted Nov 19, 2015 04:43 AM
    So does it mean the 12.1.5 users also needs to update to 12.1.6 MP3 ? So moreover it is a kind of version upgrade? How abt the licensing if this is of version upgrade ?


  • 4.  RE: SEP security update

    Posted Nov 19, 2015 04:52 AM

    Yes thats would be better, previous licenses are still valid its an inplace upgrade

    https://fileconnect.symantec.com

    put your serial number, download the latest version, 

    this discussion will help you out.

    https://www-secure.symantec.com/connect/forums/upgrade-sepm-1215-1216#comment-11301181



  • 5.  RE: SEP security update

    Posted Nov 19, 2015 05:07 AM

    Yes it recommended to upgrade your SEPM and SEP clients to upgrade to 12.1.6 MP3. yes it is a version upgrade. your existing license will be applicable to the version as well. simply head to fileconnect and put your serial number to download the latest version.



  • 6.  RE: SEP security update

    Posted Nov 19, 2015 05:19 AM

    Yes thats would be better, previous licenses are still valid its an inplace upgrade

    https://fileconnect.symantec.com

    put your serial number, download the latest version, 

    this discussion will help you out.

    https://www-secure.symantec.com/connect/forums/upg.



  • 7.  RE: SEP security update

    Posted Nov 19, 2015 05:49 AM

    Yes you should get SEPM and clients both to 12.1.6 MP3.

    This version corrects the vulnerability. Licensing remains the same and should seeno change.