Endpoint Protection

 View Only

  • 1.  SYM15-011

    Posted Nov 10, 2015 10:18 AM

    Can someone tell me if there is a workaround for this advisories? I'm running SEP 12.1.4104 and planning to upgrade next year but need a solution until then. Thank you

     

    http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20151109_00

     

     

     

     



  • 2.  RE: SYM15-011

    Posted Nov 10, 2015 04:10 PM

    An IPS signature will be available soon:

    Symantec will be releasing the following IPS signature to detect/prevent attempts against CVE-2015-6555 in SEPM. Detections will be available through normal Symantec security update channels.

    28950 Attack: SEPM JRMI RCE

    The tru fix is to get to 12.1.6 MP3 though



  • 3.  RE: SYM15-011

    Posted Nov 11, 2015 07:07 AM

    Hi artk1,

    I recommend upgrading now rather than waiting.  The IPS signature is a layer of defense, but a RU6 MP3 SEPM or client is invulnerable.

    With many thanks,

    Mick



  • 4.  RE: SYM15-011

    Broadcom Employee
    Posted Nov 12, 2015 04:51 AM

    Hi,

    As Mick2009 said plan an upgrade. Upgrade is pretty similar from SEPM 12.1.4104 to the latest version. It won't take more than 20-25 minutes to upgrade SEPM & then can plan client upgrade.

    OR

    If doesn't want to upgrade SEPM can simply import the latest version (RU6 MP3) & apply it to the clients though it's not a best practice.

    Manually import client packages into Endpoint Protection Manager

    http://www.symantec.com/docs/TECH122824

     

     

     

     

     



  • 5.  RE: SYM15-011

    Broadcom Employee
    Posted Dec 23, 2015 01:56 PM

    Is there any update?

    OR

    If your query has been resolved mark this thread as a Solved with the best answer that helps you.