Hi Guys,

What is the latest version of SEPM?

currently iam using 12.1 RU4..

SEPM 12.1.4 MP1

Latest Symantec Endpoint Protection Release - SEP 12 RU4 MP1 (12.1.4100.4126)

https://www-secure.symantec.com/connect/blogs/latest-symantec-endpoint-protection-release-sep-12-ru4-mp1-12141004126

Hi,

i was planning to upgrade the manager with the vulnerability fix of 12.1 RU4a..So i can directly go to this version?

Yes you can direct upgrade

Upgrading or migrating to Symantec Endpoint Protection 12.1.4100.4126 (RU4 MP1)

Latest version 12.1 RU4 MP1

You can download it from file connect

https://symantec.flexnetoperations.com/control/symc/registeranonymouslicensetoken

Direct path for upgrade

Upgrading or migrating to Symantec Endpoint Protection 12.1.4100.4126 (RU4 MP1)

New fixes and features in Symantec Endpoint Protection and Network Access Control 12.1.4.1

Yes you can upgrade the direct to latest version 12.1.4100.4126 (RU4 MP1).

SYM14-004 vulnerability fixed in the 12.1.4 ru4a or later version

SYM14-004 Symantec Endpoint Protection Management Vulnerabilities

Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Manager Vulnerabilities

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140213_00 

12.1.4.1

Upgrading or migrating to Symantec Endpoint Protection 12.1.4100.4126 (RU4 MP1)

Yes you can upgrade directly tothis version

Thanks Guys,

i will update directly to latest version..is there any problems reported so far?

i will update directly to latest version..is there any problems reported so far?

No,If you will received any problem after upgrade please update the thread.

Till no issue is reported. You can upgrade.

Not as of yet but it just came out 2 weeks ago

HI Srikant,

Lastes version released on 13th of Feb 2014 is SEPM RU MP4 12.1.4a. Version is 12.1.4023.4080.

you can update this version. you shuld also update SEPM because from SEPM RU 12.4 MP2 to MP4 is vulnerable of Heartbleed bug.

SEPM 12.1 RU2 to SEPM 12.1 RU4 MP1 (inclusive) are vulnerable. They utilize OpenSSL 1.0.1

Regards,

Ajay Singh

So latest version is vulnerable to heartbleed bug

IPS Signature has been released

Attack: OpenSSL Heartbleed CVE-2014-0160 3

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=27517

This signature was added in Security Update: 772 [Extended version: April 10, 2014 Rev: 012]

See this thread

https://www-secure.symantec.com/connect/forums/openssl-bug

Is Symantec Endpoint Protection affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160)

How we can update that patch in our side

1. Symantec Endpoint Protection clients are not impacted.
2. No versions of Symantec Endpoint Protection 11 (SEP) are impacted. They use an earlier version of OpenSSL which is not vulnerable.
3. SEPM 12.1 RTM to SEPM 12.1 RU1 MP1 are not impacted. They use an earlier version of OpenSSL that is not vulnerable.
4. SEPM 12.1 RU2 to SEPM 12.1 RU4 MP1 (inclusive) are vulnerable. They utilize OpenSSL 1.0.1

This article will be updated when the new version is available. Subscribe to this article to be notified of any changes to this article

http://www.symantec.com/business/support/index?page=content&id=TECH216558

This i have read already..

Symantec Team still working on that issue.

http://www.symantec.com/outbreak/?id=heartbleed

You can follow below thread.

https://www-secure.symantec.com/connect/forums/heartbleed-bug-sepm-consoles

https://www-secure.symantec.com/connect/forums/openssl-bug

Hi,

As symantec has released new update to fix this heartbleed bug for latest SEPM version..now in which way i will migrate?

Whether to 12.1 RU4 MP1a directly or 12.1 RU4 MP1 and then 12.1 RU4 MP1a?

if i upgrade directly to this MP1a version, can i able to upgrade clients?

Whether to 12.1 RU4 MP1a directly or 12.1 RU4 MP1 and then 12.1 RU4 MP1a?

if i upgrade directly to this MP1a version, can i able to upgrade clients?

Yes you can direct upgrade that version

if i direct upgrade this version means, can i able to upgrade clients, bcoz it mentioned as this is update only for manager not for clients.

Only the Symantec Endpoint Protection Manager version is updated to 12.1 RU4 MP1a, not SEP client

If you can only upgrade the client not to SEPM then import the package into server and deploy it

How to manually import client packages into Endpoint Protection Manager (SEPM)

Please refer to the following KB article for additional detail:

Is Symantec Endpoint Protection affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160)

• The new SEPM build is labeled RU4 MP1a with a version number of 12.1.4104.4130.

• This version of the SEPM is supported for migrations over any version of the SEPM (Customer does not need to update to RU4 prior to applying the MP1a)

• The only change from RU4 MP1 to RU4 MP1a is the updated version of OpenSSL.

• The packages directory of the SEPM will include the RU4 MP1 RTM build of SEP or SNAC depending on the CD Layout

• The Versions.txt will include the updated version information. Note: Due to the way this is generated, it will state the build number correctly, but the build number will also show an updated SEP client, which is not included.

• This is all noted in the KB article.

Once files are live, we will be updating the KB article with the availability information

Symantec Endpoint Protection 12.1 Release Update 4 Maintenance Patch 1A (12.1 RU4 MP1a) English has been posted to FlexNet!

https://www-secure.symantec.com/connect/blogs/symantec-endpoint-protection-121-release-update-4-maintenance-patch-1a-121-ru4-mp1a-english-ha

So, i have to upgrade manager and import client package manually, so that i can upgrade cleints also.

So, i have to upgrade manager and import client package manually, so that i can upgrade cleints also

No, you don't required manually import client package,

Symantec Endpoint Protection 12.1.4.1a is now available

Symantec 12.1.4104.4130 - 12.1 RU4 MP1a is available in English version.

Download from file connect

https://symantec.flexnetoperations.com/control/symc/registeranonymouslicensetoken

This setup can only be upgrade the sepm manager to fix the OpenSSL “Heart Bleed” vulnerability

There are no updates to the client installation packages included with this release. This Symantec Endpoint Protection Manager update is a complete release and accepts migrations from any previous release of the Symantec Endpoint Protection 12.1 product line.

Is Symantec Endpoint Protection affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160)

Hello, 

Latest version of SEP is 12.1.4 which is released for heart bleed.

Regards

Ajin

All my clients are updated by SEPM to 12.1.4100.4126; excepting one which still shows 12.1.4013.4013, have tried update policy, updating ploicy file, Install 12.1.4100.4126, repair but nothing is working, difinitions are updated but not the release. what else is wrong, can anyone suggest me