Endpoint Protection

Hello,

Anybody know about existence of fix vulnerabilities in 12.1.6 ? link http://codewhitesec.blogspot.in/2015/07/symantec-endpoint-protection.html?m=1

Yes, you need to upgrade to 12.1.6.1 to fix this, see here:

https://www-secure.symantec.com/connect/forums/vulnerabilities-sep-client-and-sepm-upgrade-sep-121-ru6-mp1

Hi,

Thank you for posting in Symantec community.

I would be glad to answer your query.

Upgrade to the latest version can be a solution but If it is not possible to upgrade immediately.  Also, ensure that SEP's IPS component is installed and enabled.  The following new IPS signatures will offer protection against attempted exploits of the vulnerabilities:

• 28651 (Web Attack: SEPM SQL Injection)
• 28650 (Web Attack: SEPM Directory Traversal)
• 28649 (Web Attack: SEPM unauthenticated password reset)

I downloaded the 12.1.6.1 packages.

The SEPM and Windows clients are a new version, but the Linux (RPM) package says it is the same version as 12.1.6 that I have installed when I try to upgrade them.

Are the Linux packages not 12.1.6.1?

Thanks!

That's right, Updated linux packages are not for 12.1.6.1.

Would have maybe been nice if the original document stated this, for my compliance documentation purposes.

Thanks!

I am deploying SEP 12.1 RU6 MP1 in my test lab, will update you with more details.

Only Windows 32bit and 64 bit versions are available with RU6 MP1 versions (12.1.6306.6100), Linux & MAC packages are still with RU6 version (12.1.6168.6000) because basically this patch is released for Windows 10 compatibility.

I do agree with you as well that it should have been documented somewhere, I will try to find more details on it & pass on necessary feedback to the concern team also.

Thanks, again!

RU6mp1a Released

https://support.symantec.com/en_US/article.TECH231856.html

Dear "Insert your favorite spiritual deity here...",

Please watch over the SEPM 12.1 RU6 MP1a installer as I regretfully install it into my production environment with less than 24 hours worth of testing. Yes I am fully aware that this is a sin in the world of IT Management, but you see my hand is being forced commit such an act do to a slurry of ill timed vulnerabilities. Let us also hope that the wise an talented SEPM developers have done all the necessary testing that they could to help ensure that their customers do not break their entire enterprise in one fell swoop.

I now bow my head as I move my cursor toward the...gulp...install button.

12.1 RU6 MP1 A

https://support.symantec.com/en_US/article.TECH231856.html#12.1.6_MP1a

What about russian version of 12.1 RU6 MP1 A ? In fileconnect I found only English International release.

Hi zigen, generally, localized version of SEPM are release few weeks later than the English version. You need to wait a little bit. Same thing for the French release.

Our upgrade went smoothly. 

We went from 12.1.5337.5000 to 12.1.6168.6000 two weeks ago.  Then up to 12.1.6318.6100 yesterday.

We have 2 Sites. One site with two SEPMs using a shared database and the other site as fail-over with replication across sites. 

8000 clients

test

Thanks for the note MDT...it's nice to read about successes in an environment similar to ours.

-Mike

SEPM 12.1 RU6 MP1a have been release in any other languages.

You can download it on FlexNet