Endpoint Protection

 View Only

  • 1.  Symantec vulnerability - Google project zero

    Posted Jun 29, 2016 04:40 PM

    Google project zero reported the following today: http://googleprojectzero.blogspot.fr/2016/06/how-to-compromise-enterprise-endpoint.html

     

    I honeslty thought this was patched but people are being adamant about this being a different vulnerability. Does Symantec have any plans to patch this via LU? What can we do in the mean time.



  • 2.  RE: Symantec vulnerability - Google project zero

    Posted Jun 29, 2016 04:42 PM

    It's fixed in 12.1.6 MP5 (all previous versions affected), which was released on Monday (6/27):

    New fixes and component versions in Symantec Endpoint Protection 12.1.6 MP5
    https://support.symantec.com/en_US/article.INFO3801.html



  • 3.  RE: Symantec vulnerability - Google project zero

    Posted Jun 29, 2016 05:20 PM

    Thanks Brian. So we have to upgrade SEPM and clients to 12.1.6 MP5? No LU to patch this?



  • 4.  RE: Symantec vulnerability - Google project zero
    Best Answer

    Posted Jun 29, 2016 05:23 PM

    It does require the product to be upgraded in order to mitigate the vulnerabilities.

    In addition, Symantec just posted a blog about this:

    https://www.symantec.com/connect/blogs/symantec-updates-now-available-norton-and-enterprise-products

    Per their Security Advisory, SEP is one of the products that requires an upgrade (No LU update available):

    https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00

     



  • 5.  RE: Symantec vulnerability - Google project zero

    Posted Jun 30, 2016 04:22 PM

    We're using SEP Small Biz Edition and I see no where in my portal to download this newest version. Does it work with or cover the Small Biz Edition? If so, where can I get it? If not, what about us concerning this vulnerability?

     



  • 6.  RE: Symantec vulnerability - Google project zero

    Posted Jul 05, 2016 04:25 PM

    I feel this is unacceptable and falls on Symantec.  Many customers (including us, and we have 3000+ licenses) don't run a managed environment due to the decentralized nature of their infrastructure.  So this means we have to have a tech physically upgrade these clients or depend on the end user to do it.

    Symantec really dropped the ball on this and honestly is causing us to rethink using SEP for our organization.  (yes I am aware that other vendors have vulns too).

    I just can't believe they provide updates over LU for the consumer versions and leave their enterprise customers out in the cold.

    What is the technical reason there is no way to have this patch delivered via LU? Also, there has been very little commuication of details about the process.  Big stain on the reputation of Symantec.  Seven year old, unpatched libraries? Not cool, Symantec.

     

    N