Video Screencast Help

Security Community Blog

Showing posts in English
Mithun Sanghavi | 02 Oct 2012 | 4 comments

 

The Latest version of LiveUpdate Administrator (LUA) version 2.3.2 is now available.

Contact Symantec Technical Support to grab the Latest Copy of LiveUpdate Administrator (LUA) version 2.3.2

The installation file (147.35 MB) and will later be included on the SEP 12.1 RU2 DVD’s (SEP 12.1 RU2 is yet to be released)

Some of the features included in this release

  • Packaged with Apache Tomcat version 7.0.26 and PostgreSQL version 9.1.3.
  • Packaged with JRE 1.7 (private JRE, automatically bundled, installed and configured by the LUA installer).
  • Enhanced security with advanced features to protect the User Interface from certain attacks.
  • Added the ability to modify the LUA download directory path at any time (not just at install time).
  • Product Catalog will now automatically update to ensure catalog changes become available without any user...
Brandon Noble | 23 Aug 2012 | 0 comments

We have been seeing a recent wave of Trojan.Shylock variants with a lot of additional functionality than the older versions we have been used to.

Initially, many of these variants are detected generically as Backdoor.Trojan or Trojan Horse, but our new Shylock heuristic signatures (Trojan.Shylock!gen6 and Trojan.Shylock!gen7) should be changing this to a more accurate naming convention, and should be picking up a much wider spread of these threats.

Additionally we are hearing about some behavior that we have not been able to reproduce. Reports are saying that legitimate documents are getting hidden and then shortcuts with the same name of the document are being added in their place. These shortcuts actually launch a thumbs.db(x) file which is the Shylock Trojan, and they are meant to trick the user into running the threat. This is common behavior of for threats, as noted in this blog article from May 2012,...

Balamurugan Pitchiah | 17 Apr 2014 | 0 comments

Symantec has released Endpoint Protection 12.1.4.1a (12.1.4.4130).

This release resolves the Heartbleed OpenSSL vulnerability

http://www.symantec.com/docs/AL1555

Chetan Savade | 17 Apr 2014 | 16 comments

Hello Everyone,

Symantec Endpoint Protection 12.1 Release Update 4 Maintenance Patch 1A (12.1.4104.4130 - 12.1 RU4 MP1a) English has been released and is now available for customers to download on FlexNet. This new SEPM release addresses the OpenSSL “Heart Bleed” vulnerability. Additional language versions will become available throughout the week.

Please refer to the following KB article for additional detail:

Is Symantec Endpoint Protection affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160)

  • The new SEPM build is labeled RU4 MP1a with a version number of 12.1.4104.4130.
  • This version of the SEPM is supported for migrations over any version of the SEPM (Customer does not need to update to RU4 prior to applying the MP1a)
  • The only...
vgtero | 15 Apr 2014 | 0 comments

A newly discovered vulnerability in OpenSSL, one of the most commonly used implementations of the SSL and TLS cryptographic protocols, presents an immediate and serious danger to any unpatched server. The bug, known as Heartbleed, allows attackers to intercept secure communications and steal sensitive information such as login credentials, personal data, or even decryption keys.

Customers of Control Compliance Suite can utilize the various modules to discover and detect the assets that are exposed to the Heartbleed vulnerability and prioritize its remediation and hardening efforts, based on the business criticality of the assets.

DeanJC | 14 Apr 2014 | 1 comment

In the referenced video, we discuss the advantages to using a code signing service, vs traditional code signing certificates to sign application code. The video features speakers from Symantec, Oracle and the Apache foundation.

SebastianZ | 14 Apr 2014 | 0 comments
  • Symantec Product Security has posted SYM14-005 Symantec LiveUpdate Administrator Unauthenticated/Unauthorized Account Access Modification and SQL injections advisory. This is a high severity advisory which affects LiveUpdate Administrator 2.3.2.99 and earlier. As part of normal best practices, Symantec strongly recommends keeping all operating systems and applications updated with the latest vendor patches.

Affected Products

...

Product

Version

Build

Solution(s)

Symantec LiveUpdate Administrator

2.x

2.3.2 and prior

Upgrade to LUA 2.3.2.110

Wally | 08 Apr 2014 | 0 comments

Additional information can be viewed in the unmanaged client's System Log to verify that licensing has been successful.

ALJohnson | 08 Apr 2014 | 1 comment

Symantec launched its 2014 Internet Security Threat Report (ISTR), Volume 19, which highlights how cybercriminals unleashed the most damaging series of cyberattacks in history – ushering in the era of the “Mega Breach.” Please visit the ISTR landing page for this year’s report and supplemental assets.

 

Muad'Dib | 03 Apr 2014 | 0 comments

If you have issues with changing the Installed Feature Set, ensure you disable the Uninstall Password option before deploying the Installation Package to the target group.