Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Security Community Blog
Showing posts in English
Jeremy Henricks | 13 Nov 2014 | 4 comments

We need your help!  We would be grateful if you could give us about ten minutes of your time to help Symantec improve its knowledgebase content.

We know you want to get the right answers to your support questions, as quickly as possible. To do that, Symantec wants to provide you with online help articles that are easy to read and easy to use, and give you the information you need, when you want it. 

So that we can better understand your needs, we are asking for your feedback about two sample Symantec online help articles, each with two different versions. After you read the articles, please complete the short survey and share your opinions about the articles.  Thank you for your time—your responses will help us help you more effectively.

 

Test 1 – Push install Symantec Endpoint Protection 12.1 clients using Remote Push

Version A: http://www.symantec.com/docs/...

Avkash K | 20 Nov 2014 | 0 comments

Some bad news for Android users, A security weakness in Android mobile operating system versions below 5.0 has been noticed. It puts potentially every Android device at risk for privilege escalation attacks. It has been patched in Android 5.0 Lollipop – the latest version of the mobile operating system.

This vulnerability has been discovered by a security researcher named Jann Horn. 
This could allow any potential attacker to bypass the Address Space Layout Randomization (ASLR) defense and execute arbitrary code of their choice on a target device under certain circumstances. ASLR is a technique involved in protection from buffer overflow attacks.
The flaw resides in java.io.ObjectInputStream, which fails to check whether an Object that is being deserialized is actually a serializable object. The vulnerability was reported by the researcher to Google security team earlier this year.

Jann confirms ""When ObjectInputStream is used on untrusted inputs,...

Matt Cooke | 12 Nov 2014 | 0 comments

Symantec are building a new security client designed specifically for embedded systems.  We’ve taken the code base of our Critical System Protection client edition re-architected, feature enhanced and optimized it to run on embedded systems such as those used in industrial control systems, automotive, point of sale, healthcare and beyond.

We are inviting you to take part in our Symantec Embedded Security: Critical System Protection beta program beginning early December 2014. By participating in the beta program, you will be able to experience first hand the benefits of our new Internet of Things (IoT) product offering.

Key features in Symantec Embedded Security: Critical System Protection

Securing IoT devices: Symantec Embedded Security: Critical System Protection provides a signature-less policy-based approach to security for your terminals or embedded devices. Symantec Embedded Security: Critical System Protection...

Kari Ann | 05 Nov 2014 | 5 comments

Today, Symantec released a new security advisory impacting older versions of the Symantec Endpoint Protection Manager (SEPM). Product engineering teams have worked closely with SEC Consult Vulnerability Lab and @virtualminds_es to verify the vulnerabilities. The latest release, SEPM 12.1.5, is available on FileConnect and contains updates that prevent the issues and should be installed to prevent infection.

The issues affect XML External Entity Injection, reflected cross-site scripting and the potential for arbitrary file write/overwrite. The vulnerabilities are considered medium to high severity. With normal SEPM installation the affected port(s) should not be accessible without gaining initial access to the network. Successful exploitation of these vulnerabilities could result in unauthorized user-level access to the SEPM, elevated or application-level access on a server, or...

ryanschoenherr | 27 Oct 2014 | 0 comments

metrix_small1.png

 

Security

Security presents a challenge with regards to data analysis for two distinct reasons. First and foremost is the enterprise’s ability to keep pace with a fast-changing, ever-evolving security landscape. Most organizations have little to no visibility into where their confidential data is stored on the network, control over where that data is going, or what to do once they find it. Unsurprisingly, data-related security was cited as a top priority among business technology professionals who responded to a 2012 survey conducted by ...

Dhasan | 16 Oct 2014 | 0 comments

In Data Center Security Server Advance 6.0

If you navigate to the below location

DCS console - > Admin - > Settings - View configuration - > Master Server : 'Server Name and IP address'

 

When you have 2 or more DCS server installed and using same SQL DB, you will see the same name on all the DCS console.

 

This is actually not referring to the Primary DCS server.

It refers to which DCS server is resposible to send an alerts.

 

To determine, if you have got 2 DCS server , turn off your actualy primary DCS server, then you will see the 'Master server' name shows your secondary DCS server name.

 

master server.jpg

 

 

James Labonte | 14 Oct 2014 | 0 comments

Google recently announced the https certificate update to its search algorithm, it will directly impact on your website ranking, if your website carry the SSL Certificate then you will get the “Google Ranking” boost up. But think why Google is giving the more important to websites which has an SSL Certificate let me explain you.

 

https_0.PNG

 

An SSL Certificate is create a secure layer between your web browser and visitors’ web browsers, and making important data like banking & personal details in encrypted format. As phishing attacks are increasing nowadays, online security is major concern for the world. Google believes that by penalized the websites which don’t have an SSL Certificate, owners of the websites create the benchmark that show users are more likely to visit a websites which are secure with “https” and by this way people become more aware about...

Dhasan | 09 Oct 2014 | 1 comment

SEPM home page dash board is not updating quickly

After SEP client installation shows under up-to-date category even though the client is not up-to-date

This is observed if we install SEP Client using the package exported from SEPM a month or week ago...and the LU policy is set not to download updates from SEPM or directly from Symantec...that client goes to up-to-date category then after long time..it disappears from that then it goes to out-of-date..

 

AV - up to date.png

 

av -up to date.jpg

av -up to date 1.jpg

Chetan Savade | 07 Oct 2014 | 5 comments

Hello Everyone,

Symantec Endpoint Encryption v11.0.0 has been released. Release is now available on fileconnect to download.

New enhancements have been introuduced in the release, few of them are listed here:

Feature Highlights:

New integrated Endpoint Encryption client:

o   Built on PGP technology

o   Managed by Symantec Endpoint Encryption Management Server

Various client deployment options:

o   Provides support for never-connected and seldom-connected client deployment

o   Policy delivery though GPO, native policy or install-time policy

o   Seamless user registration and enrollment

Various Drive Encryption Recovery Options:

o   Help Desk...

Sankara | 06 Oct 2014 | 0 comments

Issue : Symantec Data Center Security 6.0 client not getting IP via DHCP even with Windows core policy

 

Cause : Known issue with SDCSS 6.0  -  Windows default core policy is not allowing svchost.exe to access DHCPCSVC.DLL

 

Environment : Symantec Data Center Security 6.0

 

Solution : 

Edit the SDCSS prevention policy

Navigate to 

 Sandboxes

  - Core OS Service Options

    - Default Windows Services [def_winsvcs_ps,netsvcs_ps]

       - Registry Rules

         - Writeable resource List

             - Allow but log modifications to these Registry keys

 

Resource Path:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services

Program Path: %systemroot%\system32\svchost.exe...