DjM
September 13th, 2006, 09:00 PM
Just got this from Symantec:
SAVCE elevation of privilege vulnerability
Overview:
An elevation of privilege vulnerability in Symantec Client Security and
Symantec AntiVirus Corporate Edition could potentially allow a local
attacker to
execute code with elevated privileges on the target machine.
Affected Products
Listed as:
Product Version
Affected Build
Solution
Applicable Link
Symantec AntiVirus Corporate Edition 10.0
All builds prior to the solution
SAV 10 MR2 MP2 (SAV 10.0.2.2020) and later.
https://fileconnect.symantec.com/licenselogin.jsp
Symantec AntiVirus Corporate Edition 9.x
All builds prior to the solution
SAV 9 MR5 MP1 (SAV 9.0.5.1100 )and later.
https://fileconnect.symantec.com/licenselogin.jsp
Symantec AntiVirus Corporate Edition 8.1
All builds prior to the solution
SAV 8.1.1 MR9 build 393 and later.
https://fileconnect.symantec.com/licenselogin.jsp
Symantec Client Security 3.0
All builds prior to the solution
SCS 3.0.2 MR2-MP2 - build 2020 and later.
https://fileconnect.symantec.com/licenselogin.jsp
Symantec Client Security 2.x
All builds prior to the solution
SCS 2.0.5 MR5 MP 1 build 1100 and later.
https://fileconnect.symantec.com/licenselogin.jsp
Symantec Client Security 1.x
All builds prior to the solution
SCS 1.1.1 MR9 build 393
Note: SCS 1.1.1 and SAV 8.1.1 MR9 are available in English and Japanese
only. Symantec recommends that SAV Corporate 8.1.1 customers update to the
international English version of SAV CE 8.1.1 or migrate to a non-vulnerable
version of SAV Corporate Edition 9 or 10. Symantec Platinum Support
customers
can download the English 8.1 update from the Platinum web site. If you do
not have access to the Platinum web site, please contact Symantec Technical
Support to obtain the 8.1 update.
Unaffected Products
Listed as:
Product Version
Notes
Symantec AntiVirus Corporate Edition 10.1
No build of SAV CE 10.1 is affected
Symantec Client Security 3.1
No build of SCS 3.1 is affected
Norton product line all
None of the Norton products are affected
Symantec Response:
Symantec engineers have verified that these vulnerabilities exist in the
product versions listed in the table above and have provided updates to
address the
issues.
Symantec is not aware of any customers impacted by either of these issues or
of any attempts to exploit them.
As a part of normal best practices, users should keep vendor-supplied
patches for all application software and operating systems up-to-date.
Symantec
recommends any affected customers update their product to protect against
these types of threats.
Mitigation:
In a managed environment, administrators can lock the ability to change the
notification messages. This option prevents users from easily changing the
alert messages.
For additional information and any updates, please see the following
advisory: http://www.symantec.com/avcenter/security/SymantecAdvisories.html
Cheers:
SAVCE elevation of privilege vulnerability
Overview:
An elevation of privilege vulnerability in Symantec Client Security and
Symantec AntiVirus Corporate Edition could potentially allow a local
attacker to
execute code with elevated privileges on the target machine.
Affected Products
Listed as:
Product Version
Affected Build
Solution
Applicable Link
Symantec AntiVirus Corporate Edition 10.0
All builds prior to the solution
SAV 10 MR2 MP2 (SAV 10.0.2.2020) and later.
https://fileconnect.symantec.com/licenselogin.jsp
Symantec AntiVirus Corporate Edition 9.x
All builds prior to the solution
SAV 9 MR5 MP1 (SAV 9.0.5.1100 )and later.
https://fileconnect.symantec.com/licenselogin.jsp
Symantec AntiVirus Corporate Edition 8.1
All builds prior to the solution
SAV 8.1.1 MR9 build 393 and later.
https://fileconnect.symantec.com/licenselogin.jsp
Symantec Client Security 3.0
All builds prior to the solution
SCS 3.0.2 MR2-MP2 - build 2020 and later.
https://fileconnect.symantec.com/licenselogin.jsp
Symantec Client Security 2.x
All builds prior to the solution
SCS 2.0.5 MR5 MP 1 build 1100 and later.
https://fileconnect.symantec.com/licenselogin.jsp
Symantec Client Security 1.x
All builds prior to the solution
SCS 1.1.1 MR9 build 393
Note: SCS 1.1.1 and SAV 8.1.1 MR9 are available in English and Japanese
only. Symantec recommends that SAV Corporate 8.1.1 customers update to the
international English version of SAV CE 8.1.1 or migrate to a non-vulnerable
version of SAV Corporate Edition 9 or 10. Symantec Platinum Support
customers
can download the English 8.1 update from the Platinum web site. If you do
not have access to the Platinum web site, please contact Symantec Technical
Support to obtain the 8.1 update.
Unaffected Products
Listed as:
Product Version
Notes
Symantec AntiVirus Corporate Edition 10.1
No build of SAV CE 10.1 is affected
Symantec Client Security 3.1
No build of SCS 3.1 is affected
Norton product line all
None of the Norton products are affected
Symantec Response:
Symantec engineers have verified that these vulnerabilities exist in the
product versions listed in the table above and have provided updates to
address the
issues.
Symantec is not aware of any customers impacted by either of these issues or
of any attempts to exploit them.
As a part of normal best practices, users should keep vendor-supplied
patches for all application software and operating systems up-to-date.
Symantec
recommends any affected customers update their product to protect against
these types of threats.
Mitigation:
In a managed environment, administrators can lock the ability to change the
notification messages. This option prevents users from easily changing the
alert messages.
For additional information and any updates, please see the following
advisory: http://www.symantec.com/avcenter/security/SymantecAdvisories.html
Cheers: