Multiple Symantec Product Vuln
Page 1 of 3 123 LastLast
Results 1 to 10 of 26

Thread: Multiple Symantec Product Vuln

  1. #1
    Member
    Join Date
    Dec 2003
    Posts
    97

    Multiple Symantec Product Vuln

    As if the Microsoft patches weren't enough, there's an issue with many Symantec products and their UPX parsing engine.

    http://secunia.com/advisories/14179/

    This one's fun because:

    It affects a security product (your antivirus / antispam software) and;

    it requires a re-install of the new version, rather than a patch to fix it.

    Good patching, everyone!

  2. #2
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    Looks like no sleep for me over the next 3 days.

    Thanks!

    TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #3
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    Do you think it includes corprate products?

  4. #4
    Senior Member
    Join Date
    May 2003
    Posts
    1,199
    dammit...this just sucks. oh well time to start updating, its cool though, only about 90 percent of our clietns use symantec...*slams head into desk*
    Everyone is going to die, I am just as good of a reason as any.

    http://think-smarter.blogspot.com

  5. #5
    Senior Member
    Join Date
    Oct 2003
    Location
    MA
    Posts
    1,052
    Haha xtc, well I guess thats a plus side of selling mcafee 2005 at my place, even though I hate Mcafee.

    Edit- I take that back, I like stinger and mcafee for dos becuase they are simple and free.

  6. #6
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    Originally posted here by oofki
    Do you think it includes corprate products?
    Yep. If you were to RTFA, in the beginning under software you would have seen
    Symantec AntiVirus Corporate Edition 8.x
    Symantec AntiVirus Corporate Edition 9.x
    Normally advisories contain such information. May want to look there before asking.
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  7. #7
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    The following is the official Symantec advisory:

    http://www.symantec.com/avcenter/sec...005.02.08.html

    I have been in contact with Symantec and have been told that the Virus definitions posted yesterday (2005-02-09) contain a signature which will detect any attempt to exploit this vulnerability and quarantine the virus. This does not fix the problem, we are all still going to have to patch & upgrade but it does offer a little protection.

    Cheers:
    DjM

  8. #8
    Junior Member
    Join Date
    Sep 2003
    Location
    Virginia Beach VA
    Posts
    10
    According to Symantec's website version 9.0 (enterprise or corporate whatever you want to call it) there are no updates at this time. Keep you fingers crossed. We have the latetest def's and will watch very carefully.

  9. #9
    Senior Member
    Join Date
    Apr 2004
    Posts
    157

    Thumbs down

    Maaaan!
    Symantec's stupid documentation says sometimes you have the Maintenance Releases available and sometimes not. Sometimes Live Update will fix it. Download the latest MR from here: http://www.symantec.com/techsupp/
    I tried Live Update, but nopes.. not getting the latest version.
    And I search all over for this stupid MR and can't find it anywhere... end up having to call them, and the guy says, yeah.. got phone calls about that all morning.. ! It's not very well described on the homepage, but you actually have to download the latest full product and reinstall the whole thing.. !!!

    So here I'm waiting for this 213MB file to finish downloading now.. and some fun reinstallation... joy!
    This was supposed to be a nice 4 day work week... argh!

    At least tomorrow will be an easy day to reboot servers.. heh!

  10. #10
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by ny9777
    According to Symantec's website version 9.0 (enterprise or corporate whatever you want to call it) there are no updates at this time. Keep you fingers crossed. We have the latetest def's and will watch very carefully.
    Symantec will be releasing v.10 in March I am told. I have also been told that the risk of waiting (to upgrade to v.10) is low and at this time the def's should serve to protect our systems until then.

    As for the "no updates at this time". The story I am getting, is that they (Symantec) are working on the latest versions first (v.10) and will work their way down. For those still running version 8.0.1 or lower, don't hold your breath, they will likely not be patched.

    Cheers:
    DjM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •