Endpoint Protection

 View Only
Expand all | Collapse all

New Vulnerability in SEPM: SYM13-005, Fixed by Upgrading to 12.1 RU3

  • 1.  New Vulnerability in SEPM: SYM13-005, Fixed by Upgrading to 12.1 RU3

    Posted Jun 19, 2013 05:39 AM

    Just raising awareness for all SEP Admins: Symantec has posted a new Security Advisory that affects all SEP 12.1 SEPMs earlier than the RU3 release. 

    "SEPM Secar.dll Buffer Overflow"   A DLL in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x server does not properly validate all external input.  This could potentially result in a buffer overflow and remote code execution with application privileges on the server that is hosting the management console.

    Please see this advisory for full details:

    Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Manager 12.1.x Buffer Overflow
    SYM13-005

     

    NOTE: Symantec is not aware of any customers affected by this issue or any malicious attempts to exploit this issue. Also, there are IPS signatures in place which will block malicious traffic that attempts to explot this.  Please ensure that the SEP client protecting your SEPM has the IPS component enabled and definitions up-to-date! 

    Keep in mind that upgrading will provide protection against any possible future exploit attempt, and also provide the benefit of many other fixes, enhancements and improvement.  See Latest Symantec Endpoint Protection Released - SEP 12.1.RU3 for details.

    Many thanks!

    Mick



  • 2.  RE: New Vulnerability in SEPM: SYM13-005, Fixed by Upgrading to 12.1 RU3

    Trusted Advisor
    Posted Jun 19, 2013 10:27 AM

    Hello,

    Thank you Mick for updating us all.

    It is indeed important keep consistency in the SEP environment and to Migrate to the Latest version of Symantec Endpoint Protection 12.1 RU3.

     



  • 3.  RE: New Vulnerability in SEPM: SYM13-005, Fixed by Upgrading to 12.1 RU3

    Posted Jun 20, 2013 04:46 AM

    Hi

    Thanks for the update

    Regards