Endpoint Protection

Hello - I am receiving the following message (see attachment) ona few computers - can you tell me what iit means and how to solve the issue.

thanks

Attachment(s)

sep error msg.docx   592 KB 1 version

See this:

https://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=23179

Patches for the correct OS architecture are found here:

http://www.securityfocus.com/bid/31874/solution

Make sure you patch.

check more information on the IPS signature for this detection

http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=23179

you should be applying the MS patch, specifically http://technet.microsoft.com/en-us/security/bulletin/ms08-067

No need to worry its from symantec network intrusion protection. you can disable the pop up if u want to

http://service1.symantec.com/SUPPORT/ent-security.nsf/2326c6a13572aeb788257363002b62aa/bb87382b1908802888257439000d1dcd?OpenDocument

all the windows patches should be upto date

you can manually run windows update from control pannel.

Hi MzSolo,

Defintiely do get those patches applied, and do ensure that IPS is functioning on all SEP clients.  Trying to protect against today's sophisticated threats with AV alone is like fighting with one hand tied behind your back.

Some other excellent advice from Security Response:

http://www.symantec.com/theme.jsp?themeid=stopping_malware&depthpath=0

What do I dio if the patches are up to date?

What is the source IP of the attacker? Internal or external?

If internal, there would seem to be an affected machine still on your network somewhere...if external than SEP is doing its job by blocking.

In any case, SEP is still doing its job by blocking the attempted attacks.