Hi Cheryl,
On Tuesday 30 May 2006 09:21, Cheryl Olson wrote:
> patch for this exploit. Unfortunately, according to their website for
> the SCS 3.02 patch
> (http://www.symantec.com/techsupp/enterprise/products/sym_client_security
>/scs_3/files.html), a patch isn't being released for licensed versions of
The patches are specific to the Maintenance Release (MR) and Maintenance
Patch (MP) level for SCS that you are running. The versions for unlicensed
SCS should all work for our campus-supported versions of SCS.
> 3.02 and they're suggesting we upgrade to 3.1 which is only available as
> an early adopter on the campus software website. I'm assuming our
We intend to make 3.1 the current version very shortly unless we hear any
reports of issues with this release (none so far). So, unless you have a
pressing reason to stay with the older version, I would recommend that you
consider going this route:
1) update to SCS 3.1
2) apply the MP1 for 3.1
3) apply the PP1 for SCS 3.1 MP1
You can find all of these three installers here:
http://wssg.berkeley.edu/public/test/scs3-fortesting/
(first three downloads) temporarily until they are migrated to the main
Software site.
--Karl
Karl Grose
IST
=======
> software is licensed. Has anyone found a work-around to this or tried to
> install the patch for the unlicensed version?
> <<<:>>>
>
> At 10:58 AM 5/26/2006, Allison Henry wrote:
> >As you may be aware, a vulnerability was recently reported in Symantec
> >Anti-virus desktop software that if, exploited, could allow an attacker
> >to execute malicious code with SYSTEM level access (see information
> >below). The version of Symantec Anti-virus available on
> >http://software.berkeley.edu, and included in the C_at_B CD, is vulnerable
> >to this exploit. SNS is aware of the vulnerability and is working on
> >solutions to help mitigate the threat.
> >
> >Please be aware that this vulnerability has been reported to Symantec by
> >a security research group, and no exploits of this vulnerability have
> >been released at this time. Symantec will be releasing an update
> >shortly, so to prepare make sure your LiveUpdate software is working
> >properly so you can receive updates when they become available. When an
> >update is released or we get any new information on this issue, we will
> >update the appropriate mailing lists.
> >
> >
> >For more information:
> >
> >http://www.cnn.com/2006/TECH/internet/05/25/antivirus.flaw.ap/index.html
> >
> >and
> >
> >http://eeye.com/html/research/upcoming/20060524.html
> >
> >Upcoming Advisories
> >
> >Date Reported:
> >May 24, 2006
> >
> >Vendor:
> >Symantec
> >
> >Description:
> >A remotely exploitable vulnerability exists within the Symantec
> >Antivirus program. This flaw does not require any end user interaction
> >for exploitation and can compromise affected systems, allowing for the
> >execution of malicious code with SYSTEM level access.
> >
> >Severity:
> >High (Remote Code Execution)
> >
> >Remote Code Execution:
> >Yes
> >
> >Software Affected:
> >Symantec Antivirus 10.x
> >Symantec Client Security 3.x
> >(Other Symantec Antivirus products are also potentially affected,
> >waiting for vendor list)
> >
> >Status:
> >Initial report stage
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Tue May 30 10:12:50 2006
This archive was generated by hypermail 2.1.8 : Tue May 30 2006 - 10:12:50 PDT