RE: [Security] RE: Symantec vulnerability update

Hi Bruce,

Thanks for the input. But actually all our computers had Symantec Client
Security to begin with (we were using 3.0.2 until we updated to the 3.1
built yesterday). Windows file sharing had always worked with the Symantec
Client Firewall once we added the designated computers' IP addresses to the
"safe zone."

For the newest built, it still works but the user must manually disable the
firewall first, then we enable it. This is after we've added the IP address
to the "safe zone" within the symantec firewall settings or we wait about
30-40 minutes after the computer boots up.

Anyone else with this problem?

Amy

-----Original Message-----
From: owner-micronet-list@lists.berkeley.edu
[mailto:owner-micronet-list@lists.berkeley.edu] On Behalf Of Bruce Satow
Sent: Wednesday, May 31, 2006 11:54 AM
To: Amy Gee
Cc: 'Micronet-UCB microcomputer support user group';
ucb-security@lists.berkeley.edu
Subject: Re: [Security] RE: [Micronet] Symantec vulnerability update

Hi Amy,

Unfortunately that patch installs Symantec Client Security as well as the
Anti-virus patch. I tried it this morning and found out that the patch
replaced the Windows firewall with Symantec's firewall program.
Maybe that is blocking file and printer sharing between computers.

I was hoping there was just a patch for the Symantec Anti-virus...

-Bruce

Bruce Satow
Space Sciences Laboratory
University of California
Berkeley, California 94720-7450
(925) 643-2348

AST:7731^29u18e3

Alcohol & calculus don't mix. Never drink & derive.

Amy Gee wrote:
> Hi folks,
>
> So far, I have upgated four computers at my department but they all
> began to have a same issue. They all are unable to access shared
> folders/drives until about 30 minutes after the system boots up or
> immediate after the symantec firewall is manually disabled and re-enabled.
>
> Windows files/folder sharing is permitted and the IP addresses of
> designated computers are added to the safe zone. Prior to the update,
> the computer can immediately access any shared folders and drives.
>
> Anyone else experience this problem?
>
> Thanks,
> Amy
>
> -----Original Message-----
> From: owner-micronet-list@lists.berkeley.edu
> [mailto:owner-micronet-list@lists.berkeley.edu] On Behalf Of Allison
> Henry
> Sent: Tuesday, May 30, 2006 1:35 PM
> To: Micronet-UCB microcomputer support user group;
> ucb-security@lists.berkeley.edu
> Subject: [Micronet] Symantec vulnerability update
>
> Symantec has released patches for the security vulnerability in
> Symantec Anti-Virus announced on Friday. These patches must be
> installed on each workstation running Symantec Anti-virus v10.x
> (including Symantec Client Security 3.x) to protect against this
> vulnerability. To make sure the updates are applied and to get the
> benefits of the latest version of Symantec, we are recommending the
following actions:
>
> 1) Go to http://software.berkeley.edu/windows/scs3/current/
> 2) Download and install the SCS 3.1 desktop client
> 3) Download and install MP1 for 3.1
> 4) Download and install PP1 for SCS 3.1 MP1
>
> For system administrators:
> We recommend that you upgrade all Symantec clients to 3.1 and apply
> the appropriate patches. However, if you wish to stay at your current
> version of Symantec, you can find the appropriate patches for your
> version number at
> http://www.symantec.com/techsupp/enterprise/products/sym_client_securi
> ty/scs
> _3/files.html.
>
> Please make sure you apply the appropriate patches in the correct
> order for your version of Symantec. We are working on developing tools
> to aid in the distribution of patches to large numbers of
> workstations, so watch for further updates.
>
> Please help us get the word out to the campus community. There are
> still no exploits out based on this vulnerability and with your help
> we want to get campus users protected before the exploits are released.
>
> Thank you,
>
> --
> Allison Henry
> System and Network Security
> University of California, Berkeley
> http://security.berkeley.edu
>
> ----------------------------------------------------------------------
> -- The following was automatically added to this message by the list
> server:
>
> For information about Micronet, including subscribing to or
> unsubscribing from its mailing list and finding out about upcoming
> meetings, please visit the Micronet Web site:
> <http://micronet.berkeley.edu/>.
>
> -------------------------------------
> Sent via the ucb-security mailing list.
>

------------------------------------------------------------------------
The following was automatically added to this message by the list server:

For information about Micronet, including subscribing to or unsubscribing
from its mailing list and finding out about upcoming meetings, please visit
the Micronet Web site:
<http://micronet.berkeley.edu/>.

------------------------------------------------------------------------
The following was automatically added to this message by the list server:

For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Wed May 31 13:06:33 2006