[Micronet] [Announce] Multiple Vulnerabilities in Symantec Products Including SEP (CVE-2016-2210)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Micronet] [Announce] Multiple Vulnerabilities in Symantec Products Including SEP (CVE-2016-2210)

Josh Kwan
SUMMARY
===
Multiple, critical vulnerabilities have been discovered in Symantec products including Symantec Endpoint Protection (SEP), an anti-virus product previously licensed and distributed on campus. [1]

Campus support and licensing for SEP ended on September 30, 2014. [2]


IMPACT
===
Successful exploitation of these vulnerabilities typically results in an application-level denial of service but could result in arbitrary code execution. An attacker could potentially run arbitrary code by sending a specially crafted file to a user. [1]


VULNERABLE
===
* Symantec Endpoint Protection for Windows, Mac, or Linux versions 12.1.6 MP4 and prior
* Additional Symantec products are affected. Please review Symantec's security advisory for a comprehensive list. [1]


RECOMMENDATIONS
===
* If you have an old version of SEP that was obtained from UC Berkeley Software Central or an old desktop image, remove SEP immediately and install Microsoft SCEP which is the current anti-virus/anti-malware software licensed for campus users. [3]
* If you have paid to license Symantec products (e.g. personal or departmental purchase), upgrade your software per Symantec's instructions. [1]

REFERENCES
===

--
You received this message because you are subscribed to the Google Groups "Micronet Announcements" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/a/lists.berkeley.edu/group/micronet-announce/.
To view this discussion on the web visit https://groups.google.com/a/lists.berkeley.edu/d/msgid/micronet-announce/CA%2BFOM7xPc_CbNGMe5UpcgAqrJ32ozSveOgbpYESeRCjcBc7UBA%40mail.gmail.com.
For more options, visit https://groups.google.com/a/lists.berkeley.edu/d/optout.

--
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:
 
To learn more about Micronet, please visit the Micronet Web site: http://micronet.berkeley.edu
 
Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
 
ANNOUNCEMENTS: To send announcements to the Micronet list, please use the [hidden email] list.
---
You received this message because you are subscribed to the Google Groups "Micronet" group.
To unsubscribe from this group and stop receiving emails from it, send an email to [hidden email].
To post to this group, send email to [hidden email].
Visit this group at https://groups.google.com/a/lists.berkeley.edu/group/micronet-list/.
To view this discussion on the web visit https://groups.google.com/a/lists.berkeley.edu/d/msgid/micronet-list/CA%2BFOM7xPc_CbNGMe5UpcgAqrJ32ozSveOgbpYESeRCjcBc7UBA%40mail.gmail.com.
For more options, visit https://groups.google.com/a/lists.berkeley.edu/d/optout.