Symantec Response
Symantec engineers verified that the issue exists in Reporting Server included with the product versions listed in the table above. The error occurred due to the improper initialization of a variable, and updates have been released to correct the problem.
Reporting Server is an optional program distributed with Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later and Symantec Client Security (SCS) 3.1 and later. Reporting Server can be used to create reports about any version of SAV CE and SCS installed on client systems within an organization. This vulnerability affects only systems on which the Reporting Server program is installed. Individual client systems are not affected.
Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue. However, we recommend that customers update Reporting Server immediately to protect against possible attempts to exploit this issue.
Mitigation and best practices
- Uninstall Reporting Server if it is not being used
- Symantec Client Security Console (SCS Console) and Reporting Server interface should be restricted to trusted access only.
- Ensure that the SCS Console and Reporting Server interface are never visible external to the network. This greatly reduces opportunities for unauthorized remote access.
- User accounts for Reporting Server should be unique, and different from the user’s network login account.
- Delete exported data files which are no longer needed.
Applying the Updates
Reporting Server is an optional component of Symantec Client Security, and it can be updated (migrated) independently of the rest of the program. For more information, please see this knowledgebase document:
Migrating Reporting Server for Symantec Client Security 3.1 and Symantec AntiVirus 10.1
http://entsupport.symantec.com/docs/n2007012213220048
Thanks for your feedback. Let us know if you have additional comments below. (requires login)