Symantec Response
Updates are available for affected products. Symantec recommends customers apply the latest product update available for their supported product versions to enhance their security posture and protect against potential security threats of this nature.
Symantec is not aware of any customers impacted by this issue, or of any attempts to exploit the issue.
Product updates are available from the Symantec support site:
http://www.symantec.com/techsupp/ or via LiveUpdate when available.
Symantec product users who regularly launch and run LiveUpdate should already have received an updated (non-vulnerable) version of (product/component). However, to ensure all available updates have been applied, users can manually launch and run LiveUpdate in Interactive mode as follows:
To perform a manual update using Symantec LiveUpdate, users should:
- Open any installed Symantec product
- Click on LiveUpdate in the toolbar
- Run LiveUpdate until all available Symantec product updates are downloaded and installed
Best Practices
As part of normal best practices, Symantec strongly recommends:
- Restrict access to administration or management systems to privileged users.
- Restrict remote access, if required, to trusted/authorized systems only.
- Run under the principle of least privilege where possible to limit the impact of exploit by threats such as this.
- Keep all operating systems and applications updated with the latest vendor patches.
- Follow a multi-layered approach to security. Run both firewall and antivirus applications, at a minimum, to provide multiple points of detection and protection to both inbound and outbound threats.
- Deploy network intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in detection of attacks or malicious activity related to exploitation of latent vulnerabilities
Thanks for your feedback. Let us know if you have additional comments below. (requires login)