Thanks for the heads up on this, Cheryl!
Our department is running the site licensed product, Symantec AV
Corporate Edition, either v7.6 or 8.x. Which doesn't seem to have the
problem. (making me very glad, because I'm very sick of manual updates!)
But I'm thinking this software is commonly bundled with new computers,
right? Maybe I should warn our faculty/staff about their personal
purchases? If anyone sees a good notice, please forward it to the list.
Looking at the technical details described in the URL, two of the issues
are with DNS. Maybe an exploit would require using an evil DNS server,
which would be unlikely? And the other two issues use NetBIOS, so they
might be blocked by a firewall.
-John
Cheryl Akers wrote:
>> Run live update MANUALLY to install the patch
>>
>> Affected Components
>> Consumer:
>> Symantec Norton Internet Security and Professional 2002, 2003, 2004
>> Symantec Norton Personal Firewall 2002, 2003, 2004
>> Symantec Norton AntiSpam 2004
>> Corporate:
>> Symantec Client Firewall 5.01, 5.1.1
>> Symantec Client Security 1.0, 1.1, 2.0(SCF 7.1)
>>
>> For more information see:
>>
>> http://securityresponse.symantec.com/avcenter/security/Content/2004.05.12.html
|