May 21, 2008
Testing Symantec Endpoint Protection 11.0
We are currently testing the new Symantec Endpoint Protection 11.0, aka SEP, and hope to be ready to roll it out end of May first week of June. We also anticipate being able to keep the web install process for SEP.
Posted by Jeff Schoenack at 10:18 AM
March 20, 2006
Trojan Horse email circulating again
There is a trojan horse email circulating again with a subject of:
“Dear
You have just received a postcard from someone who cares about you !
This is a part of the message:
“Hy there! It has been a long time since I haven not heared about you!
I have just find out about this service from Kevin, a friend of mine who also told me that…”
If you would like to see the rest of the message click here and you will receive your animated postcard! “
It drops file(s) of Trojan.Dropper on your machine. Trojan.Dropper is a Trojan horse that drops Trojan horses or back door Trojans onto compromised computers. It is a low threat but many people may think it is a legitimate email and get infected if they are not running current virus protection. To learn more or how to remove it go to http://securityresponse.symantec.com/avcenter/venc/data/trojan.dropper.html
Continue reading "Trojan Horse email circulating again"
Posted by Jeff Schoenack at 8:56 AM
December 28, 2005
Critical Symantec AntiVirus Vulnerability
News came last week that a high-risk buffer overflow vulnerability in Symantec’s AntiVirus Library could lead to code execution attacks when RAR archive files are scanned. Important to note in this situation, is that this affects all versions of Symantec Antivirus, including those for Mac OS X.
Symantec has created a page which lists all vulnerable products along with instructions for dealing with problems until they are able to create and release a software patch.
Posted by Web Developer at 2:23 PM
December 7, 2005
Instant Message Worm That Chats With You
Security vendor IMlogic has announced the identification of a internet worm that propogates via the AIM instant message network. This is nothing new, but the means by which computers become infected is a first. It actually chats with the intended victim. Starting out the conversation with “lol that’s cool” and suggesting a person download a file named clarissa.pif. If you ask whether the file is infected with a virus, the worm will respond “lol, no its not its a virus”.
This is not a widespread threat, and is unlikely to become one. However it is interesting to note this new application of social engineering and artificial intelligence in the virus world.
Posted by John Gieser at 8:36 AM
October 13, 2005
Symantec Patch
Symantec has identified a security vulnerability in the Symantec AntiVirus Scan Engine (SASE). This is not the same application integrated in Symantec AntiVirus Corporate Edition (SAVCE). Early reports identified the security vulnerability in SASE as affecting SAVCE. This is incorrect.
However, Symantec has released a patch/update (available on the EduTech Tech Coordinator’s website for SAVCE 10 which improves desktop and application security. Because of the additional featuers and security enhancements it is desirable to install the patch, even though it is not related to the SASE vulnerability.
Once the patch is applied, the version number should read 10.0.1.1007 (instead of 10.0.1.1000). The patch is also distributed with an updated ClientRemote Install Tool to make it easier to distribute future patches without having to touch every client.
Posted by John Gieser at 3:11 PM
September 28, 2005
A Look Inside Symantec’s Response Lab
The October 2005 issue of Fast Company magazine features a really good article about Symantec’s security response lab entitled Sweating In the Hot Zone. It presents a behind the scenes business view of how the company keeps on top of the ever-changing landscape of security threats. It appears they learned a lot in August 2003 during the simultaneous spread of the Blaster, Welchia, and SoBig worms and viruses.
Posted by Web Developer at 11:03 AM