Official advisory to all State employees.
Impact
High
|
Remote
|
Yes
|
|
Local
|
Yes
|
|
Authentication Required
|
No
|
|
Exploit publicly available
|
No
|
Overview
A stack overflow in Symantec Client Security and Symantec AntiVirus Corporate
Edition could potentially allow a remote or local attacker to execute code on
the affected machine.
Products
Affected
Note: All builds listed above are English versions only. Localized
builds are pending.
Details
Symantec was notified that Symantec Client Security and Symantec AntiVirus
Corporate Edition are susceptible to a potential stack overflow. Exploiting
this overflow successfully could potentially cause a system crash, or allow a
remote or local attacker to execute arbitrary code with System level rights on
the affected system.
Symantec
Response
Symantec advisory will be updated when product updates to address this issue
are available.
To help reduce
the risks associated with this vulnerability Symantec recommends the following
best practices:
- Restrict access to administration or management
systems to privileged users only, with additional restricted access to the
physical host system(s) if possible.
- Keep all operating systems and applications
updated with the latest vendor patches.
- Follow a multi-layered approach to security. Run
both firewall and antivirus applications, at a minimum to provide multiple
points of detection and protection to both inbound and outbound threats.
- Be cautious visiting unknown or untrusted
websites or following unknown URL links.
- Do not open attachments or executables from
unknown sources or that you didn't request or were unaware of. Always err
on the side of caution. Even if the sender is known, the source address
may be spoofed.
Even
though we are not aware of any agencies impacted by this vulnerability, RI
Division of IT recommends agencies immediately apply the latest Security Update
to protect against potential related attacks.
A
Rhode Island Government Website