Run under the principle of least privilege, where possible, to limit the impact of potential exploit.Restrict remote access to trusted/authorized systems only.Restrict access to administrative or management systems to authorized privileged users.Symantec recommends the following measures to reduce risk of attack: Note : for customers who are currently not using Application and Device Control, you can use the instructions in the following technote to mitigate the current issue in the interim. This is available upon request from Symantec Technical Support.
In addition, a referesh of 14.2 MP1 (.0103) was released on August 21st, 2019 to address this issue. At this time, Symantec is not aware of any exploitations or adverse customer impact from these issues. The latest releases and patches for Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition are available to customers through normal support channels. A Symantec Endpoint Protection update, version 14.2 RU1, and Symantec Endpoint Protection Small Business Edition update, version 12.1 RU6 MP10c (.7002), have been released which address the aforementioned issue. The mentioned issue was validated by the product team engineers. Symantec Endpoint Protection and Symantec Endpoint Protection Small Business Edition may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. Symantec Endpoint Protection Small Business Edition (SEP SBE) Symantec has released updates to address issues that were discovered in the Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) products.
0 kommentar(er)
