Symantec
Anti-Virus Flaws
December 21, 2005 (See May 27, 2006
Addendum below)
(Symantec had since acknowledge the flaw and
listed under with latest release
10.0.2.2001 correcting that problem. Note that SAV 8.x and 9.x were
not affected.) Just want to let you know that I am aware of
the news that just came out today re: the discovery & announcement by
security firm Secunia. For the second time this year, a high risk flaw
has been found in SAV within the RAR routine. It was UPX back in Feb.
After studying of the situation, I made the recommendation to NOT
implement the temporary work-around by disabling scanning of .RAR files.
Patches are not yet available. In fact it's not even acknowledged by
Symantec yet. I'm sure they will within a few days. The fixes should be
available in a few weeks at most.
If you have particular concern, just ask and I'll be glad to explain
in greater details and offer background information, perspective, and
justifications.
Again, my official professional recommendation at this point is:
Take no action
Disregard the dire warnings in the news for this particular incident.
It is common that the proper action is to override the security firm's
narrow context "recommendation" in the announcement.
+1.585.637.8869
Call/email inquiries to verify the authenticity of this email is
non-billable (and you're encouraged to do so, as it is good practice)
Any discussion/clarification is billable at standard rates
Sam C. Chan
P.s. You're receiving this alert because you're the
DIFA for your location.
Addendum
May 27, 2006
Symantec today released
Symantec AntiVirus
CE 10.0.2 MR2 MP2 Point Patch 1 to address the
recent security advisory (SYM06-010) disclosed 2 days ago.
This brings the Bravo official current build to: 10.0.2.2021
Note: current there are 3 valid and supported versions: 10.1, 10.0
MR2 and 10.0 MR1. Upgrades must be performed according to all the
standard rules re: applying maintenance releases, maintenance patches
and point patches. All tier 1 sites
and retainer sites are being alerted and update
scheduled. Consultants are advised to obtain briefing before proceeding
with your deployment. ETS: 0.1 to 0.3 hr.
B.E.S.T. team members, see our SharePoint Portal thread for
time-saving tips and further technical details on this issues.
|