Symantec Anti-virus & Client Security
Vulnerability in Symantec AntiVirus (SAV)
March 2005: Symantec has warned that older versions of SAV have a critical bug that can cause problems with virus detection and possibly with the running of Windows computers. Version 9.0.2 of SAV (included with Symantec Client Security 2.0.2) fixes these problems.
ITSS recommends that all versions previous to 9.0.2.1000 be replaced. To check which version you have installed on your workstation, double-click on the gold shield icon in the lower right corner of your monitor.
Check the "Program Version" listed in the center portion of the Symantec AntiVirus window.
If you have a version prior to 9.0.2, you should upgrade your client using one of the following methods:
- Download the managed client from our web site. For details, see: Symantec Anti-virus
- If you have a Novell client, you may be prompted when logging in to upgrade your Symantec client during.
Generally, ITSS has found that upgrading to the current program version works well. But as with any software package, uninstalling the previous version, then performing a fresh install is the best choice.
While this exploit does exist, a certain set of conditions need to occur before a system is breeched. If you would like details regarding the latest exploit, please see: Symantec UPX Parsing Engine Heap Overflow
Rev: 03.05 sb xml