Symantec AntiVirus Help
Latest Symantec News for OSU
07-12-07 Symantec vulnerability in Decomposer engine announced
Symantec has announced several vulnerabilities affecting versions of the Symantec AntiVirus client. The most critical issue pertains to scanning files that have been compressed as RAR or CAB files. As these files are being decompressed by the Symantec Decomposer for scanning, it would be possible for a hacker to either crash the SAV client using a denial of service attack in the case of RAR files, or remotely execute arbitrary code in the case of CAB files. Please update your clients to the latest version to protect yourself. This vulnerability affects all 10.0 clients, all 10.1 clients below 10.1.5.5000, and all 9.0 clients below 9.0.6.1000. Solution: Update to version 10.1.6.6000. See links under Faculty, Staff and Student Downloads below for the latest versions.
This does not affect Vista 10.2 clients.
12-26-06 Malware attacks vulnerability in Symantec's Anti-Virus clients
In May and September of 2006 Symantec reported a vulnerability in the their AV client that would allow someone to gain elevated privileges on the host computer. Accomplishing this, the hacker will be able to shut down or inhibit SAV from functioning thus allowing them to install sniffers, key loggers, other malware applications, or use the compromised system to attack other systems. In November we saw the first of three different worms that try and take advantage of these earlier vulnerabilities. It is imperative that you update your version of Symantec to the latest release and that you ensure you have applied all the latest patches for your operating system from Microsoft.
Students and staff personal systems can be updated with the installer from the link found in the "Windows" section under Faculty, Staff and Students further down on this page. DCAs should visit the DCA Links.
10-1-06 A new Symantec AntiVirus client is now available, 10.1.5.5000.
Please see the links below for the latest clients.
9-13-06 A new vulnerability in Symantec's Anti-Virus client - SYM06-017
Symantec announced "An elevation of privilege vulnerability in Symantec Client Security and Symantec Anti-Virus Corporate Edition could potentially allow a local attacker to execute code with elevated privileges on the target machine." The announcement goes on to say that the Symantec Anti-Virus Corporate Edition (SAV CE) clients not affected by this vulnerability are:
- SAV CE version 10.1.X is not affected
- SAV CE version 10.0.2.2020 and later
- SAV CE version 9.0.5.11 and later
- SAV CE version 8.1.1 build 939 and later
If you have any other versions than those listed you should update your client. Even better you should update any version prior to 10.0 to the latest version 10.1.4.4000. If you want to know how to check your client version, check out our FAQ page.
6-28-06 A new Symantec AntiVirus
client is now available, 10.1.4.4000.
Please see the links below for the latest clients. This client includes
patches for the 5-25-06 vulnerability.
5-25-06 Symantec AntiVirus 10
Vulnerability - SYM06-010
Symantec published a security vulnerability for
Symantec AntiVirus 10.0 and 10.1 Corporate
Editions. The vulnerability details are listed in this Symantec
article. The impact of this vulnerability is serious as it can allow an
attacker to obtain elevated rights on your system. If you cannot update to
the latest version of Symantec AntiVirus, please
apply the appropriate patch for your current version as listed here. AntiVirus client versions 9 and older are not susceptible
to this vulnerability.
Faculty, Staff, and Student Downloads
The links provided below are for Oregon State
University faculty,
staff, and registered students to download and install the latest versions of
Symantec AntiVirus on their personal computers. If
you have difficulties downloading any of these versions please consider
obtaining an OSUWare CD from the Valley Library
circulation desk. If your computer is managed by one of the support
groups on campus, please contact your DCA prior to installation. If
you are unsure who your DCA is, you can check the DCA Listing to
find out.
Windows
Customers using Windows PCs may click on the link below to download the
latest client. Please save the file to your desktop and then double click the
file to start the installation. Please close all applications and save
your work prior to installation of the client. Your machine may reboot
at the end of installation.
- Symantec AntiVirus 10.1.6.6000 Corporate Edition (Windows
2000, XP)
- Symantec AntiVirus 10.2.0.276 Corporate Edition (Windows
Vista ONLY)
- Symantec AntiVirus 9.0.6.1000 Corporate Edition (Windows 98/ME ONLY!)
To get patches and updates for the following products from the Symantec
product update site please visit:
Macintosh
Customers using Apple computers may click on the link below to download
the latest client. Please save the file to your desktop and then double click the
file to install. All previous versions of Norton AntiVirus or
Symantec AntiVirus should to be removed prior to
installing this version. After installation, please run LiveUpdate to upgrade your client
to the latest version.
- Symantec AntiVirus 10.1.1 for Macintosh OS 10.4.7/OS 10.3
Problems downloading?
If you are on campus, i.e. your workstation has an IP address on the
128.193.x.y network; you should be able to access this software by simply
clicking on the links above. Certain other IP address ranges are also
considered to be 'on-campus' and should behave exactly the same way.
For off-campus access and sites not on the OSU address space, you will
need to connect via OSU's Virtual Private Network
(VPN). Click here for VPN
installation instructions. Once you have installed and configured the
VPN, you should be able to download Symantec Anti-Virus in the same way
on-campus users do.
|
