Yesterday, Symantec published a security advisory for a vulnerability in Symantec Endpoint Protection (SEP) 11. We urge all users of Symantec Antivirus or Endpoint Protection to install the latest version available (please check with your local IT admins first). SEP is available to UW-Madison students, faculty, and staff to use on personally- or University-owned computers.
What can someone do with this vulnerability? Using a maliciously crafted cabinet file, an attacker can cause your Symantec application to crash and can install malware on your computer.
All versions of Symantec Endpoint Protection 11 are vulnerable. Previous versions of Symantec Antivirus (10.x and lower) are not included in Symantec’s security advisory, but are old and no longer supported.
For assistance in determining which version of Symantec you are running or if you need help upgrading to the latest version, please contact the DoIT Help Desk.