IT-DISCUSS Archives

January 2006

IT-DISCUSS@LIST.UVM.EDU

Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
From:
Stefanie Ploof <[log in to unmask]>
Reply To:
Technology Discussion at UVM <[log in to unmask]>
Date:
Tue, 10 Jan 2006 11:42:58 -0500
Content-Type:
TEXT/PLAIN
Parts/Attachments:
TEXT/PLAIN (93 lines)
If you are using your laptop for UVM business at UVM, the on-campus
version is recommended.

Allow me to also state that CIT now recommends SAV 10 for Windows and
Macintosh computers.  I have updated the CIT news article and will post an
IT newsletter article to this effect.  SAV 10 for Mac works better with
Tiger; SAV 10 for PC resolves many of the odd problems SAV 9 users were
experiencing, such as 100% CPU usage, and also detects and acts upon
spyware.


On Tue, 10 Jan 2006, Alison Pechenick wrote:

> Stef, I know there are two versions of this software in the archive, the
> "managed" and "unmanaged", depending on whether the system involved is
> used on- or off-campus.
>
> What is recommended for those of us who take our laptops back and forth
> to campus?
>
> Thank you,
>
> Alison
>
> Stefanie Ploof wrote:
> > A version of Symantec Antivirus for Windows which patches the library heap
> > overflow/RAR file vulnerability announced in December (see below) is now
> > available from the UVM software download site
> > (http://www.uvm.edu/software).
> >
> > All Windows computers running Symantec Antivirus version 10 should be
> > updated to Symantec Antivirus 10.0.2.2001 at this time to protect systems
> > from the vulnerability.  Testing of the newest version has shown that
> > installing over previous versions will work, although it is advised that
> > the previous version be removed via Control Panel -> Add/Remove Programs
> > before installing this newest version.
> >
> > Macintosh Symantec Antivirus version 9 is also affected by the
> > vulnerabilty.  All Macintosh users are encouraged to delete version 9 from
> > their systems and install version 10 from the UVM software download site
> > (http://www.uvm.edu/software).
> >
> > Questions or problems with installation should be reported to the
> > CIT Helpline (http://www.uvm.edu/cit/help or 6-2604).
> >
> >
> >
> > On Thu, 22 Dec 2005, Stefanie Ploof wrote:
> >
> >
> >>This week a report was released that Symantec Antivirus Corporate Edition
> >>10.x (PC), Symantec Norton Antivirus 9.x (Mac), and Symantec Norton
> >>Antivirus for Exchange 2.x products are vulnerable to a library heap
> >>overflow if Symantec AV scans .RAR files while they are being
> >>decompressed, resulting in the potential for the Symantec Antivirus
> >>product to be exploited by a malicious hacker who can take control of a
> >>system.
> >>
> >>Symantec has not released a patch for this vulnerability.  In the meantime
> >>I have changed the central Symantec servers to scan certain file types
> >>rather than all file types in auto-protect mode.  The list of currently
> >>auto-protected file types is the default list that Symantec provides, as
> >>well as .ZIP files.  As would be assumed, .RAR files are not being scanned
> >>via auto-protect at this time.  Please note that this change only affects
> >>auto-protect scanning on PCs.  Macintosh Symantec/Norton Antivirus and
> >>Symantec Norton Antivirus for Exchange are -not- protected by the central
> >>servers, so Macintosh users and Exchange server administrators must either
> >>choose to disable auto-protect via the Norton Antivirus options or choose
> >>not to download and decompress .RAR files while the vulnerability still
> >>exists.
> >>
> >>More information about the vulnerability is available at:
> >>http://news.zdnet.co.uk/internet/security/0,39020375,39243160,00.htm
> >>http://xforce.iss.net/xforce/alerts/id/187
> >>
> >>A full list of affected products is available at:
> >>http://secunia.com/advisories/18131/
> >>
> >>When Symantec does release a patch the CIT Antivirus team will provide
> >>further instruction or information.
> >>
>
> --
> Alison Pechenick, Lecturer
> Department of Computer Science
> College of Engineering & Mathematical Sciences
> 351 Votey Building
> University of Vermont
> Burlington, VT 05405
> (802)656-2547
> http://www.cems.uvm.edu/~apecheni
>

ATOM RSS1 RSS2