Wednesday, June 16, 2021

Bugs Found in Symantec Firewalls

Symantec Corp., one of the major security companies, announced four vulnerabilities in its client-based firewall products today.

The problems, which were reported to Symantec by eEye Digital Security, a network security vendor, affect Windows systems. Symantec reports that by properly exploiting these issues, an attacker could render the targeted system inoperable or execute remote code with kernel-level privileges on the targeted system.

All issues occur within routines in the SYMDNS.SYS component, according to a statement posted on the Symantec site.

Products affected include Symantec Client Firewall versions 5.0.0 through 5.1.1; Symantec Client Security 1.0.0, 1.1.0 and 2.0.0; Norton AntiSpam 2004; Norton Internet Security 2002 through 2004; and Norton Internet Security Professional Edition 2002 through 2004.

Symantec confirmed the vulnerabilities exist in the consumer and corporate Symantec Client Firewall applications, as well as in Symantec’s Norton AntiSpam 2004 application. Symantec product engineers have developed fixes for the issues and released patches for all impacted products through Symantec LiveUpdate and technical support channels.

Clients running consumer versions of the affected products who regularly run a manual Symantec LiveUpdate should already be protected against this issue. However, to be sure they are fully protected, customers should manually run Symantec LiveUpdate to ensure all available updates are installed.

Clients running the corporate versions of Symantec Client Firewall or Symantec Client Security should download and apply patches obtained through their appropriate support channels.

Symantec analysts say they are not aware of any active attempts to exploit the vulnerabilities.

Similar articles

Latest Articles

Top Data Visualization Tools...

The amount of data generated and consumed by organizations is growing at an astounding rate. The total volume of data and information worldwide has...

The Data Capture Market

Data capture is the process of collecting, ingesting, or otherwise acquiring structured and unstructured data and either converting it into a data format usable...

NVIDIA and the Move...

NVIDIA recently held a Q&A with its visionary CEO Jensen Huang.   While the Q&A this week focused on NVIDIA’s announcements at Computex, his opening and...

Acquia Updates Open Digital...

BOSTON – Acquia’s Drupal-based customer experience (CX) platform is looking different to enterprise users. Acquia made updates last quarter across its three-part Open Digital Experience...