Symantec updates Management console product
Symantec, the global giant in cyber-security, had recently updated its Console product so that it can patch a vulnerability which is believed to leave users susceptible to a directory traversal exploit.
The exploit can be leveraged when there is insufficient security validation of user-supplied input file names, such that characters representing " traverse to parent directory" are passed through to the file APIs, according to a Nov. 20 security update.
The goal of the attack would be to use an affected application to gain unauthorized access to the file system. The flaw affects Management console products prior to ITMS 8.1 RU4 and those affected are urged to update to the latest version as soon as possible.
Patches are available to customers through normal support channels and researchers are unaware of any exploits in the wild. In order to minimize the risk of vulnerability being exploited, researchers recommend users restrict access to administrative or management systems to authorized privileged users and Restrict remote access to trusted/authorized systems only.
After completion of the specified period, the security application turns off Silent Mode. You can also manually turn off Silent Mode at any time. The activities that are suspended when Silent Mode is turned on the run after Silent Mode is turned off.
See Configuring security policy settings.
To re-enroll an OS X device, you must unenroll the device from the Symantec Endpoint Protection Cloud portal.
Users can unenroll their OS X devices by manually removing the management profile, uninstalling the security application, and then restarting the devices. Now, users can re-enroll these devices.