[unisog] More: Bot outbreak exploiting SYM06-010
mstubbs at facstaff.wisc.edu
Tue Nov 28 20:47:23 GMT 2006
Various articles keep saying "patch" as regards symantec and SYM06-010.
I'm getting the impression (possibly wrong) that in Symantec lingo one
doesn't patch to an "MR" level, that one has to install to an MR level.
(Is that true?) I have gotten very very confused about the "MR" thing
and the "point patch" (PP) thing. [We have an agreement of some sort
with Symantec but I certainly am not a person that has access to any
platinum or gold accounts.]
In above I note that under MR4 above they claim to fix this particular
issue. So we have to get to MR4 or MR5 to avoid this SYM06-010? (not
addressing the question of what the problem was for which they have an
MR5 level :-)
"Maintenance Release 4 (MR4)
This section describes the fixes in Maintenance Release 4 of Symantec
AntiVirus 10.1 and Symantec Client Security 3.1.
Symantec AntiVirus Corporate Edition 10.1.4.4000
Symantec Client Security and Symantec AntiVirus Elevation of
Privilege vulnerability (SYM06-010)
Maintenance Release 4 includes a fix for the Symantec Client
Security and Symantec AntiVirus Elevation of Privilege vulnerability.
You do not need to apply the patch for the vulnerability if you migrate
to Maintenance Release 4."
The reason I wonder about these things is that we have here an ability
to download multiple files and that is forcing me into deciding what of
them are needed. (It's not just a problem for this bot issue. It's an
issue any time someone would get the urge to install this product,
because typically one would want to install the most up to date version
in a new install, as we do things here.)
We are offered:
10.1.5.b5000 labeled "Download 10.1 MR5"
and a file 10.1.4.4010 (one for 32 bit and one for 64 bit)
"32-bit Client Installer Download 10.1 MR4 w/MP1"
"64-bit Client Installer Download 10.1 MR4 w/MP1"
and a latest point patch, one for 32 bit and one for 64 bit:
"Latest Point Patch PP1 for MR5 32-bit"
PP1 for MR5 64-bit"
If one wanted the latest and greatest v 10 savce then would one have to
install "10.1 MR5" *and* install the point patch for MR5? Is that how it
works. (Apologies if this is a dumb question.)
(I could ask the same questions about version 9 but I'm refusing to go
there. We are also offered many options regarding 9 but I just don't
want to think about it. :-)
More information about the unisog