Local Privilege Escalation Vulnerability in Symantec Endpoint Protection

["US-CERT" <US-CERT () ncas us-cert gov>]

NCCIC / US-CERT

National Cyber Awareness System:

Local Privilege Escalation Vulnerability in Symantec Endpoint Protection [ 
https://www.us-cert.gov/ncas/current-activity/2014/08/04/Local-Privilege-Escalation-Vulnerability-Symantec-Endpoint ] 
08/04/2014 05:34 PM EDT 
Original release date: August 04, 2014

US-CERT is aware of a local privilege escalation vulnerability in Symantec Endpoint Protection. This vulnerability 
affects all versions of Symantec Endpoint Protection Client 11.x and 12.x running Application and Device Control. 
Exploitation of this vulnerability may allow an attacker to gain full privileges on an affected system.

US-CERT recommends that users and administrators review the associated Symantec Knowledge Base Article TECH223338 [ 
http://www.symantec.com/docs/TECH223338 ] and CERT Vulnerability Note VU#252068 [ http://www.kb.cert.org/vuls/id/252068 
] and apply the necessary updates.

________________________________________________________________________

This product is provided subject to this Notification [ http://www.us-cert.gov/privacy/notification ] and this Privacy 
& Use [ http://www.us-cert.gov/privacy/ ] policy.

________________________________________________________________________

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] | Security Publications [ 
http://www.us-cert.gov/security-publications ] | Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources [ 
http://www.us-cert.gov/related-resources ] 

STAY CONNECTED: Sign up for email updates [ http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]