Ankündigung

Einklappen
1 von 2 < >

Schulungen zu Symantec Endpoint Protection

Zu Symantec Endpoint Protection bieten wir Ihnen mehrere Schulungen an:

https://www.niwis.com/service/schulu...on-schulungen/
2 von 2 < >

Schulungen zu Symantec Endpoint Protection

Zu Symantec Endpoint Protection bieten wir Ihnen mehrere Schulungen an:

https://www.niwis.com/service/schulu...on-schulungen/
Mehr anzeigen
Weniger anzeigen

Kürzlich veröffentlichte Micosoft Patches führen zu Fehlern

Einklappen
X
  • Filter
  • Zeit
  • Anzeigen
Alles löschen
neue Beiträge

    Kürzlich veröffentlichte Micosoft Patches führen zu Fehlern

    +++ Update 18. Januar 2018 +++

    -> Neue Version SEP für MS Januar Patches ...

    ----------------------------------------------------------------------------------------------------------------------------

    Bitte die MS Patches nicht auf SEP < 12.1 RU6 MP6 installieren!

    +++ Update 11. Januar 2018 +++


    Am 17. Januar wird es voraussichtlich eine neue Version SEP 14 geben. Diesen Hotfix wird es für folgende Versionen geben:
    • 12.1 RU6 MP9
    • 14 MP2
    • 14 RU1
    • 14 RU1 MP1



    Wir empfehlen daher allen Kunden auf eine der o. a. Versionen zu aktualisieren. Am einfachsten geht das über den SEP Manager, siehe niwis How-To: Migration von SEP Manager und Clients auf eine neuere Version.

    -> Released versions of Symantec Endpoint Protection ...

    -> Symantec Endpoint Protection 12.1.6 MP9 client-only patches ...

    --------------------------------------------------------------------------------------------------------------------------------------

    Für die ersten Exploits stehen die Virensignaturen vom 05. Januar 2018 Rev 002 zur Verfügung.

    Zusammenfassende Infos auch bei Symantec:
    Meltdown and Spectre: Are Symantec Products Affected?

    --------------------------------------------------------------------------------------------------------------------------------------

    Please be aware of the following 2 issues:

    1. SEP 12.1.x has a compatibility issue with the Windows Security Update released on January 3rd, 2018, which can result in a Symantec Endpoint Protection client service (ccSvcHst.exe) crash and the inability to recover itself.

    ccSvcHst.exe crash after applying the January 3rd, 2018 Windows Security Update to a system running SEP 12.1.x

    http://www.symantec.com/docs/TECH248558

    Symantec Development is actively investigating the issue.

    Symantec recommends to hold off on applying the Windows Security Update released on January 3rd, 2018 for any SEP 12.1.x clients until further notice.

    2. SEP 14.0.x on Windows 10 and Windows 2016 may report a warning in the system tray stating "There are multiple problems (2)".

    Endpoint Protection system tray icon reports there are multiple errors after updating ERASER to 117.3.0 and Microsoft Update KB4056892

    http://www.symantec.com/docs/TECH248552
    Zuletzt geändert von uspange; 18.01.2018, 07:35.

    #2
    siehe auch niwis Beitrag "Meltdown und Spectre Infos"

    +++ Update 08. Januar 2018 +++

    Dear Customer,

    after applying the out-of-band Microsoft Update, we had some customers who reports about problems in combination of SEP 12.1 client + ERASER Engine update + Microsoft patch applied.
    We have investigate into this issue where the customer was willing to help us with a support case and can provide the following information.

    The issues that can be experienced are as follows:

    SEP 12.1 RU6 MP5 and earlier: In some cases, after applying the Windows patch, users will see ccSvcHst.exe crashes referencing sfman.plg.
    This issue is described in following KB article

    ccSvcHst.exe crash after applying the January 3rd, 2018 Windows Security Update to a system running SEP 12.1.x
    http://www.symantec.com/docs/TECH248558

    If you are running a SEP 12.1 version prior to SEP 12.1 RU6 MP6, you can use Client-Only patches to maintain your current installation of SEP 12.1 without changing the features or settings.
    A Reboot is required!

    Symantec Endpoint Protection 12.1.6 MP9 client-only patches
    INFO4660 November 1st, 2017 http://www.symantec.com/docs/INFO4660

    If you combine it within an SCCM or Third-Party-Deployment solution like Altiris Install Task, you can do it in combination with the installation of the Microsoft patch.

    Task Sequence:
    1. Update SEP 12.1 client to SEP 12.1 RU6 MP9
    2. REBOOT
    3. INSTALL Microsoft patch
    4. REBOOT


    Symantec Client Only patches are small delta install packages to update a SEP client to the latest available on.

    Released versions of Symantec Endpoint Protection
    TECH154475 January 4th, 2018 http://www.symantec.com/docs/TECH154475

    SEP 12.1 RU6 MP6 and later / SEP 14.0 (all builds): After applying the Windows patch, users will see that the SEP system tray icon display that there is a malfunction. However, all components show as OK when opening the UI.
    This issue is described in following KB article

    Endpoint Protection system tray icon reports there are multiple errors after applying Windows Security Updates from 1/3/2018
    http://www.symantec.com/docs/TECH248552


    At this time, these issues do not appear to actually be related to the ERASER update. However, the ERASER update is required to receive the Windows patch through normal channels.

    We expect to receive additional guidance from development going forward for additional guidance on how to proceed with each issue. The KB articles will be updated as new information is made available.

    Detection Available:
    Until the issue with SEP 12.1/14.0 have been fixed and you could apply the patch, we have investigate and created a signatures to protect against first seen attempts to use the Spectre vulnerability.

    Exp.CVE-2017-5753
    https://www.symantec.com/security_re...010508-3826-99

    Antivirus Protection Dates
    Initial Rapid Release version January 4, 2018 revision 022
    Latest Rapid Release version January 4, 2018 revision 022
    Initial Daily Certified version January 5, 2018 revision 002
    Latest Daily Certified version January 5, 2018 revision 002
    Initial Weekly Certified release date January 10, 2018

    We’re continuing to evaluate the situation for potential solutions.
    Zuletzt geändert von uspange; 08.01.2018, 07:29.

    Kommentar


      #3
      Danke. Hab ich auch gelesen, Irritiert hat mich hier, dass auch in Symdiag Probleme angezeigt wurden. Sollte aber durch die neue Version welche vermutlich morgen erscheint gelöst sein.

      Kommentar

      Lädt...
      X