Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: Mailbag: MS Patches / Symantec Vuln - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Mailbag: MS Patches / Symantec Vuln
Some readers reported 99% CPU eaten up by svchost.exe after they had applied the recent batch of MS updates. Cause and effect are not quite clear, but a common thread seems to be that MS recommend a look at KBID 927891 and some readers have also pointed us to the WSUS Blog where the same issue is mentioned.

Some of the retail user versions of Symantec AV come with an ActiveX component that can be exploited to allow remote code execution. More on Symantec's Website . According to the advisory, running the built-in "LiveUpdate" of the product should be sufficient to fix the vulnerability.
Daniel

367 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!