Sign in / up

back to article Symantec warns of serious security holes – in Symantec security kit

Symantec is advising users of its Endpoint Protection (SEP) software to update their systems, after three vulnerabilities were reported in the computer defense tools. Two of the bugs – a cross-site scripting (XSS) flaw, and a SQL injection vulnerability – are in the SEP Management Console, a web-based portal you can log into …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. JeffyPoooh
    Pint

    Idiots

    A special place in Hell awaits them.

    1 2 Reply
    1. allthecoolshortnamesweretaken
      Reply Icon

      Re: Idiots

      Just to clarify - for being idiots or for being with Symantec?

      2 0 Reply
      1. Robert Helpmann??
        Reply Icon
        Childcatcher

        Re: Idiots

        For being idiots or for being with Symantec?

        Yes!

        The XSS flaw is not surprising as it is a common issue for web sites and not Symantec's area of expertise. The question I would raise is why they would want their security management console to run in a browser (the most commonly targeted attack surface on workstations). Points off for saying all the other kids are doing it.

        1 0 Reply
      2. JeffyPoooh
        Reply Icon
        Pint

        Re: Idiots

        @atcsnwt

        Symantec themselves.

        Their customers are already there.

        1 0 Reply
  2. CrazyOldCatMan Silver badge

    SEP

    I keep reading that as "Someone Elses Problem". Which, thankfully, it is as we don't allow Symantec to pollute our servers..

    1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like