Symantec updates poison patches


Symantec updates poison patches

Antony Savvas

Symantec has issued updated patches to fix vulnerabilities in its security appliances discovered at the beginning of March.

Companies relying on older versions of Symantec security appliances are being targeted with Domain Name System (DNS) poisoning attacks, which cause their users to be directed to malicious websites when they try to access legitimate ones.

Symantec thought it had prevented the attacks with patches it previously released, but it now admits they were not as comprehensive as it first thought.

Customers who have older versions of Symantec’s Gateway Security Appliance or Enterprise Firewall are being urged to download the latest updates from the company’s website to block the DNS poisoning attacks.

If they do not, remote hackers may take advantage of vulnerabilities in their DNS server configuration to direct users to websites that can spread malware onto corporate desktops, such as viruses, adware and spyware.

The exploit sees legitimate web searches for trusted sites being turned into ones for untrusted sites. It does this by directing users to a different web IP address even though the correct domain has been typed in by users.

The DNS poisoning attacks have been reported and monitored by the SANS Institute's Internet Storm Centre.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy