CVE-2018-12238

Name of the Vulnerable Software and Affected Versions Norton versions prior to 22.15 Symantec Endpoint Protection (SEP) versions prior to 12.1.7454.7000 and 14.2 Symantec Endpoint Protection Small Business Edition (SEP SBE) versions prior to NIS-22.15.1.8 and SEP-12.1.7454.7000 Symantec Endpoint Protection Cloud (SEP Cloud) version prior to 22.15.1

Description The issue is related to an AV bypass, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses. The exploit looks to alter the file being scanned so it is not detected.

Recommendations For Norton versions prior to 22.15, update to version 22.15 or later. For Symantec Endpoint Protection (SEP) versions prior to 12.1.7454.7000 and 14.2, update to version 12.1.7454.7000 or 14.2 or later. For Symantec Endpoint Protection Small Business Edition (SEP SBE) versions prior to NIS-22.15.1.8 and SEP-12.1.7454.7000, update to version NIS-22.15.1.8 and SEP-12.1.7454.7000 or later. For Symantec Endpoint Protection Cloud (SEP Cloud) version prior to 22.15.1, update to version 22.15.1 or later.