Hello Everyone,
Symantec Endpoint Protection 12.1 Release Update 4 Maintenance Patch 1A (12.1.4104.4130 - 12.1 RU4 MP1a) English has been released and is now available for customers to download on FlexNet. This new SEPM release addresses the OpenSSL “Heart Bleed” vulnerability. Additional language versions will become available throughout the week.
Please refer to the following KB article for additional detail:
Is Symantec Endpoint Protection affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160)
- The new SEPM build is labeled RU4 MP1a with a version number of 12.1.4104.4130.
- This version of the SEPM is supported for migrations over any version of the SEPM (Customer does not need to update to RU4 prior to applying the MP1a)
- The only change from RU4 MP1 to RU4 MP1a is the updated version of OpenSSL.
- The packages directory of the SEPM will include the RU4 MP1 RTM build of SEP or SNAC depending on the CD Layout
- The Versions.txt will include the updated version information. Note: Due to the way this is generated, it will state the build number correctly, but the build number will also show an updated SEP client, which is not included.
- This is all noted in the KB article.
Once files are live, we will be updating the KB article with the availability information.
After successful migration to RU4 MP1a it's recommended to change administrator passwords. While we haven't had any reports of exploitation occurring, as an additional layer of security the customer may want to update the SEPM private key, as described in the KB “Responding to Symantec Endpoint Protection Manager certificate compromises”.