back to article Symantec warns of serious security holes – in Symantec security kit

Symantec is advising users of its Endpoint Protection (SEP) software to update their systems, after three vulnerabilities were reported in the computer defense tools. Two of the bugs – a cross-site scripting (XSS) flaw, and a SQL injection vulnerability – are in the SEP Management Console, a web-based portal you can log into …

  1. JeffyPoooh
    Pint

    Idiots

    A special place in Hell awaits them.

    1. allthecoolshortnamesweretaken

      Re: Idiots

      Just to clarify - for being idiots or for being with Symantec?

      1. Robert Helpmann?? Silver badge
        Childcatcher

        Re: Idiots

        For being idiots or for being with Symantec?

        Yes!

        The XSS flaw is not surprising as it is a common issue for web sites and not Symantec's area of expertise. The question I would raise is why they would want their security management console to run in a browser (the most commonly targeted attack surface on workstations). Points off for saying all the other kids are doing it.

      2. JeffyPoooh
        Pint

        Re: Idiots

        @atcsnwt

        Symantec themselves.

        Their customers are already there.

  2. CrazyOldCatMan Silver badge

    SEP

    I keep reading that as "Someone Elses Problem". Which, thankfully, it is as we don't allow Symantec to pollute our servers..

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020