Symantec Data Center Security: Server Advanced is susceptible to security issues in the management server and the agents that could enable unauthorized elevated access, bypassing security protection on agents, and potential unauthorized insertion of unauthorized code on agents.

To address the vulnerability mentioned in this security advisory, you must update your management server to the version released with the hotfixes mentioned below.

Additionally:

• If you are using only the detection feature on the agents, disable the Util service (sisipsutil) as a mitigation. Symantec recommends that you update the agents to the version released with the hotfixes mentioned below. You can enable the Util service after updating the agents.
  Note: The event viewer functionality does not work after you stop the Util service. 
• If you are using the prevention feature on the agent and have updated the policy packs provided with the below hotfixes, updating the agents is not mandatory.

The security issues listed in this advisory do not impact UNIX agents.

The SCSP 5.2.9 MP 6 HF2, DCS: Server Advanced 6.5 MP1 HF8, and DCS: Server Advanced 6.6 MP1 HF1 are available at:

• Symantec Critical System Protection v5.2.9 MP6 HF2
• Symantec Data Center Security: Server Advanced v6.5 MP1 HF8
• Symantec data Center Security: Server Advanced v6.6 MP1 HF1

As a best security practice, Symantec recommends that you update the Management Server, agents, and policies to the latest ones as soon as they are available to benefit from critical bug fixes and improvements in the areas of protection and monitoring.