(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
[SECURITY] [DSA 3608-1] libreoffice security update
 
[SECURITY] [DSA 3609-1] tomcat8 security update
 

Googles Project Zero released details about a number ofcritical vulnerabilitiesin Symantecs Endpoint Protection prodoct [1]. The vulnerabilities allow for arbitrary code execution on systems with this product installed. Other Symantec products are affected as well , since the vulnerabilities affect the core scanning engine in Symantec Endpoint Protection.

Symantec has released updates, and given the details released by Google you should update as soon as possible. You will need to update the actual Symantec product, which is different from performing a signature update (the signature update happens automatically)

[1] http://googleprojectzero.blogspot.ca/2016/06/how-to-compromise-enterprise-endpoint.html

---
Johannes B. Ullrich, Ph.D.
STI|Twitter|LinkedIn

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
CVE-2016-4463: Apache Xerces-C XML Parser Crashes on Malformed DTD
 
Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Authentication Bypass API Vulnerability
 
Cisco Security Advisory: Cisco Prime Collaboration Provisioning Lightweight Directory Access Protocol Authentication Bypass Vulnerability
 
Cisco Security Advisory: Cisco Firepower System Software Static Credential Vulnerability
 
Symantec SEPM v12.1 Multiple Vulnerabilities
 
Internet Storm Center Infocon Status