CVE-2018-12245 : What You Need to Know

Symantec Endpoint Protection versions earlier than 14.2 MP1 have a vulnerability related to DLL Preloading. This exploit occurs during the installation process, affecting only the Trialware media. Learn about the impact, technical details, and mitigation steps.

Understanding CVE-2018-12245

Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which occurs when an application unknowingly loads a DLL file from a potential attacker. This exploit is specific to the installation phase and has been addressed for Trialware media.

What is CVE-2018-12245?

Vulnerability related to DLL Preloading in Symantec Endpoint Protection versions prior to 14.2 MP1
Exploit occurs during the installation process

The Impact of CVE-2018-12245

Symantec Endpoint Protection Trialware media was affected by this vulnerability, but it has been patched. The exploit only affects the installation phase, requiring no action for already installed software.

Technical Details of CVE-2018-12245

Symantec Endpoint Protection versions earlier than 14.2 MP1 are vulnerable to DLL Preloading.

Vulnerability Description

DLL Preloading vulnerability in Symantec Endpoint Protection
Occurs during the installation process

Affected Systems and Versions

Product: Symantec Endpoint Protection (SEP)
Vendor: Symantec Corporation
Affected Version: Prior to 14.2 MP1

Exploitation Mechanism

Exploit happens when an application unknowingly loads a DLL file from a potential attacker

Mitigation and Prevention

Immediate Steps to Take:

Ensure Symantec Endpoint Protection is updated to version 14.2 MP1 or later

Long-Term Security Practices:

Regularly update security software to the latest versions
Implement secure installation procedures

Patching and Updates:

Symantec has released patches to address the DLL Preloading vulnerability in affected versions of Endpoint Protection.