Updating symantec antivirus
These malformed PE files do not require any user interaction to trigger the parsing of the malformed files, but they can be received through email, downloading a document or application or by visiting a malicious web site.
Scheduled are used to configure the antivirus software to update in a timeframe where Deep Freeze will not be protecting the workstations. Select Batch File in the Task Type drop down and click Add. Name the event “Symantec Antivirus” in the Name field. Select the frequency for the updates to occur in the Day drop down and set the start and end time for the event. The options “Allow User to Cancel Event”, “Shutdown after Maintenance”, and “Disable Keyboard and Mouse” can be enabled if desired. Next, select \"Enable users to manually run Live Update\" so that it is checked. Navigate to the following key using the left-hand tree list: \"HKEY_LOCAL_MACHINE\Software\Symantec\Symantec Endpoint Protection\Live Update\".Double-click the value \"Allow manual update\" and change it from \"0\" to \"1\". The Live Update feature will be enabled upon the reboot.Symantec released an update to its anti-virus engine (AVE) to repair a kernel-level flaw making the software susceptible to a memory access violation when parsing a specifically-crafted portable-executable (PE) header file.Symantec said the critical vulnerability, CVE-2016-2208, affected Symantec anti-virus engine version 2018.104.22.168.