Microsoft Security Advisory (2490606): Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution – Version: 2.0

Revision Note: V2.0 (February 8, 2011): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into public reports of this vulnerability. We have issued MS11-006 to addr…

Mail & Web Security – 2011 Projects

      No Comments on Mail & Web Security – 2011 Projects

I can’t believe we’re already one month in to the new year!  It has been a busy January for the Mail & Web Security business at Symantec, as we plan for a full slate of product releases in the coming months.  We have releases planned for all three of our Brightmail products, our web gateway solution, and our groupware products planned in 2011. We also have follow-on releases planned for our exciting new Next Generation Network Protection platform for service providers.

The threat landscape continues to evolve in dynamic and unexpected ways.  We saw a remarkable drop in spam levels right after Christmas when some major botnets stopped sending out spam for a few weeks.  The botnets did not go away, however, and we’ve seen spam bounce back in recent weeks.  Check out to see a clear illustration of this drop and recover, as well as a number of recent blog postings on threats.  Don’t forget our monthly State of Spam & Phishing Report, which is posted to And don’t forget our more general blog on the threat landscape from the Symantec Security Response team, posted here on Connect at

Stay tuned for some exciting announcements about our portfolio in the coming months.  If there any questions you would like us to tackle on this blog, please drop us a note in the comments below – we look forward to continuing the dialogue!

On behalf of the entire mail and web security product team at Symantec, I wanted to wish you all a very Happy New Year – we may be a bit late for the traditional New Year holiday, but we are just in time for the Chinese New Year – gong hay fat choy! 

Malicious Software Features Usama bin Laden Links to Ensnare Unsuspecting Computer Users

The Internet Crime Complaint Center (IC3) urges computer users to not open unsolicited (spam) e-mails, including clicking links contained within those messages. Even if the sender is familiar, the public should exercise due diligence. Computer owners must ensure they have up-to-date firewall and anti-virus software running on their machines to… Read more »

Microsoft Security Advisory (2458511): Vulnerability in Internet Explorer Could Allow Remote Code Execution – Version: 2.0

Revision Note: V2.0 (December 14, 2010): Advisory updated to reflect publication of security bulletin.
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-090 to ad…

Symantec Brightmail Gateway – Beta for 9.5 release

The Symantec Enterprise Security team is now accepting applications to participate in the Symantec Brightmail Gateway 9.5 Beta program. Symantec Brightmail Gateway is also part of the Symantec Protection Suites.

The beta process is a great way for participants to get an early look at exciting new features in our upcoming release, and also get direct access back to the product development team on product feedback.

The 9.5 release includes:

  • New Dispositions: New configurable verdicts for unwanted email categories allow customers to configure policies regarding marketing mail, newsletters, and email with suspicious URLs.
  • Enhanced Spam Scanning: Updates to the Brightmail Antispam Engine allow better scanning of text-based attachments for spam and malicious URLs.
  • Match Logging: Enhanced message audit logs capture matching policy, text, and message part for content filtering policies.
  • TLS Logging: Enhanced message audit logs track TLS delivery status, allowing confirmation of TLS delivery for auditing.
  • Enhanced Integration with Symantec Protection Center: Symantec Protection Center provides unified management across Symantec security products, including single sign-on, composition of product management within the Protection Center console, and unified reporting across multiple products.
  • Software Update: Improved software update process within the Control Center UI allows for staging of updates and rich logs and update status. Note that this enhancement will impact updates subsequent to the 9.5 release.
  • DRAC Support: Expanded support for Integrated Dell Remote Access Controller functionality in the Symantec 8360 and 8380 hardware appliances allows customers to remotely monitor and manage their hardware environment.
  • More Flexible Backup & Restore: Restore process has been enhanced to allow a backup to be restored to a separate instance while preserving network configuration, enabling easier appliance migration and disaster recover.
  • Expanded Localization in Spanish and French: Product configuration has been fully localized into Spanish and French, in addition to the existing translations into Japanese, Simplified and Traditional Chinese, and Korean.

Quality is one of the key Symantec deliverables and we strive to deliver a first class product with every release. So we want to get as much customer feedback as possible before we ship. By participating in this beta program, you can help to ensure this release is as successful as possible.

All participants must be members of the Customer Advisory Program, which is free to join for all customers entitled to support and maintenance.

Applying for the beta is simple, once you’ve registered for the CAP just complete the registration form at the following link.

This is a great opportunity to receive an early release in order to plan your implementation and provide us with feedback to ensure issues are prioritized. We hope you can join us as we prepare for this exciting product release!

Welcome to the new Mail & Web Security Blog!

      No Comments on Welcome to the new Mail & Web Security Blog!

Welcome to the new Mail & Web Security Blog!  Brightmail isn’t going away, but we wanted to expand our coverage to include news about our complete email and web security portfolio, including the Brightmail products (Brightmail Gateway, Brightmail Message Filter, and Brightmail Traffic Shaper), the Mail Security products (Mail Security for Microsoft Exchange and Mail Security for Domino), and Symantec Web Gateway.

In addition, Symantec’s messaging and web security products are core components of the Symantec Protection Suites.

Stay tuned for more updates, including an expanded cast of authors as we grow our coverage across a broader slice of the Symantec portfolio.

Microsoft Security Advisory (2416728): Vulnerability in ASP.NET Could Allow Information Disclosure – Version: 2.0

Revision Note: V2.0 (September 28, 2010): Advisory updated to reflect publication of security bulletin
Summary: Microsoft has completed the investigation into a public report of this vulnerability. We have issued MS10-070 to ad…

Microsoft Security Advisory (2401593): Vulnerability in Outlook Web Access Could Allow Elevation of Privilege – Version: 1.0

Revision Note: V1.0 (September 14, 2010): Advisory published.
Summary: Microsoft has completed the investigation of a publicly disclosed vulnerability in Outlook Web Access (OWA) that may affect Microsoft Exchange customers. An…

VBSpam Results

      No Comments on VBSpam Results

Virus Bulletin just published their September 2010 test results (, and Symantec Brightmail Gateway once against received a VBSpam designation – our 5th consecutive recognition. 

In this month’s test, Symantec Brightmail Gateway registered an effectiveness score of 99.64%, with 0 false positives!  It is great to see external validation for the premium that Symantec places on balancing very high effectiveness (over 99%) with accuracy (low false positives) in fighting spam.

You may be familiar with the Virus Bulletin name – Virus Bulletin is an independent third party that has been running comparative tests on antivirus technologies for over a decade.  Symantec’s antivirus engines have achieved over 40 VB100 awards during this time. 

Our team is thrilled with the latest results on the VBSpam testing. Symantec Brightmail Gateway is a core component of Symantec Protection Suite (Enterprise Edition and Advanced Business Edition), and is also available as a stand-alone enterprise product and the Symantec Brightmail Gateway Small Business Edition, for customers with fewer than 250 employees.

Messaging & Web Security at Symantec Vision 2010 in Barcelona

I can’t quite believe it’s September already, this year is flying by at a crazy pace.
This means that the Symantec Vision conference in EMEA has come around quickly too.

This year, we are at the CCIB in Barcelona, Spain, during the first week of October – Tuesday 5th through Thursday 7th.

Amongst the many, many sessions over the 3 day conference, there are a number of Mail & Web security sessions that you shouldn’t miss (not least because I’m co-presenting them smiley ), so in no particular order.

  1. Best Practices for Email Security.
  2. Anatomy of a Web Attack.
  3. Hands On Lab – Best Practices for installing and Configuring Symantec Brightmail Gateway.
  4. Hands On Lab – Best Practices for installing and Configuring Symantec Web Gateway.
  5. Deploying Symantec Protection Suite: Architecture and Best Practices.

Other interesting sessions in the messaging and web security realm:

  • The State of Spam
  • Cost of Email Security – Calculating your risks
  • Protecting against Botnets
  • Best Practices for installing and configuring Symantec Mail Security for Exchange
  • Running Security Operations with Symantec Protection Center

If you are joining us at EMEA Vision this year, what are you looking forward to most?

Be sure to let me know if you are coming along, there are going to be plenty of opportunities to talk to our product specialists, engineers, decision makers and of course to network with your peers.