145 replies to this topic

[AplusWebMaster]

FYI...

Trend Micro OfficeScan multiple vulns - update available
- http://secunia.com/advisories/32097/
Release Date: 2008-10-02
Critical: Moderately critical
Impact: Exposure of sensitive information, DoS, System access
Where: From remote
Solution Status: Vendor Patch
Software: Trend Micro OfficeScan Corporate Edition 8.x
...The vulnerabilities are reported in Trend Micro OfficeScan 8.0.
Solution: Apply patches.
Trend Micro OfficeScan 8.0 Service Pack 1:
http://www.trendmicr...Patch_B2439.exe
Trend Micro OfficeScan 8.0 Service Pack 1 Patch 1:
http://www.trendmicr...lPatch_3087.exe
Original Advisory: ...Trend Micro:
http://www.trendmicr...2439_Readme.txt
http://www.trendmicr...3087_Readme.txt

[AplusWebMaster]

FYI...

F-Secure vuln - update available
- http://secunia.com/advisories/32352/
Release Date: 2008-10-21
Critical: Highly critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch
Solution: Apply patches (please see the vendor's advisory for details).
Original Advisory: FSC-2008-3:
http://www.f-secure....sc-2008-3.shtml ...

- http://web.nvd.nist....d=CVE-2008-6085

Edited by AplusWebMaster, 09 February 2009 - 11:20 AM.

[AplusWebMaster]

FYI...

McAfee update classifies Vista component as a Trojan
- http://www.theregist...an_false_alert/
21 October 2008 - "McAfee has fixed an update glitch that wrongly slapped a Trojan classification on components of Microsoft Vista. As a result of a misfiring update, published on Monday, the Windows Vista console IME executable was treated as a password-stealing Trojan. Depending on their setup, McAfee users applying would have typically found the component either quarantined or deleted. The antivirus firm fixed the glitch with a definition update on Tuesday that recognised the difference between the Vista component and malware, as explained in a write-up by McAfee here*. False positives with virus signature updates are a perennial problem for antivirus vendors, and the latest glitch is far from the first such occurrence to befall McAfee. Only two months ago in August McAfee wrongly categorised a plug-in for Microsoft Office Live Meeting as a Trojan."
* http://us.mcafee.com...;virus_k=100683

AVG flags ZoneAlarm as malware
- http://news.cnet.com...0067148-83.html
October 15, 2008 - "Grisoft, makers of AVG antivirus, on Wednesday released a new update addressing a false positive in another security product. On Tuesday, AVG users reported desktops warnings that their desktop was infected with something called Trojan Agent r.CX... The ZoneAlarm user forum soon filled with concerned users... Laura Yecies, vice president and general manager of Check Point's ZoneAlarm consumer division said, "as soon as Check Point learned that AVG's recent antivirus update was mistakenly flagging a ZoneAlarm file as a virus, we contacted AVG and they issued an update within hours that corrected the problem. AVG users will automatically get the update that corrects the issue." In July, Grisoft modified its free AVG 8 due to complaints about a proactive scanning of a Web site feature. The feature that had been enabled in the paid version of the product did not scale with the free release causing spikes in Web traffic."
- http://www.theregist...an_false_alarm/
16 October 2008 - "...The mis-firing AVG definition file tagged components of ZoneAlarm as infected with the Agent_r.CX Trojan horse and quarantined important files. As a result users running the popular antivirus package alongside security suite software from Check Point were left with a malfunctioning firewall, mystery infection reports and an inability to re-install their ZoneAlarm software..."

Edited by AplusWebMaster, 21 October 2008 - 04:20 PM.

[AplusWebMaster]

FYI...

Trend Micro OfficeScan vuln - update available
- http://secunia.com/advisories/32005/
Release Date: 2008-10-22
Critical: Moderately critical
Impact: System access
Where: From local network
Solution Status: Vendor Patch
Software: Trend Micro OfficeScan Corporate Edition 7.x, Trend Micro OfficeScan Corporate Edition 8.x...
Solution: Apply patches.
Trend Micro OfficeScan 8.0 SP1 Patch 1:
http://www.trendmicr...Patch_B3110.exe
Trend Micro OfficeScan 7.3:
http://www.trendmicr...Patch_B1374.exe ...
Trend Micro:
http://www.trendmicr...3110_readme.txt
http://www.trendmicr...1374_readme.txt ...

- http://www.us-cert.g..._critical_patch
October 22, 2008

[AplusWebMaster]

FYI...

ClamAV vuln - update available
- http://secunia.com/advisories/32663/
Release Date: 2008-11-10
Critical: Moderately critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch...
Solution: Update to version 0.94.1.
> http://sourceforge.n...;group_id=86638
Download:
- http://www.clamav.net/download/sources
Changelog:
- http://svn.clamav.ne...trunk/ChangeLog

Also see: ClamWin Free Antivirus 0.94.1 released
- http://www.clamwin.c...ent/view/205/1/
Download:
- http://www.clamwin.c...ent/view/18/46/
Version 0.94.1; 24.5MB

- http://web.nvd.nist....d=CVE-2008-5050

Edited by AplusWebMaster, 17 November 2008 - 12:29 PM.

[AplusWebMaster]

FYI...

ClamAV vuln - update available
- http://secunia.com/advisories/32926/
Release Date: 2008-12-02
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Clam AntiVirus (clamav) 0.x
...The vulnerability is reported in versions prior to 0.94.2.
Solution: Update to version 0.94.2.
Original Advisory: ClamAV:
http://sourceforge.n...lease_id=643134

Download:
- http://www.clamav.net/download/sources
"...Latest stable release: ClamAV 0.94.2..."

Changelog:
- http://svn.clamav.ne...trunk/ChangeLog

[AplusWebMaster]

FYI...

ESET Smart Security vuln - update available
- http://secunia.com/advisories/33210/
Release Date: 2008-12-19
Critical: Less critical
Impact: Privilege escalation
Where: Local system
Solution Status: Vendor Patch
Software: ESET Smart Security 3.x
...The vulnerability is confirmed in version 3.0.672. Other versions prior to 3.0.684 may also be affected...
Solution: Update to version 3.0.684...
- http://www.eset.com/...o...13&Itemid=5
• stability and security fixes

[AplusWebMaster]

FYI...

Sophos AV vuln - update available
- http://secunia.com/advisories/33177/
Release Date: 2008-12-19
Critical: Moderately critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch...
...The vulnerability is caused due to an unspecified error when processing certain malformed CAB archives. This can be exploited to crash the application and may allow the execution of arbitrary code...
Solution: Fixed in the Sophos virus engine 2.82.1.
Original Advisory: Sophos:
http://www.sophos.co...icle/50611.html ...

[AplusWebMaster]

FYI...

Trend Micro HouseCall ActiveX vuln - update available
- http://secunia.com/advisories/31583/
Release Date: 2008-12-21
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Trend Micro HouseCall ActiveX Control 6.x, Trend Micro HouseCall Server 6.x
...Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in versions 6.51.0.1028 and 6.6.0.1278. Other versions may also be affected.
Solution: Remove the ActiveX control and install version 6.6.0.1285.
http://prerelease.tr...om/hc66/launch/

[AplusWebMaster]

FYI...

Avira Antivir vuln - update available
- http://secunia.com/advisories/33541/
Release Date: 2009-01-15
Critical: Moderately critical
Impact: DoS
Where: From remote
Solution Status: Vendor Patch
Software: Avira AntiVir Personal Edition Classic 7.x, 8.x, Premium 7.x, Premium 8.x,
Premium Security Suite 7.x, Server 6.x, UNIX MailGate 2.x, Workstation 7.x, 8.x,
Premium Security Suite 7.x
...The vulnerabilities are caused due to errors in the handling of RAR files. These can be exploited to crash an affected program via a specially crafted RAR archive.
Solution: Update the scanning engine to versions 7.9.0.54, 8.2.0.54, or later.
Original Advisory: Avira:
http://forum.avira.c...;threadID=81148 ...

[AplusWebMaster]

FYI...

F-Secure Anti-Virus Client Security hotfix
- http://support.f-sec...-hotfixes.shtml
Feb 17, 2009 - "Client Security Hotfix fsav744-06
F-Secure Client Security versions 7.12 * All supported platforms
...After having applied this hotfix, the product gains ability to handle USB-carried malware known under the following aliases: Downadup and Conficker.
Note: A reboot is not required after installing the hotfix..."

[AplusWebMaster]

FYI...

ClamAV multiple vulns - update available
- http://secunia.com/advisories/34566/
Release Date: 2009-04-03
Critical: Moderately critical
Impact: Security Bypass, DoS
Where: From remote
Solution Status: Vendor Patch
Software: Clam AntiVirus (clamav) 0.x ...
Solution: Update to version 0.95...
- http://www.clamav.net/download/sources

- http://svn.clamav.ne...trunk/ChangeLog

- http://web.nvd.nist....d=CVE-2009-1241
- http://web.nvd.nist....d=CVE-2009-1270
Last revised: 04/10/2009

Edited by AplusWebMaster, 13 April 2009 - 11:02 AM.
Added CVE refs...

[AplusWebMaster]

FYI...

Symantec Alert Management System 2 multiple vulns - SYM09-007
- http://preview.tinyurl.com/dngt55
April 28, 2009 Symantec Security Advisories:
Remote Access: Yes
Local Access: Yes...
"The version of Alert Management System 2 (AMS2) used by some versions of Symantec System Center, Symantec Antivirus Server, and Symantec AntiVirus Central Quarantine Server contains four vulnerabilities... (see) Affected Products table... Updates have been released to address these issues..."
- http://secunia.com/advisories/34856/2/
Release Date: 2009-04-29
Critical: Moderately critical
Impact: Privilege escalation, System access
Where: From local network
Solution Status: Vendor Patch
Software: Symantec AntiVirus Corporate Edition 10.x, Symantec AntiVirus Corporate Edition 9.x, Symantec Client Security 2.x, Symantec Client Security 3.x, Symantec Endpoint Protection 11.x...

- http://preview.tinyurl.com/cacnwe
Symantec Security Advisories
4/28/09 - Symantec Alert Management System 2 multiple vulnerabilities - SYM09-007
4/28/09 - Symantec Log Viewer JavaScript Injection Vulnerabilities - SYM09-006
4/28/09 - Symantec Reporting Server Improper URL Handling Exposure - SYM09-008

Edited by AplusWebMaster, 30 April 2009 - 09:35 PM.

[AplusWebMaster]

FYI...

McAfee Security Bulletin - VirusScan Engine update fixes bypasses
- https://kc.mcafee.co...ctp=LIST_RECENT
April 29, 2009
• Description
There is an issue with engine DAT versions where specially crafted archive files could cause a scanning process to miss files within the archive. These archives are corrupt, but still functional by some end user archive programs. This could allow malware to bypass a scanner on a gateway. Users utilizing on-access scanning on endpoint devices should not be affected, as the scanner will see the files after the archive is opened. An attack, even if it is successful at bypassing the gateway, will have no lasting effect on the endpoint running an on-access scanner, which is the default and recommended way of running our Anti-Virus products. Updating to the latest product version will resolve this issue.
• Remediation
Overview: Download appropriate DAT file 5600 or later.
Obtaining the Binaries: http://www.mcafee.co...updates/dat.asp
• Workaround
All users should enable On-Access-Scanning on all endpoint devices. This is the default setting after installation. By using On-Access-Scanning, endpoints will catch any threats that may pass on gateway devices. McAfee has long supported a defense-in-depth strategy that includes running antivirus software on multiple points of your network, including gateways, file servers, and especially endpoints...

[AplusWebMaster]

FYI...

F-Secure ZIP and RAR archives vulns
- http://secunia.com/advisories/35008/2/
Release Date: 2009-05-06
Critical: Not critical
Impact: Security Bypass
Where: From remote
Solution Status: Vendor Patch
Software: F-Secure Anti-Virus...
Solution: Apply patches. Please see the vendor's advisory for details...
Original Advisory: FSC-2009-1:
http://www.f-secure....fsc-2009-1.html ...
2009-05-06