145 replies to this topic

[AplusWebMaster]

FYI...

CA ActiveX vuln - update available
* http://secunia.com/advisories/43377/
Release Date: 2011-02-24
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch ...
Original Advisory: ZDI / CA (CA20110223-01):
http://www.zerodayin...ies/ZDI-11-093/

CA ActiveX vuln - update available
- http://secunia.com/advisories/43490/
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched ...
Solution: Set the kill-bit for the affected ActiveX control. Reportedly, the vendor will issue fix information soon.
For more information: SA43377*

- http://www.securityt....com/id/1025120
Updated: Feb 26 2011
___

- http://web.nvd.nist....d=CVE-2011-1036
Last revised: 03/11/2011
CVSS v2 Base Score: 8.8 (HIGH)

Edited by AplusWebMaster, 14 March 2011 - 01:35 PM.

[AplusWebMaster]

FYI...

F-Secure multiple vulns - update available
- http://secunia.com/advisories/43049/
Release Date: 2011-02-24
Impact: Cross Site Scripting, Exposure of system information, Exposure of sensitive information
Where: From remote...
Software: F-Secure Policy Manager 8.x, F-Secure Policy Manager 9.x
... The weakness and the vulnerability are confirmed in version 9.00.30231 and also reported in versions 8.00 and 8.1x.
Solution: Apply patches.
Original Advisory: F-Secure (FSC-2011-2):
http://www.f-secure....fsc-2011-2.html

- http://www.securityt....com/id/1025124
Feb 24 2011
___

- http://web.nvd.nist....d=CVE-2011-1102
- http://web.nvd.nist....d=CVE-2011-1103
Last revised: 03/11/2011
"... before hotfix 2, 8.1x before hotfix 3 on Windows and hotfix 2 on Linux, and 9.00 before hotfix 4 on Windows and hotfix 2 on Linux..."

Edited by AplusWebMaster, 14 March 2011 - 01:35 PM.

[AplusWebMaster]

FYI...

F-secure beta f/Macs false positive, fix available
- http://www.f-secure....s/00002121.html
March 15, 2011 - "The beta version of our Mac OSX software, F-Secure Mac Protection, had a serious false alarm last night. Database update 2011-03-14_03 caused several false alarms in clean files with detection names such as
Exploit:W32/NeosploitPDF.gen!A and Exploit:JS/Brooks.gen!A. The problematic update was removed after two hours. Beta users who received the update have seen some of their clean files moved to Trash. This problem only affected users of our Mac OSX beta version (Technology Preview). Our Windows and Linux products were not affected in any way... We have now released a tool that will restore the files back to their original locations. You can download the tool from here*."
* http://www.f-secure....mac/FSMACTP-01/
F-Secure Mac Protection Technology Preview advisory 15.3.2011...

Edited by AplusWebMaster, 15 March 2011 - 01:01 PM.

[AplusWebMaster]

FYI...

McAfee Firewall Reporter vuln - fix
- https://kc.mcafee.co...=...&id=SB10015
Security Bulletins ID: SB10015
Last Modified: April 11, 2011
This update fixes a bug that leverages an issue in the authentication sequence to allow unauthorized users access to the system...
> Remediation..."
(See the URL above.)

- http://www.securityt....com/id/1025314
Apr 11 2011
Version: prior to 5.1.0.13...

- http://secunia.com/advisories/44110/
Criticality level: Moderately critical
___

- http://www.theregist...ilter_screw_up/
6 April 2011 - "McAfee has apologised for a Sesame Street-style mix-up over the weekend that temporarily prevented any customers with addresses that start with the letter A from receiving email. The glitch... bounced emails sent to supported inboxes that began with an A or a non-alphanumeric special character (eg, @£$). In a statement, McAfee blamed a rogue script for the mix-up, which has now been resolved..."

Edited by AplusWebMaster, 12 April 2011 - 10:42 AM.

[AplusWebMaster]

FYI...

Avast! false positive - virus defs 110411-1 ...
- https://blog.avast.c...-defs-110411-1/
April 11 2011 - "Virus definition update 110411-1 contained an error that resulted in a good number of innocent sites being flagged as infected. Generally, all sites with a script in a specific format were affected... We sincerely apologize for the inconvenience..."

- http://news.cnet.com...0053085-83.html
April 12, 2011 - "... the update was downloaded by around 5 million users, mostly on the Western Hemisphere..."

"Some of the sites affected by this Avast false positive include Wikipedia, Yahoo, PCWorld, and Youtube..."
(Hat tip to cnm @ spywareinfoforum.com)*
* http://www.spywarein...post__p__744891

Edited by AplusWebMaster, 13 April 2011 - 09:38 AM.

[AplusWebMaster]

FYI...

CA ActiveX controls vuln...
- http://secunia.com/advisories/43681/
Release Date: 2011-04-21
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference: CVE-2011-1719
Solution: Apply APARs.
Original Advisory: CA:
https://support.ca.c...5-B2AF457B5364}
___

- http://www.securityt....com/id/1025423
CVE Reference: CVE-2011-1718
Apr 21 2011
- http://www.securityt....com/id/1025424
CVE Reference: CVE-2011-1719
Apr 21 2011

Edited by AplusWebMaster, 21 April 2011 - 05:19 AM.

[AplusWebMaster]

FYI...

McAfee - False Positive in DAT 6329...
- http://isc.sans.edu/...l?storyid=10783
Last Updated: 2011-04-28 12:26:24 UTC - McAfee Labs have issued an alert that McAfee VirusScan DAT file 6329 is returning a false positive for spsgui.exe. This is impacting SAP telephone connectivity functionality. McAfee... work around for the issue documented in KB71739:
https://kc.mcafee.co...=...&id=KB71739

[AplusWebMaster]

FYI...

Avira AV v10 SP2 released
- http://techblog.avir...antivir-v10/en/
June 28, 2011 - "... Service Pack 2 to all AntiVir v10 products today: Personal, Premium, Premium Security Suite, Professional and Server. Avira’s Service Pack 2 update will be made available as product update to all customers, paid and free in English and German. The other languages will follow in the next few weeks. Please make sure you have enabled Product Updates by choosing the first option in Configuration -> Update->Product Update...
... fixed many issues which our users reported
... improved the protection overall by enhancing the heuristic detection and the repair functionality
... enabled the protection of the product itself and that of the entire operating system by enabling automatically the advanced process protection which prevents malware to terminate the Avira processes and to change the registry keys of the system.
... antirootkits protection was enhanced in order to be able to detect new methods of hiding malware...
You must restart your system after SP2 is installed in order to use the new drivers. Please save your work to prevent any loss of data.
Please read here about how to prepare for the reboot if you are in a company: http://www.avira.com...detail?kbid=841
... and check this document for the default values http://www.avira.com...SP2_Prof_EN.pdf ...

... The SP2 brings also an optional toolbar to the users of the AntiVir Personal Free. If the user installs it, uses the toolbar and clicks on the links provided, Avira gets some money from the provider of the toolbar, the well-known search provider Ask .com... For more information about data collected, please read the Ask’s privacy policy available here:
http://sp.ask.com/en...t/privacy.shtml
Most visible innovations in the SP2: http://www.avira.com...etail/faqid/854
Release Information of SP2 at a glance: http://www.avira.com...etail/faqid/840.
Detailed information of the changes performed in the products by the SP2: http://www.avira.com...AV10_SP2_EN.pdf
How to install the new Avira Toolbar after updating to SP2: http://www.avira.com...etail/faqid/861
How to install the new Avira Toolbar later via setup: http://www.avira.com...etail/faqid/862
How to -remove- the Avira Toolbar: http://www.avira.com...etail?faqid=863

Update: Some of our users experienced that the online protection is inactive after the SP2 update. Please see here* how to fix it.
* http://www.avira.com...detail/kbid/566
___

- http://www.h-online....rs-1271030.html
30 June 2011

Edited by AplusWebMaster, 03 July 2011 - 03:18 AM.

[AplusWebMaster]

FYI...

CA Gateway v8.1 Security advisory...
- http://h-online.com/-1284003
22 July 2011 - "CA is warning of a critical vulnerability in its Gateway Security 8.1 business security solution that allows attackers to inject malicious code into systems... The company has provided a fix* for Gateway Security. Alternatively, users can upgrade to version 9.0. Users of Total Defense Suite r12 are also advised to take action quickly as the vulnerable version of Gateway Security is part of this security package."

* https://support.ca.c...s...&actionID=4
07/13/2011

CA20110720-01: Security Notice for CA Gateway Security and Total Defense
- https://support.ca.c...D-027D05B6285D}
July 20, 2011
Risk Rating: High
Platform: Windows
Affected Products: CA Gateway Security 8.1, CA Total Defense r12
Non-Affected Products: CA Gateway Security 9.0 ...
___

- http://secunia.com/advisories/45332/
Release Date: 2011-07-21
Criticality level: Moderately critical
... vulnerability is reported in versions prior to 8.1.0.69...

Edited by AplusWebMaster, 24 July 2011 - 05:44 AM.

[AplusWebMaster]

FYI...

ClamAV DoS vuln - update available
- http://secunia.com/advisories/45382/
Release Date: 2011-07-26
Criticality level: Moderately critical
Impact: DoS
Where: From remote...
Solution Status: Vendor Patch
... The vulnerability is reported in versions prior to 0.97.2.
Solution: Update to version 0.97.2.

- http://www.clamav.net/lang/en/
"... ClamAV 0.97.2 fixes problems with the bytecode engine, Safebrowsing
detection, hash matcher, and other minor issues. Please see the ChangeLog file for details..."
* http://git.clamav.ne...b=clamav-0.97.2

[AplusWebMaster]

FYI...

McAfee SaaS Endpoint v5.2.2 update released
- https://secunia.com/advisories/45506/
Release Date: 2011-08-09
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: McAfee SaaS Endpoint Protection 5.x
... The vulnerabilities are reported in versions 5.2.1 and prior.
Solution: Update to version 5.2.2...

- http://www.securityt....com/id/1025890
Aug 9 2011
Vendor URL: https://kc.mcafee.co...=...&id=SB10016

Edited by AplusWebMaster, 09 August 2011 - 06:33 AM.

[AplusWebMaster]

FYI...

Symantec - Veritas/NetBackup advisory
* http://www.symantec....uid=20110815_00
August 15, 2011- SYM11-010
Severity: High...

- http://www.symantec....p;id=TECH165536
Updated: 2011-08-15

- http://www.securityt....com/id/1025926
- http://www.securityt....com/id/1025927
Aug 15 2011

- https://secunia.com/advisories/45576/
Release Date: 2011-08-15
Criticality level: Moderately critical
Impact: System access
Where: From local network
Solution Status: Partial Fix*...

[AplusWebMaster]

FYI...

VB100 > RAP averages > Feb - August 2011
> http://www.virusbtn....0/rap-index.xml
___

Symantec Enterprise Vault multiple vuln - hotfix available
- https://secunia.com/advisories/45834/
Release Date: 2011-09-02
Criticality level: Highly critical
Impact: DoS, System access
Where: From remote
Solution Status: Vendor Patch
Software: Symantec Enterprise Vault 10.x, 8.x, 9.x
CVE Reference(s): CVE-2011-0794, CVE-2011-0808, CVE-2011-2264, CVE-2011-2267
...more information:
- https://secunia.com/advisories/44295/
- https://secunia.com/advisories/45297/
Solution: Apply hotfix.
Original Advisory: Symantec:
http://www.symantec....uid=20110901_00

Edited by AplusWebMaster, 05 September 2011 - 08:50 AM.

[AplusWebMaster]

FYI...

Symantec IM Manager multiple vulns - update available
- https://secunia.com/advisories/43157/
Release Date: 2011-09-30
Impact: Cross Site Scripting, System access
Where: From local network
... Successful exploitation of this vulnerability may allow execution of arbitrary code. The vulnerabilities are reported in version 8.4.17 and prior.
Solution: Update to version 8.4.18.
Original Advisory: Symantec:
http://www.symantec....uid=20110929_00
SYM11-012
September 29, 2011

- http://www.securityt....com/id/1026130
CVE Reference: CVE-2011-0552, CVE-2011-0553, CVE-2011-0554
Sep 30 2011

Edited by AplusWebMaster, 30 September 2011 - 10:34 PM.

[AplusWebMaster]

FYI...

MS flags Chrome as virus
- http://tech.slashdot...rome-as-a-virus
September 30, 2011 - "Reports poured in this morning that Microsoft's security products, namely Microsoft Security Essentials and Forefront Client Security, were flagging Google Chrome as a virus (PWS:Win32/Zbot) and removing the browser if users chose to clean and reboot their machines. Users reported that the only way to mitigate the problem was to set MSE and Forefront to 'always allow' Zbot, which is generally considered to be a bad idea... Microsoft has now pushed another update* to resolve the issue..."
* http://www.microsoft...79#summary_link
September 30th, 2011
___

- https://isc.sans.edu...l?storyid=11701
Last Updated: 2011-09-30 19:19:10 UTC

Edited by AplusWebMaster, 30 September 2011 - 02:22 PM.