AVG 8.5 vuln - updates available
FYI...
AVG 8.5 vuln - updates available
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1784
Last revised: 05/26/2009
CVSS v2 Base Score: 10.0 (HIGH)
- http://xforce.iss.net/xforce/xfdb/50426
... Platforms Affected:
* AVG, AVG Anti-Virus 6.0.710
* AVG, AVG Anti-Virus 7.0
* AVG, AVG Anti-Virus 7.0.251
* AVG, AVG Anti-Virus 7.0.323
* AVG, AVG Anti-Virus 7.1.308
* AVG, AVG Anti-Virus 7.1.407
* AVG, AVG Anti-Virus 7.5.448
* AVG, AVG Anti-Virus 7.5.476
* AVG, AVG Anti-Virus 8.0
* AVG, AVG Anti-Virus 8.0.156
Remedy: Upgrade to the latest version of AVG (8.5 build 323 or later), available from the AVG Web site...
Program update AVG 8.5.323 SP1
- http://www.avg.com/223363
... Fixes
• Core: Fixed problem with crash while scanning PDF files.
• Core: Fixed occasional crash of scanning engine.
• Core: Fixed problem of crash while healing Mozilla Firefox 3 cookies.
• Core: Fixed problem with processing slowdown during Resident Shield scanning LNK files.
• Core: Fixed problem with ZoneAlarm incompatibility.
• Core: Fixed problem with missed detection in corrupted *.cab and *.zip archives (thanks to Thierry Zoller)...
:fear:
McAfee false positive/sporadic...
FYI...
McAfee false positive...
- http://www.theregister.co.uk/2009/06..._update_snafu/
9 June 2009 - "A recent McAfee service pack led to systems being rendered unbootable, according to posts on the security giant's support forums. The mandatory service pack for McAfee's corporate Virus scanning product, VSE 8.7, was designed to address minor security bugs but instead tagged windows system files as malware. The software update was issued on 27 May and pulled on 2 June, after problems occurred. Users were advised to keep the patch if they'd already installed it in a low-key announcement on McAfee's knowledge base*. Posts on McAfee's support forum** paint a different picture of PCs and server left unbootable after the update had automatically deleted Windows systems files wrongly identified as potentially malign..."
* https://kc.mcafee.com/corporate/inde...ent&id=KB65943
June 08, 2009
** http://community.mcafee.com/showthread.php?t=231060
:fear::oops::sad:
F-secure - Mail relay vuln - update available
FYI...
F-secure - Mail relay vuln - update available
- http://www.f-secure.com/en_EMEA/supp...sc-2009-2.html
2009-06-16 - "...Specially crafted messages may be used to bypass mail relay restrictions.
Mitigating factors:
* The issue only affects systems where the SMTP Turbo module is used for mail distribution.
* Incorrectly relayed messages still pass through spam filtering, which decreases the vulnerability’s usefulness for spam relaying.
Affected platforms: All supported platforms
Products: F-Secure Messaging Security Gateway 5.5.x...
- http://secunia.com/advisories/35475/2/
Release Date: 2009-06-16
Critical: Moderately critical
Impact: Security Bypass
Where: From remote
Solution Status: Vendor Patch
OS: F-Secure Messaging Security Gateway P-Series, F-Secure Messaging Security Gateway X-Series...
Solution: The vendor has fixed the vulnerability in patch 739, delivered automatically to affected systems. Approve the installation of patch 739 for systems not configured for automatic patch installation...
:fear:
ClamAV vuln - update available
FYI...
ClamAV CAB/RAR/ZIP vuln - update available
- http://www.securityfocus.com/bid/35426/info
Published: Jun 18 2009
Updated: Jun 19 2009
"... Versions prior to ClamAV 0.95.2 are vulnerable..."
- http://www.clamav.net/
"Latest ClamAV® stable release is: 0.95.2 ..."
- http://www.clamav.net/download/sources
:fear::fear:
McAfee false-positive glitch...
FYI...
McAfee false-positive glitch...
- http://www.theregister.co.uk/2009/07...sitive_glitch/
3 July 2009 22:48 GMT - "IT admins across the globe are letting out a collective groan after servers and PCs running McAfee VirusScan were brought down when the anti-virus program attack their core system files. In some cases, this caused the machines to display the dreaded BSOD. Details are still coming in, but forums here* and here** show that it's affecting McAfee customers in Germany, Italy, and elsewhere... Based on anecdotes, the glitch appears to be caused when older VirusScan engines install DAT 5664..."
* http://forums.mcafeehelp.com/showthread.php?p=569669
** http://forums.mcafeehelp.com/showthread.php?t=231904
- http://www.eweek.com/index2.php?opti...ge=0&hide_js=1
2009-07-06 - "... On July 3, McAfee users running old versions of the VirusScan engine found themselves facing false positives after downloading a DAT file that labeled legitimate programs as malware. According to McAfee support forums, the glitch led to authorized programs being quarantined, and in some cases brought about the infamous "blue screen of death"... A McAfee spokesperson said the incorrect identification was resolved in the daily release, and stressed that customers running the most current software were not affected... According to McAfee, customers running Version 5200 or newer were not impacted by the problem. The most current versions are VirusScan Enterprise 8.7 and scanning engine 5301... "
:confused::fear:
Kaspersky vulns - update available
FYI...
Kaspersky Anti-Virus / Kaspersky Internet Security 2010
Critical Fix 1 (version 9.0.0.463)
- http://www.kaspersky.com/technews?id=203038755
07.23.2009
"FIXES:
1. Problem with system instability after long period of program operation has been fixed.
2. Error causing BSOD while updating the emulator driver has been fixed.
3. Pop-up message in the URL checking module has been fixed (for the Spanish version).
4. Problem with pausing the scan task while third party programs are running in full-screen mode has been fixed.
5. Problem with the update task freezing at system startup has been fixed.
6. Vulnerability that allowed disabling of computer protection using an external script has been eliminated.
7. Driver crash in rare cases while processing a write operation has been fixed.
8. Crash while processing data incompliant with the protocol of Mail.Ru Agent has been fixed.
Download Here..."
:fear:
Vista AV tests - August 2009 - VB100
FYI...
- http://www.theregister.co.uk/2009/08...i_virus_tests/
6 August 2009 - "Security vendors including CA and Symantec failed to secure Windows systems without fault in recent independent tests. Twelve of the 35 anti-virus products put through their paces by independent security certification body Virus Bulletin failed to make the grade for one reason or another and therefore failed to achieve the VB100 certification standard. The main faults were either a failure to detect a threat known to be in circulation (one particularly tricky polymorphic file infector caused the most grief in this area) or creating a false alarm about a file known to be benign. Virus Bulletin's VB100 tests benchmarks the performance of a vendor submitted anti-virus product against a set of malware from the WildList, a list of viruses known to be circulating. To gain VB100 certification, a security product must correctly detect all of these malware strains without blowing the whistle when scanning a batch of clean files. Vendors only get one run at passing the tests, which are conducted free of charge to security software manufacturers... The results of the August 2009 VB100 review can be seen here* (free registration required)... Virus Bulletin recently began assessing the reactive and proactive detection abilities of anti-virus products alongside the long-established VB100 tests. The new tests are a reflection that the malware landscape has changed radically over recent years, with greater malware volumes and targeted attacks... overall performance of security products in proactively detecting malware was "disappointingly low" in several cases (see chart here**). "We saw some particularly poor detection of emerging threats and the products in question have a lot of work to do if they are to provide acceptable protection for their customers...."
* http://www.virusbtn.com/vb100/archive/2009/08
** http://www.virusbtn.com/vb100/RAP/RA...-Feb-Aug09.jpg
:fear:
Sophos SAVScan vuln - updates available
FYI...
Sophos SAVScan vuln - updates available
- http://web.nvd.nist.gov/view/vuln/de...=CVE-2008-6904
Last revised: 08/07/2009
CVSS v2 Base Score: 10.0 (HIGH)
> http://www.sophos.com/support/knowle...cle/50611.html
"... The vulnerability has been removed from all versions of Sophos Anti-Virus running the virus engine, version 2.82.1 and above...
1. Check that you have the latest version of Sophos Anti-Virus on your computers.
2. If necessary update to ensure you have virus engine version 2.82.1 or above..."
:fear: