Page 3 of 6 FirstFirst 123456 LastLast
Results 21 to 30 of 56

Thread: Multiple AV vendor vulns / updates / issues

  1. #21
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation F-Secure 8 EOL ...

    FYI...

    F-Secure 8 EOL...
    - http://www.f-secure.com/weblog/archives/00002284.html
    December 21, 2011 - "... our legacy software is approaching its end-of-life (EOL)... antivirus updates for F-Secure 8-series software will end on January 1st, 2012..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #22
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation McAfee SaaS Endpoint Protection issues...

    FYI...

    McAfee SaaS Endpoint Protection - update
    - https://secunia.com/advisories/47520/
    Last Update: 2012-01-19
    Criticality level: Highly critical
    Impact: System access
    Where: From remote
    ... vulnerability is reported in version 5.2.0.603. Other versions may also be affected.
    Solution: ...

    - https://kc.mcafee.com/corporate/inde...ewlocale=en_US
    Security Bulletins ID: SB10018
    Last Modified: January 20, 2012
    Affected Software: McAfee SaaS Endpoint Protection 5.2.3 and earlier
    Description: This update fixes an issue in the Rumor technology utilized by McAfee’s SaaS Endpoint Protection. Rumor is a Peer-to-Peer technology used to allow several machines on a closed network to quickly distribute updates from a single network connection. The result of the misuse of the Rumor service is that an attacker could use an affected machine as a proxy. This can result in spam being sent as the machine acts similar to an “open relay”.
    Remediation: Ensure that your systems are online and available to recieve updates. Patches and other updates for SaaS Endpoint are automatically sent through a phased roll-out from the McAfee Network Operations Center (NOC). This patch is being sent on an expedited schedule and should be delivered to all endpoint systems before January 30, 2012..."

    - http://h-online.com/-1418006
    20 January 2012
    ___

    - http://www.theinquirer.net/inquirer/...tal-protection
    Jan 19 2012

    Last edited by AplusWebMaster; 2012-01-21 at 19:23.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #23
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Lightbulb MS AV flags Google.com as Malware...

    FYI...

    MS AV flags Google.com as Malware...
    - https://krebsonsecurity.com/2012/02/...om-as-malware/
    Feb0 14, 2012 9:29 pm - "Computers running Microsoft‘s antivirus and security software may be flagging google.com — the world’s most-visited Web site — as malicious, apparently due to a faulty Valentine’s Day security update shipped by Microsoft. Microsoft's antivirus software flagged google.com as bad. Not long after Microsoft released software security updates on Tuesday, the company’s Technet support forums lit up with complaints about Internet Explorer sounding the malware alarm when users visited google.com. The alerts appear to be the result of a “false positive” detection shipped to users of Microsoft’s antivirus and security products, most notably its Forefront technology and free “Security Essentials” antivirus software..."
    >> http://answers.microsoft.com/en-us/p...5-eeafdfdab469
    "... def. version 1.119.1988.0... Google is no longer detected as a virus. .."
    Latest MSE definition updates
    - https://www.microsoft.com/Security/p.../HowToMSE.aspx
    Latest antivirus definition version: 1.119.1998.0
    Released: Feb 15, 2012 05:30 AM UTC

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #24
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Unhappy ASLR to be mandatory - Firefox extensions

    FYI...

    ASLR to be mandatory - Firefox extensions
    - http://h-online.com/-1443131
    27 Feb 2012 - "A patch that was recently introduced to the Firefox repository is designed to make the browser more secure by forcing certain binary extensions to use ASLR (Address Space Layout Randomisation) under Windows. The Mozilla developers say that the change, which will prevent XPCOM (Cross Platform Component Object Module) component DLLs without ASLR from loading, should be included in Firefox 13 "if no unexpected problems arise". This could, for example, affect products from anti-virus firms Symantec and McAfee. As recently as last year, these products were noted installing DLLs (Dynamic Link Libraries) that were compiled without ASLR in the browser, enabling malware to predict with relative ease the memory addresses that are used for heap and stack areas by the DLLs. ASLR is designed to randomise all memory addresses, so that the program components in question will be placed in different locations each time they start..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #25
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Unhappy McAfee DAT trouble

    FYI...

    McAfee DAT trouble ...
    - https://isc.sans.edu/diary.html?storyid=13003
    Last Updated: 2012-04-16 21:11:18 UTC - "... McAfee has confirmed that incremental DAT 6682 may trigger message scan failures and a system crash in GroupShield Exchange (MSME), GroupShield Domino, and McAfee Email Gateway 7 (MEG). McAfee recommends that customers do NOT upload DAT 6682.
    More information will be available on the McAfee KnowledgeBase* ..."

    Issue with DAT 6682 and McAfee email products
    * https://kc.mcafee.com/corporate/inde...ent&id=KB70380
    Last Modified: April 24, 2012

    Last edited by AplusWebMaster; 2012-05-09 at 15:18.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #26
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation EMC DDoS vuln ...

    FYI...

    EMC DDoS vuln ...
    - http://www.securitytracker.com/id/1026956
    Date: Apr 20 2012
    CVE Reference:
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0406 - 7.8 (HIGH)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0407 - 5.0
    Impact: Denial of service via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): Server and Collector 5.5, 5.5 SP1, 5.6, 5.6 SP1, 5.7, 5.7 SP1, 5.8, 5.8 SP1
    Description: Two vulnerabilities were reported in EMC Data Protection Advisor. A remote user can cause denial of service conditions...
    Impact: A remote user can consume excessive CPU resources or cause a process crash on the target system.
    Solution: The vendor has issued a fix (Security Hotfix DPA-14718)...
    - http://www.emc.com/contact-us/contac...nse-center.htm
    1-866-438-3622

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #27
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Symantec False Positive - .xls files

    FYI...

    Symantec False Positive for signature Bloodhound.Exploit.459
    - https://isc.sans.edu/diary.html?storyid=13162
    Last Updated: 2012-05-08 17:30:11 UTC - "... false-positive alerts on .xls files..."

    > http://www.symantec.com/business/sup...&id=TECH188271
    Updated: 2012-05-10 - "... Rapid Release definitions are now available which resolve this behavior... Certified definitions Sequence Number: 134131 Extended Version: 5/8/2012 rev. 18..."

    Last edited by AplusWebMaster; 2012-05-11 at 01:06.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #28
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Avira update blocks Windows apps

    FYI...

    Avira update blocks Windows apps
    - http://news.cnet.com/8301-1009_3-574...-applications/
    May 15, 2012

    > https://www.avira.com/en/proactiv-application-blocking
    "Issue details: On May 14 and 15, 2012, following the release of Service Pack 0 (SP0) for Avira Version 2012, the ProActiv feature blocked legitimate Windows applications on customers’ PCs.
    Affected products: Avira Pro Security, Avira Internet Security 2012, Avira Antivirus Premium 2012
    We deeply regret any difficulties this has caused you. Thank you for your patience and understanding.
    If you still encounter the issue: In the unlikely event that applications continue to be blocked by ProActiv, please update your software as follows:
    Open the Avira Control Center.
    Click on Update › Start product update.
    No further steps are required.

    To Disable ProActiv in the future:
    Open the Avira Control Center.
    Press the "F8" button to open the Avira Configuration window.
    Enable the Expert Mode in the upper left corner.
    Open the following options in the PC Protection menu: "Realtime Protection › ProActiv".
    Disable the ProActiv component.
    Close the Avira Configuration window by clicking the OK button.
    Restart your computer.
    For step-by-step instructions, please see our knowledge base article*."

    * https://www.avira.com/en/support-for...tail/kbid/1257

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #29
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Symantec Endpoint Protection ...

    FYI...

    Symantec Endpoint Protection...
    - https://secunia.com/advisories/49248/
    Release Date: 2012-05-23
    Criticality level: Moderately critical
    Impact: Manipulation of data, System access
    Where: From local network
    CVE Reference(s):
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0289 - 7.2 (HIGH)
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0294 - 5.8
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-0295 - 9.3 (HIGH)
    ... vulnerability is reported in versions 12.1 prior to 12.1 RU1-MP1.
    Solution: Update to version 12.1 RU1-MP1...
    Original Advisory: SYM12-008:
    http://www.symantec.com/security_res...id=20120522_01

    - https://secunia.com/advisories/49221/
    Release Date: 2012-05-23
    CVE Reference(s):
    - http://web.nvd.nist.gov/view/vuln/de...=CVE-2012-1821 - 5.0
    ... vulnerability only affects applications running with Network Threat Protection module on Windows Server 2003 SP2 and prior... see the vendor's advisory for a list of affected versions.
    Solution: Update to version 11.0 RU7 MP2.
    Original Advisory: SYM12-007:
    http://www.symantec.com/security_res...id=20120522_00

    Last edited by AplusWebMaster; 2012-05-25 at 14:51.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #30
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Symantec message filter - multiple vulns

    FYI...

    Symantec message filter - multiple vulns
    - https://secunia.com/advisories/49727/
    Release Date: 2012-06-27
    Impact: Hijacking, Cross Site Scripting, Exposure of sensitive information
    Where: From remote...
    CVE Reference(s): CVE-2012-0300, CVE-2012-0301, CVE-2012-0302, CVE-2012-0303
    Original Advisory:
    - http://www.symantec.com/security_res...id=20120626_00

    Symantec Message Filter version 6.3.0 Patch 231
    * http://www.symantec.com/business/sup...&id=TECH191487
    Updated: 2012-06-27

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •