Vulnerability Definitions - Community - LANDesk

flameluxuriantΔιαχείριση Δεδομένων

16 Δεκ 2012 (πριν από 4 χρόνια και 7 μήνες)

322 εμφανίσεις




LANDesk
®

Security Review for the Week Ending
April

8
,

20
1
1

LANDesk
®

Patch Manager and Security
Suite (“LD
S
S”)
provide customers with the latest security and
application patches and updates for the most utilized software in your busi
ness. Maintaining a safe and
secure environment helps to avoid downtime that will affect employees and productivity. The following
items are the patch and update highlights from this past week.

Windows Content

Vulnerability Definitions





Vulnerability ID:

SKYPEv5.3.0.108

o

LANDesk Patch News Bulletin: Skype Version 5.3.0.108 is Available
08
-
APR
-
2011

o

https://developer.skype.com
/WindowsSkype/ReleaseNotes




Vulnerability ID:

FIREFOX3v3.5.18_ENU

o

LANDesk Patch News Bulletin: Mozilla has Released Firefox 3.5.18 07
-
APR
-
2011

o

http://www.mozilla.com/en
-
US/firefox/3.5.18/releasenotes/




Vulnerability ID:

2475891

o

LANDesk Patch News Bulletin: Microsoft has Released KB 2475891
Which is a

Hotfix for Office Outlook 2007 06
-
APR
-
2011

o

http://support.microsoft.com/kb/2475891




Vulnerability ID:

FINGER_PRINTv5.9.4.6882_WIN7

o

LANDesk Patch News Bulletin: Lenovo has Released ThinkVantage
Fingerprint Software for Windows 7 06
-
APR
-
2011

o

http://www
-
307.ibm.com/pc/support/site.wss/MIGR
-
73583.html




Vulnerabil
ity ID:

FINGER_PRINTv5.8.6.6874

o

LANDesk Patch News Bulletin: Lenovo has Released ThinkVantage
Fingerprint Software Version 5.8.6 06
-
APR
-
2011

o

http://www
-
307.ibm.com/pc/support/site.wss/MIGR
-
70064.html



Linux Content

Vulnerability Definitions


Redhat: 2 new vulnerabilities;

V_INTL_RHSA
-
2011
-
0391

V_INTL_RHSA
-
2011
-
0392



Sles: 16 new vulnerabilities;

V_INTL_dbgp3
-
apache2
-
mod_php5
-
7375

V_INTL_dbgp3
-
MozillaFirefox
-
7422

V_INTL_dbgp3
-
mozilla
-
xulrunner191
-
7423

V_INTL_dbgp3
-
quagga
-
7355

V_INTL_dbgp3
-
util
-
linux
-
and
-
fuse
-
201103
-
7362

V_INTL_patch
-
12685

V_INTL_patch
-
12691

V_INTL_slesp3
-
apache2
-
mod_php5
-
7375

V_INTL_sle
sp3
-
audiofile
-
7315

V_INTL_slesp3
-
evince
-
7346

V_INTL_slesp3
-
java
-
1_5_0
-
ibm
-
7388

V_INTL_slesp3
-
MozillaFirefox
-
7422

V_INTL_slesp3
-
mozilla
-
xulrunner191
-
7423

V_INTL_slesp3
-
postgresql
-
7341

V_INTL_slesp3
-
quagga
-
7355

V_INTL_slesp3
-
util
-
linux
-
and
-
fuse
-
201103
-
7362



Solaris: 3 new vulnerabilities and 14 changed vulnerabilities;

V_INTL_143599 (New)

V_INTL_146769 (New)

V_INTL_146773 (New)

V_INTL_109035

V_INTL_119313

V_INTL_119314

V_INTL_124630

V_INTL_124631

V_INTL_127411

V_INTL_127413

V_INTL_143561

V_INTL_143562

V_INTL_143592

V_INTL_143593

V_INTL_144488

V_INTL_144489

V_INTL_145796


Spyware Updates

Definitions


A new spyware engine has been made available for LANDesk
customers. This update adds support for the Windows Server 2008 R2 platform.
Improved detection capabilities have also been added to prevent certain types of
false positives. This update for LDMS/LDSS 9.0 SP2 is available through LANDesk
Customer Support in the April 2011 MCP release.
Please see the LANDesk Tips
section at the end

of this document for details on the LANDesk MCP Process.



Vulnerability ID:

LD
-
Spyware
-
54177
-
884

o

LANDesk Patch News Bulletin: An Updated Spyware Engine is
Available for Download for LDMS/LDS
S 8.8 SP4 06
-
APR
-
2011




Core.aawdef Version
C
ORE
.149.0670
.
A
AWDEF

-

C
ORE
.149.0671
.

A
AWDEF

-

Incremental Update

o

LANDesk Patch News Bulletin: Updated Spyware Definitions
Core.Aawdef 149.0670
-

Core.Aawdef 149.0671 are Available 07
-
APR
-
2011

o

Community.LANDesk.com




Core.aawdef Version
CORE.149.0661.AAWDEF

-

CORE.149.0669.AAWDEF

-

Incremental Update

o

LANDesk Patch News Bulletin: Updated Spyware Definitions
Core.Aawdef 149.0661
-

Core.Aawdef 149.0669 and GenoCode are
Available 06
-
APR
-
2011

o

Community.LANDesk.com



Work in Progress/Coming Soon

Microsoft has releases its advanced notification for its April 2011 Patch Tuesday.
Currently, there are 15 bulletins that are scheduled for release. Affected products
include Windows OSes, Microsoft Office for bo
th MS and Mac, Developer Tools, and
MS Server. See the LANDesk bulletin below for additional details.




Microsoft Advance Notification for April 2011 Patch Tuesday

o

LANDesk Patch News Bulletin
: Microsoft Security Bulletin Advance
Notification for April 2011

o

http://www.microsoft.com/technet/security/bulletin/ms11
-
apr.mspx


LANDesk
®

Tips

Helping to bring balance to t
he patching force…LANDesk changes the patching
paradigm for keeping up to date…




LANDesk has recently changed its patching model from a hot patch model
to a component patching model.


In the previous patching model occasional
dependency issues between vari
ous patches would be experienced, fixing the
initially reported problem but causing some other unforeseen

issues.


Another reason for this change is to provide our customers with
predictable and publicly available patches.

Please see the following links fo
r
details:

o

LANDesk Management Suite Patching Methodology Change

o

LANDesk Management Suite 9.0 Monthly Component Patches


Wh
ere to Send Feedback

At LANDesk, we are constantly striving to improve our products and services and hope
you find these changes reflective of our ongoing commitment to listen to you
-
our
partners and customers
-
in providing the best possible solutions to me
et your needs now
and in the future. Please continue to provide feedback by contacting our local support
organization.

Best regards,

LANDesk Product Support

Copyright © 20
11

LANDesk Software. All rights reserved. LANDesk is either a
registered trademark o
r trademark of LANDesk Software, Ltd. or its affiliated entities in
the United States and/or other countries. Other names or brands may be claimed as the
property of others.

Information in this document is provided for information purposes only. The
inform
ation presented here is subject to change without notice. This information is not
warranted to be error
-
free, nor subject to any other warranties or conditions, whether
expressed orally or implied in law, including any implied warranties and conditions of
merchantability or fitness for a particular purpose. LANDesk disclaims any liability with
respect to this document and LANDesk has no responsibility or liability for any third
party products of any content contained on any site referenced herein. This docu
ment
may not be reproduced or transmitted in any form or by any means, electronic or
mechanical, for any purpose, without our prior written permission. For the most current
product information, please visit
http://www
.landesk.com
.