Weekly Security Review Jan25-29.doc - LANDesk User Community ...

mexicanmorningΔιαχείριση Δεδομένων

16 Δεκ 2012 (πριν από 4 χρόνια και 8 μήνες)

367 εμφανίσεις




LANDesk
®

Security Review for the Week Ending
January

29
,

20
10

LANDesk
®

Patch Manager and Security
Suite (“LD
S
S”)
provide customers with the latest security and
application patches and updates for the most utilized software in your b
usiness. Maintaining a safe and
secure environment helps to avoid downtime that will affect employees and productivity. The following
items are the patch and update highlights from this past week.

Windows Content

Vulnerability Definitions




Vulnerability ID
:
979045v2_INTL

o

LANDesk Patch News Bulletin: Microsoft has Released and Update for
Office Word 2003 29
-
JAN
-
2010

o

http://support.microsoft
.com/kb/97
9045




Vulnerability ID:
976126

o

LANDesk Patch News Bulletin: Microsoft has Released an Update for
ADO.NET for .Net Framework 3.5 SP1 29
-
JAN
-
2010

o

http://support.microsoft.com/kb/9
76126




Vulnerability ID:
9
76127

o

LANDesk Patch News Bulletin: Microsoft has Released a KB for .NET
Framework 3.5 SP1 for Windows 7 and Wind
ows Server 2008 29
-
JAN
-
2010

o

http://support.microsoft.com/kb/97
6127




Vulnerability ID:
947821v3

o

LANDesk Patch News Bulletin: Microsoft

has Released the System
Update Readiness Tool for Windows Vista, Windows Server 2008, and
Windows 7 27
-
JAN
-
2010

o

http://support.microsoft.com/kb/947821




Vulnerability ID:

970807

o

LANDesk Patch News Bulletin: Microsoft has Released an Update for
Bluetooth Functionality for Windows Vista 27
-
JAN
-
2010

o

http://support.microsoft.com/kb/9708
07




Vulnerability ID
:

976972

o

LANDesk Patch News Bulletin: Microsoft has Released and Update for
Windows 7 and Windows Server 2008 R2 to Address an Issue with I/O
Operations 27
-
JAN
-
2010

o

http://support.microsoft.com/kb/976972




Vulnerability
ID:

978506

o

LANDesk Patch News Bulletin: An Update for Windows Internet
Explorer 8
is Available 27
-
JAN
-
2010

o

http://support.microsoft.com/kb/978506




Vulnerability ID:

974674_WIN7

o

LANDesk Patch News Bulletin: Microsoft

has Released a Update for the
Windows NT Backup Restore Utility for Windows 7 27
-
JAN
-
2010

o

http://support.microsoft.com/kb/974674




Vulnerability ID:

977074_WIN7

o

LANDesk Patch News Bulletin: A Microsoft Update to Improve Stability
in Windows 7 and Windows Server 2008 R2 is Available 27
-
JAN
-
2009

o

http://support.microsoft.com/kb/977074




Vulnerability
ID:

SILVERLIGHTv3.0.50106.0

o

LANDesk Patch News Bulletin: Microsoft has Released and Updated
Version of Silverlight 26
-
JAN
-
2010

o

htt
p://www.silverlight.net




Vulnerability
ID:

972076

o

LANDesk Patch News Bulletin: Microsoft has Released the Update
Rollup 1 for Exchange Server 2007 SP2 26
-
JAN
-
2010

o

http://support.microsoft.com/kb/972076




Vulnerability
ID:

979682

o

LANDesk Patch News Bulletin: Microsoft has Released a Fix It Patch for
Security Advisory 9796
82 25
-
JAN
-
2010

o

http://support.microsoft.com/kb/979682




Vulnerability
ID:

WIRESHARKv1.2.6

o

LANDesk Patch News Bulletin: Wireshark has Rel
eased Latest Version
1.2.6 29
-
JAN
-
2010

o

http://www.wireshark.org/docs/relnotes/wireshark
-
1.2.6.html




Vulnerability
ID:

GOOGLE_CHROMEv4.0.249.78_Detect_Only

o

LANDesk Patch News Bulletin: Google Chrome Update is Available 26
-
JAN
-
2010

o

http://googlechromereleases.blogspot.com/




Vulnerability
ID:

TORTOISESVNv1.6.7

o

LANDesk Patch News Update: Latest TortoiseSVN Version 1.6.7 has
been Released 25
-
JAN
-
2010

o

http://tortoisesvn.net/



Mac Content

Vulnerability Defini
tions




Vulnerability ID:


Firefox3.6_Update

o

LANDesk Patch News Bulletin: Mozilla has Released an Update for
Firefox 3 for Mac 22
-
JAN
-
2
010

o

http://www.mozilla.com/en
-
US/firefox/3.6/releasenotes/



Linux Content

Vulnerability Definitions


HPUX: 17 changed vulnerabilities;

V_INTL_PHCO_38585

V_INTL_PHSS_38722

V_INTL_PH
SS_38723

V_INTL_PHSS_38726

V_INTL_PHSS_38727

V_INTL_PHSS_40079

V_INTL_PHSS_40080

V_INTL_PHSS_40170

V_INTL_PHSS_40171

V_INTL_UPDATE_02482_001

V_INTL_UPDATE_02482_002

V_INTL_UPDATE_02482_003

V_INTL_UPDATE_02498_001

V_INTL_UPDATE_02498_002

V_INTL_
UPDATE_02498_003

V_INTL_UPDATE_02498_004

V_INTL_UPDATE_02498_005



Redhat: 5 new vulnerabilities;

V_INTL_RHSA
-
2010
-
0046

V_INTL_RHSA
-
2010
-
0054

V_INTL_RHSA
-
2010
-
0060

V_INTL_RHSA
-
2010
-
0061

V_INTL_RHSA
-
2010
-
0062



Sles: 40 new vulnerabilities;

V
_INTL_dbgp2
-
krb5
-
6775

V_INTL_dbgp2
-
nfs
-
utils
-
6679

V_INTL_dbgp2
-
openssl
-
CVE
-
2009
-
4355.patch
-
6784

V_INTL_dbgp2
-
parted
-
6738

V_INTL_dbgp2
-
yast2
-
ncurses
-
6752

V_INTL_patch
-
12562

V_INTL_patch
-
12565

V_INTL_patch
-
12566

V_INTL_patch
-
12568

V_INTL_patch
-
12571

V_INTL_sledp2
-
expat
-
6764

V_INTL_sledp2
-
flash
-
player
-
6769

V_INTL_sledp2
-
java
-
1_5_0
-
ibm
-
6740

V_INTL_sledp2
-
krb5
-
6775

V_INTL_sledp2
-
libtool
-
6678

V_INTL_sledp2
-
nfs
-
utils
-
6679

V_INTL_sledp2
-
openssl
-
CVE
-
2009
-
4355.patch
-
6784

V_INTL_sledp2
-
parted
-
6738

V_
INTL_sledp2
-
perl
-
spamassassin
-
6754

V_INTL_sledp2
-
postgresql
-
6767

V_INTL_sledp2
-
timezone
-
6762

V_INTL_sledp2
-
vte
-
6722

V_INTL_sledp2
-
yast2
-
backup
-
6684

V_INTL_sledp2
-
yast2
-
ncurses
-
6752

V_INTL_sledp2
-
yast2
-
network
-
6739

V_INTL_slesp2
-
expat
-
6764

V_INTL_sl
esp2
-
java
-
1_4_2
-
ibm
-
6757

V_INTL_slesp2
-
java
-
1_5_0
-
ibm
-
6740

V_INTL_slesp2
-
krb5
-
6775

V_INTL_slesp2
-
libtool
-
6678

V_INTL_slesp2
-
nfs
-
utils
-
6679

V_INTL_slesp2
-
openssl
-
CVE
-
2009
-
4355.patch
-
6784

V_INTL_slesp2
-
parted
-
6738

V_INTL_slesp2
-
perl
-
spamassassin
-
6754

V_INTL_slesp2
-
postgresql
-
6767

V_INTL_slesp2
-
timezone
-
6762

V_INTL_slesp2
-
vte
-
6722

V_INTL_slesp2
-
yast2
-
backup
-
6684

V_INTL_slesp2
-
yast2
-
ncurses
-
6752

V_INTL_slesp2
-
yast2
-
network
-
6739


Spyware Updates

Definitions



Core.aawdef Version

Core.
14
9.0
134
.aawdef

-

Core.
14
9.01
39
.aawdef
-

Incremental
Update

o

LANDesk Patch News Bulletin: Updated Spyware
Definitions
Core.aawdef 149.01
34



149.01
39

are available
27
-
Jan
-
2009

o

Community.LANDesk.com


Antivirus Updates



Sometimes a virus shows up that does not have a definition yet. This is true
for all viruses when they are first written. These are called "zero day"
vir
uses. The following link provides instructions on how these samples can
be sent to LANDesk for inclusion in our Antivirus pattern files.



How to send LANDesk an infected or suspicious file



Community.LANDesk.com





Virus Watch from our partner Kaspersky Lab



Virus Watch




LANDesk
®

Tips

Getting the most out of LANDesk Security

and Patch Manager

9




LANDesk has released LDMS and LDSS version 9
.

With new features and
improvements, please see the following link for available documents.


o

Management Suite 9 / Security S
uite 9 Documents



Security News

Into the breach

with security



Data loss Prevention or DLP as it

i
s affectionately known
,

is quite the
buzzword these days, but why? The short explanation is
,
money. Companies
today are at increased risk of losing their cor
porate secrets, customers’
payment card data, and/or an individual’s personal data. This increase
comes from the evolution of hacking/cracking from ego to euro

no offense
intended to the European readers.


Monetary gain is motivating most of
these high pro
file data loss attacks. These attacks incorporate exploiting
weaknesses in software, eavesdropping, and stealing physical property to
gain access to corporate information.


The traditional DLP solutions address
two out of the three attack vectors

in this c
ase “two out of three” is no
t

good enough. This week’s article highlights some ways to combat data loss,
but points out the most effective way still involves a human being. So, if
you’re interested in reducing your monetary risks associated with data loss
give this weeks’ article a little bit of your time.

o

Cost Of Data Breaches Increased In 2009

o

http://www.darkreading.c
om/


Where to Send Feedback

At LANDesk, we are constantly striving to improve our products and services and hope
you find these changes reflective of our ongoing commitment to listen to you
-
our
partners and customers
-
in providing the best possible solutio
ns to meet your needs now
and in the future. Please continue to provide feedback by contacting our local support
organization.

Best regards,

LANDesk Product Support

Copyright © 20
10

LANDesk Software. All rights reserved. LANDesk is either a
registered tra
demark or trademark of LANDesk Software, Ltd. or its affiliated entities in
the United States and/or other countries. Other names or brands may be claimed as the
property of others.

Information in this document is provided for information purposes only. Th
e
information presented here is subject to change without notice. This information is not
warranted to be error
-
free, nor subject to any other warranties or conditions, whether
expressed orally or implied in law, including any implied warranties and condit
ions of
merchantability or fitness for a particular purpose. LANDesk disclaims any liability with
respect to this document and LANDesk has no responsibility or liability for any third
party products of any content contained on any site referenced herein. T
his document
may not be reproduced or transmitted in any form or by any means, electronic or
mechanical, for any purpose, without our prior written permission. For the most current
product information, please visit
ht
tp://www.landesk.com
.