August 2008 - Posts
Screenshot here:
http://sunbeltblog.blogspot.com/2008/08/counterspy-enterprise-31-ships.html
This is a big upgrade to their product. I'm quite excited to deploy it in our environment as the performance increase and definition overhead decrease have been talked about on their mailing lists for months now. I'll be sure to post my impressions when I begin testing.
More info on the product can be found here:
http://www.prweb.com/releases/2008/08/prweb1223244.htm
http://blogs.adobe.com/psirt/2008/08/clipboard_attack.html
We are aware of recent press reports about a potential “Clipboard attack” issue that involves Flash Player. Adobe is currently investigating potential solutions to this issue and will update customers as soon as we have more information to provide.
More information and links available from the below source:
http://www.theregister.co.uk/2008/08/15/webbased_clipboard_hijacking/
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3648
Overview
nslookup.exe in Microsoft Windows XP SP2 allows user-assisted remote attackers to execute arbitrary code, as demonstrated by an attempted DNS zone transfer, and as exploited in the wild in August 2008.
Impact
CVSS Severity (version 2.0):
CVSS v2 Base score: 9.3 (High) (AV:N/AC:M/Au:N/C:C/I:C/A:C) (legend)
Impact Subscore: 10.0
Exploitability Subscore: 8.6
Access Vector: Network exploitable , Victim must voluntarily interact with attack mechanism
Access Complexity: Medium
Authentication: Not required to exploit
Impact Type: Allows unauthorized disclosure of information , Allows unauthorized modification , Allows disruption of service
RIM has released version 4.1 Service Pack 6 (4.1.6) to address the vulnerability, giving an alternative to their prior suggested workaround of blocking the processing of PDF files:
http://www.blackberry.com/btsc/dynamickc.do?externalId=KB15766&sliceId=SAL_Public&command=show&forward=nonthreadedKC&kcId=KB15766
Download the new version here:
http://www.blackberry.com/go/serverdownloads
A buffer overflow vulnerability exists in an ActiveX control used by the WebEx Meeting Manager. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the user client machine. The WebEx Meeting Manager is a client-side program that is provided by the Cisco WebEx meeting service. The Cisco WebEx meeting service automatically downloads, installs, and configures Meeting Manager the first time a user begins or joins a meeting.
When users connect to the WebEx meeting service, the WebEx Meeting Manager is automatically upgraded to the latest version. There is a manual workaround available for users who are not able to connect to the WebEx meeting service.
Cisco WebEx is in the process of upgrading the meeting service infrastructure with fixed versions of the affected file.
Full advisory here: http://www.cisco.com/warp/public/707/cisco-sa-20080814-webex.shtml
PDF download here: http://www.cisco.com/univercd/cc/lib/csco/pdf_opt.gif
Today, we officially released the consumer version of our all-new CounterSpy 3.1 product. (It’s actually version 3, but due to having to align our version numbering scheme with our Enterprise version, it was released as 3.1).
This is a major upgrade to CounterSpy. All-new threat engine, all new technology — completely re-written from the ground-up for fast performance. As always, none of our products bundle toolbars, our trial versions are full versions, and we provide free support.
Give it a whirl and let me know what you think. You can always email me your opinions directly.
Users of VIPRE will find the interface familiar — CounterSpy is simply a sub-set of VIPRE, excluding features specific to viruses. CounterSpy customers can upgrade at anytime to the VIPRE product for a small cost.
One small note: Unlike a “silent” preview edition posted last week on our website, this version comes with the On Access feature of Active Protection disabled by default (it can always be re-enabled). This feature will invariably conflict with some antivirus programs’ real-time protection, and since almost everyone runs this product alongside their existing antivirus product, it’s not necessary. A further explanation is in our video tutorial here.
Full company propaganda here.
Alex Eckelberry
CounterSpy 3.1 ships
Adobe's customization tool has been updated for the latest version 9 release.
Download it here:
http://www.adobe.com/support/downloads/detail.jsp?ftpID=3993
Our colleagues from the Linux team blogged about it last month, but it's worth repeating:
The latest version of our Emergency Rescue CD is available.
It's a bootable Linux CD that can scan Windows hard drives (NTFS and FAT) as well attached USB drives.
If the computer has an Internet connection, the virus definition databases are updated automatically. If an Internet connection isn't available, the definition databases can be manually updated using a USB drive.
It's an excellent support tool. It's also one of the best ways to scan for MBR rootkit infections.
You can download it from here and read more details from the Linux team's post.
On 24/07/08 At 03:43 PM
F-Secure Rescue CD 3.00
New Features:
- Improved automatic identification and removal of malware delivering to the customer the next generation of best-of-breed Anti-Virus Scanning Engines. The 5300 Anti-Virus Scanning Engine offers improved protection against existing, new and future threats and increases the depth and breadth of the protection McAfee provide our customers.
- 100% drop-in compatibility with the existing McAfee Anti-Virus Scanning Engine and DAT files. It's easy to upgrade; just replace your existing Engine with the new version and you're protected.
- Enhanced support for detection and repair for Office 12 documents, as well as improved ZIP file support.
- Support for Solaris 10 on Intel x86 and x64.
- Support for FreeBSD 6.2 and 7.0
- Support for HP-UX 11i v3 on PA-Risc
Download here:
http://www.mcafee.com/apps/downloads/security_updates/engines.asp
The new enterprise managed AV / AntiSpyware solution from Sunbelt Software:
http://www.vipreenterprise.com/
Press release available here:
http://www.sunbeltsoftware.com/Press/Releases/?id=238