Here's a quick update to note that we will be changing the way Flash Player interacts with the clipboard to help prevent the potential clipboard attacks that have been reported recently. Please see the following Article on security changes in Flash Player 10 for more information. These changes will be available in the final Flash Player 10 release soon.
This posting is provided “AS IS” with no warranties and confers no rights
Clipboard attack update
New and updated features in the current release of the software:
Support for Microsoft Windows Server 2008
This release provides support for Windows Server 2008 (Longhorn).
Architectural changes
· VirusScan Enterprise incorporates some significant architectural changes that affect the manner in which the VirusScan Enterprise 8.7i core components work. These changes result in greater security benefits to customers, including:
· Better rootkit detection and cleaning without system restart — Safe memory patching, better IRP repair support at the system core, and the ability to read locked files at the kernal level provide better rootkit detection and the ability to clean detections without restarting the system.
· On-access scan performance improvements during system startup — A new boot cache process improves on-access scan performance during system startup.
· Greater self-protection — The self-protection feature has been enhanced to protect against a wider range of mal-processes that can terminate McAfee processes. This provides greater VirusScan Enterprise self-protection and product stability.
· Real-time malware protection
A new feature, Heuristic network check for suspicious files, provides customers with real-time detections for malware.
This feature uses sensitivity levels that can be configured, based on your risk tolerance, to look for suspicious files on your endpoints that are running VirusScan Enterprise 8.7i.
When enabled, this feature detects a suspicious program and sends a DNS request containing a fingerprint of the suspicious file to McAfee Avert Labs, which then communicates the appropriate action back to VirusScan Enterprise 8.7i.
The real-time defense feature also provides protection for classes of malware for which signatures might not be available.
This protection is in addition to the world-class DAT-based detection VirusScan Enterprise has always provided. The user experience remains the same and no additional client software is required.
In this release, this feature is available only for on-demand scans and email scanning and is disabled by default. You must select a sensitivity level to enable the feature.
Performance improvements
These changes improve performance.
· New scan deferral options improve local control of on-demand scans, including the ability to defer scans when using battery power or during presentations. One option can be configured to allow end users to defer scheduled on-demand scans for the increment of time you specify. You can specify hourly increments up to twenty-four hours, or forever.
· Enhanced system throttling now includes registry and memory scanning in addition to file scanning.
· Improved email scanner
The email scanner now supports double-byte and multi-byte languages. This improves detection reliability.
· Buffer overflow protection exclusions by API
The ability to specify buffer overflow exclusions by API was removed from VirusScan Enterprise 8.5i, but has been reinstated for the VirusScan Enterprise 8.7i release. The API exclusion name is case-sensitive.
· On-access scanner — Scan processes on enable
A new feature, Scan processes on enable, scans processes that are already running when the McShield service becomes enabled. When the McShield service starts, the scanner examines any process that is already running and any process as it is launched.
· On-demand scan usability improvements
When initiating an on-demand right-click scan, you can now choose an action to take on items detected by the scan. These options are available:
· Clean — Report and clean the detection.
· Continue — Report the detection and continue scanning.