Norton Internet Security logo

Security Update 367 for Norton Internet Security

Apr 12, 2011

Security Updates give the most recent protection content for Norton Internet Security product, which can protect computer from unwanted network intrusions and hackers, as well as from viruses, Trojans and worms.

To download and install the Security Update 367 you need to run LiveUpdate feature of Norton Internet Security product. The Security Update 367 adds coverage for the following vulnerabilities and network security threats:

  • HTTP MHTML Script Code Injection Vulnerability — The MHTML implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle a MIME format in a request for content blocks in a document, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site that is visited in Internet Explorer;

Security Update 367 provides updated coverage for the following vulnerabilities and threats:
  • HTTP FakeAV Webpage Request — Misleading applications intentionally misrepresent the security status of a computer. Misleading applications attempt to convince the user that he or she must remove potentially malware or security risks (usually nonexistent or fake) from the computer. The application will hold the user hostage by refusing to allow him or her to remove or fix the phantom problems until the 'required' software is purchased and installed. Misleading applications often look convincing - the programs may look like legitimate security programs and often have corresponding websites with user testimonials, lists of features, etc.;

  • Web Attack: Malicious File Download — This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities;

  • Web Attack: Malicious Java File Download — Malicious JAR files can lead to compromise of security of the machine where it is executed;

  • HTTP XPL ToolKit Activity — This signature detects attempts to download exploits from a Eleonore toolkit which may compromise a computer through various vendor vulnerabilities;

  • Web Attack: Blackhole Toolkit Website 3 — Blackhole Toolkit compromises the machine by targeting various vendor vulnerabilities on the victim's machine;

  • Web Attack: Blackhole Toolkit Website — This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities;

Symantec Corporation
www.symantec.com

0 comments: (+add yours?)

Post a Comment