Norton Internet Security logo

Security Update 421 for Norton Internet Security

Jul 28, 2011

Security Updates give the most recent protection content for NIS product, which protect networked critical systems and remote and mobile users from unwanted network intrusions and hackers, as well as from viruses, Trojans, and worms.

To download and install the Security Update 421 you need to run LiveUpdate feature of Norton Internet Security product. Please note that LiveUpdate definition identifier of Security Update 421 is 20110727.030 and its description was last modified on July 27, 2011 6:29:09 PM PDT.

Security Update 421 adds coverage for the following vulnerabilities and threats:

  • Fake App Attack: Fake AV Website 23:
    A Web based attack relating to misleading applications has been blocked. No further action is required, but you may wish to update your virus definitions and run a full system scan as a precautionary measure.

  • Attack: IBM Tivoli Storage Manager CVE-2009-3853:
    This signature detects attempts to exploit a buffer overflow vulnerability in IBM Tivoli Storage Manager

  • Attack: Borland CaliberRM CVE-2008-0311:
    This signature detects attempts of buffer-overflow exploitation in Borland StarTeam Multicast Service.

  • Web Attack: Novell IManager Arbitrary File Upload:
    This signature detects Arbitrary file uploads in Novell iManager.

  • Attack: Apache Mod Rewrite LDAP CVE-2006-3747:
    This signature detects buffer-overflow exploitation attempts in Apache Mod_Rewrite.


Security Update 421 provides updated coverage for the following vulnerabilities and threats:
  • Web Attack: HP OpenView NNM BO:
    This Signature detect attempts to exploit a buffer overflow vulnerability in HP OpenView Network Node Manager.

  • Attack: MS Wordpad Text Converter:
    This signature will detect attempts to exploit a Remote Code Execution in Wordpad.

  • Fake App Attack: Fake AV Website 9:
    A Web based attack relating to misleading applications has been blocked. No further action is required, but you may wish to update your virus definitions and run a full system scan as a precautionary measure.

  • Web Attack: Malicious Toolkit Website 8:
    This signature detects attempt to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Blackhole Toolkit Website 2:
    This signature detects attempts to download exploits from Blackhole toolkit that may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Malicious Toolkit Website 10:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Exploit Kit Variant Activity:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Blackhole Toolkit Website 7:
    This signature detects attempts to download exploits from Blackhole toolkit that may compromise a computer through various vendor vulnerabilities.

  • Attack: IBM Tivoli Management Framework Argument CVE-2011-1220:
    This signature detects attempt to a stack based buffer overflow vulnerability in IBM Tivoli Management Framework application.

  • Fake App Attack: Fake AV Website 20:
    A Web based attack relating to misleading applications has been blocked. No further action is required, but you may wish to update your virus definitions and run a full system scan as a precautionary measure.

  • Web Attack: Novell iPrint Client CVE-2010-4321:
    This signature detects attempts to exploit a buffer overflow vulnerability in Novell iPrint Client application.

  • Attack: VLC Media Player MKV File CVE-2011-0531:
    This signature detects attempts to a remote code execution vulnerability while processing crafted MKV files through VLC Media Player application.

  • Attack: HP OpenView OmniInet Opcode 20 CVE-2011-1865:
    This signature detects attempts to a remote code execution vulnerability in HP OpenView Storage Data Protector Application.

  • Fake App Attack: Misleading Application Suspicious Notification:
    A Web based attack relating to misleading applications has been blocked. No further action is required, but you may wish to update your virus definitions and run a full system scan as a precautionary measure.


Symantec Corporation
www.symantec.com

0 comments: (+add yours?)

Post a Comment