Norton Internet Security logo

Security Update 424 for Norton Internet Security

Aug 2, 2011

Security Updates give the most recent protection content for NIS product, which protect networked critical systems and remote and mobile users from unwanted network intrusions and hackers, as well as from viruses, Trojans, and worms.

To download and install the Security Update 424 you need to run LiveUpdate feature of Norton Internet Security product. Please note that LiveUpdate definition identifier of Security Update 424 is 20110801.030 and its description was last modified on August 1, 2011 10:56:14 PM PDT.

Security Update 424 adds coverage for the following vulnerabilities and threats:

  • System Infected: Tracur Trojan Activity:
    This signature detects Mozipow trojan activity on the infected machine.

  • System Infected: Backdoor Trojan DNS Request:
    This signature detects malicious Backdoor Trojan activity on the compromised computer.

  • Web Attack: IBM Lotus Domino Sametime CVE-2008-2499:
    This signature detects attempts to exploit a buffer overflow vulnerability in IBM Lotus Sametime which may result in remote code execution.

  • Attack: Firebird Database Attach CVE-2007-5243:
    This signature detects attempts to exploit a buffer overflow vulnerability in Borland InterBase.

  • Web Attack: Mass Iframe Injection Attack 2:
    It is an attack where an iframe which points to a malicious site is injected in large number of clean websites.


Security Update 424 provides updated coverage for the following vulnerabilities and threats:
  • Attack: Oracle XDB FTP BO 2:
    This signature detects an attempt to exploit a buffer overflow vulnerability in Oracle 9i.

  • Fake App Attack: Fake Codec Website:
    A Web based attack relating to misleading applications has been blocked. No further action is required, but you may wish to update your virus definitions and run a full system scan as a precautionary measure.

  • Attack: VLC SMB URI Handling:
    This is signature will detect attempt to exploit a buffer overflow exploit in VLC media player SMB URI.

  • TCP Datac RealWin Remote BO:
    This signature detect remote buffer overflow in realwin.

  • Web Attack: Malicious Toolkit Website 10:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Malicious JavaScript Download:
    This signature detects attempts to exploit machine through malicious JavaScript.

  • Web Attack: Blackhole Toolkit Website 7:
    This signature detects attempts to download exploits from Blackhole toolkit that may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Foxit Reader Javascript Arbitrary File Write:
    This Signature detects attempts to perform arbitrary file creation through vulnerable 'createDataObject()' in Foxit Reader.

  • MSIE WMITools WebSingleView ActiveX BO:
    This signature detects attempts to arbitrary code execution in activex WBEMSingleView.ocx of WMI Administrative Tools.


Symantec Corporation
www.symantec.com

0 comments: (+add yours?)

Post a Comment