Norton Internet Security logo

Security Update 598 for Norton Internet Security

Apr 25, 2012

Security Updates give the most recent protection content for Norton Internet Security, which protect networked critical systems and remote and mobile users from unwanted network intrusions and hackers, as well as from viruses, Trojans, and worms.

To download and install the Security Update 598 you need to run LiveUpdate feature of Norton Internet Security product. Please note that LiveUpdate definition identifier of Security Update 598 is 20120424.001 and its description was last modified on April 24, 2012 4:28:46 PM PDT.

Security Update 598 adds coverage for the following vulnerabilities and threats:

  • Web Attack: Facebook Manual Share 12:
    This signature will detect malicious web pages which are used for facebook likejacking attacks.

  • Attack: Meterpreter Reverse TCP:
    This signature detects Metasploit Meterpreter activity on the compromised machine.

  • System Infected: Ransom Malware Activity:
    This signature detects Ransom malware activity on the infected machine.


Security Update 598 provides updated coverage for the following vulnerabilities and threats:
  • Fake App Attack: Fake AV Redirect 29:
    A Web based attack relating to misleading applications has been blocked. No further action is required, but you may wish to update your virus definitions and run a full system scan as a precautionary measure.

  • Web Attack: JRE Concurrency CVE-2012-0507:
    This signature detects an attempt to detect vulnerability in Java which may result in remote code execution.

  • Web Attack: Malicious Toolkit Website 10:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Malicious File Download Request 10:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Blackhole Toolkit Website 14:
    This signature detects attempts to download exploits from Blackhole toolkit that may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Mass Injection Website:
    It is an attack where an iframe which points to a malicious site is injected in large number of clean websites.

  • Fake App Attack: Fake Scan Webpage 4:
    A Web based attack relating to misleading applications has been blocked. No further action is required, but you may wish to update your virus definitions and run a full system scan as a precautionary measure.

  • Malicious Site: Malicious Request:
    You have attempted to visit a known malicious IP address. Visiting this web site could potentially put you at risk to becoming infected. Symantec's Network Threat Protection solution has prevented any potential infection attempts from occurring. You should not have to take any additional actions and are safe from infection. It is recommended that you do NOT visit this site.

  • Web Attack: Gumblar Command and Control Redirect:
    You have attempted to visit a known malicious IP address. Visiting this web site could potentially put you at risk to becoming infected. Symantec's Network Threat Protection solution has prevented any potential infection attempts from occurring. You should not have to take any additional actions and are safe from infection. It is recommended that you do NOT visit this site.

  • Web Attack: Malicious Java Download 6:
    This signature detects an attempt to detect vulnerability in Java which may result in remote code execution.


Security Update 598 removes coverage for the following vulnerabilities and threats:
  • Web Attack: Midi CVE-2012-0003:
    This signature detects a remote buffer overflow vulnerability in Windows Media Player.


Symantec Corporation
www.symantec.com

0 comments: (+add yours?)

Post a Comment

Note: Only a member of this blog may post a comment.