LANDesk® Security Review for the Week Ending October 17, 2008
LANDesk® Patch Manager and Security Suite ("LDSS") provide customers with the latest security and application patches and updates for the most utilized software in your business. Maintaining a safe and secure environment helps to avoid downtime that will affect employees and productivity. The following items are the patch and update highlights from this past week.
Vulnerability Definitions - This week was Microsoft's Patch Tuesday. Eleven security bulletins were released. The patches addressed several vulnerabilities in Microsoft's productivity applications, internet applications, and OS related issues. Additional third-party applications were also released from other vendors:
Vulnerability ID: MS08-056, MS08-057, MS08-058, MS08-059, MS08-060, MS08-061, MS08-062, MS08-063, MS08-064, MS08-065, MS08-066
Vulnerability ID: JREJDK_32bit_Manual, JREJDK_64bit_Manual, JDKDSTv139_Manual
Vulnerability ID: FLASHPLAYERPLUGINv10
Vulnerability ID: OPENOFFICEv330, OPENOFFICEv330_DEU
Vulnerability ID: SHOCKWAVEPLAYERv126.96.36.1995
Vulnerability ID: APPLE-SA-2008-007-Ti11-Intel, Vulnerability ID - APPLE-SA-2008-007-Ti11-PPC, Vulnerability ID - APPLE-SA-2008-007-Ti11-UnivServer, APPLE-SA-2008-007-Ti11-PPCServer, APPLE-SA-2008-007-Le5-Server, APPLE-SA-2008-007-Le
Vulnerability ID: ADIUM_MAC_132
Vulnerability ID: APPLE-JAVA-For10.5Update2
Vulnerability ID: APPLE-JavaRelease7-TI
Vulnerability ID: ENU_OFFICE-2008-1213, DEU_OFFICE-2008-1213, ESN_OFFICE-2008-1213, FRA_OFFICE-2008-1213, ITA_OFFICE-2008-1213, JPN_OFFICE-2008-1213, NLD_OFFICE-2008-1213, SVE_OFFICE-2008-1213, FIN_OFFICE-2008-1213, DAN_OFFICE-2008-1213, NOR_OFFICE-2008-1213
Vulnerability ID: ENU_OFFICE-2004-1152, DEU_OFFICE-2004-1152, ESN_OFFICE-2004-1152, FRA_OFFICE-2004-1152, ITA_OFFICE-2004-1152, JPN_OFFICE-2004-1152, NLD_OFFICE-2004-1152, SVE_OFFICE-2004-1152
Vulnerability ID: SUSE Linux Enterprise Server Vulnerabilities - See the LANDesk Security Bulletin for the details
HPUX: 18 changed vulnerabilities ;
Redhat: 1 vulnerability
Solaris: 2 vulnerabilities
LRD Version 338
Core.aawdef Version 126
Sometimes a virus shows up that does not have a definition yet. This is true for all viruses when they are first written. These are called "zero day" viruses. The following link provides instructions on how these samples can be sent to LANDesk for inclusion in our Antivirus pattern files.
Virus Watch from our partner Kaspersky Lab
A few months ago Information Week conducted a review of some of the major patch manager products. See how LANDesk fared.
LANDesk's Patch Manager is, ... part of a comprehensive endpoint management package...Patch Manager was the only one with an automated process to facilitate ITIL change management practices--a huge plus. Its Parallel Patch Process defines testing and rollout processes that can be clearly documented and transparent to a change management board, as well as enabling highly efficient deployment of patches. These plus an automated process for copying patches to an entire subnet through one client and an option to auto-fix vulnerabilities helped LANDesk capture our Editor's Choice.
Patching and Social Engineering Attacks
After reading this week's featured article I was reminded why it is important to regularly remind end-users of the corporate patching policy. It is also a good idea to educate your end-users about potential social engineering attacks, use this week's article to get an idea of where to start.** **
Where to Send Feedback
At LANDesk, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you-our partners and customers-in providing the best possible solutions to meet your needs now and in the future. Please continue to provide feedback by contacting our local support organization.
LANDesk Product Support
Copyright © 2008 LANDesk Software. All rights reserved. LANDesk is either a registered trademark or trademark of LANDesk Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.
Information in this document is provided for information purposes only. The information presented here is subject to change without notice. This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDesk disclaims any liability with respect to this document and LANDesk has no responsibility or liability for any third party products of any content contained on any site referenced herein. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit [http://www.landesk.com/].