LANDesk® Security Review for the Week Ending November 14, 2008

Version 2

    LANDesk® Security Review for the Week Ending November 14, 2008

    LANDesk® Patch Manager and Security Suite ("LDSS") provide customers with the latest security and application patches and updates for the most utilized software in your business. Maintaining a safe and secure environment helps to avoid downtime that will affect employees and productivity. The following items are the patch and update highlights from this past week.

    Windows Content

    Vulnerability Definitions - This week was Microsoft's Patch Tuesday. Two security bulletins were released to address remote code execution issues. MS08-069 is rated critical and MS08-068 is rated important. Customers are encouraged to apply the patches for these bulletins as soon as possible. Updates for Microsoft Junk E-mail filters were also released this week. Additional third-party applications were released for Adobe, Yahoo!, and Mozilla products.

     

     

     

     

     

     

     

     

     

    Mac Content

    Vulnerability Definitions

    Blocked Applications Updates

    Definitions

     

    Linux Content

    Vulnerability Definitions

    HPUX: 18 vulnerabilities;

    V_INTL_PHSS_34392

    V_INTL_PHSS_37972

    V_INTL_PHSS_38840

    V_INTL_PHSS_30012

    V_INTL_PHSS_30807

    V_INTL_PHSS_35433

    V_INTL_PHSS_36394

    V_INTL_PHSS_37666

    V_INTL_UPDATE_01034_001

    V_INTL_UPDATE_01034_002

    V_INTL_UPDATE_01034_003

    V_INTL_UPDATE_01034_004

    V_INTL_UPDATE_01090_004

    V_INTL_UPDATE_02186_001

    V_INTL_UPDATE_02186_006

    V_INTL_UPDATE_02313_001

    V_INTL_UPDATE_02365_001

    V_INTL_UPDATE_02365_003

    Redhat: 3 ulnerabilities;

    V_INTL_RHSA-2008-0939

    V_INTL_RHSA-2008-0957

    V_INTL_RHSA-2008-0971

    SLES: 48 vulnerabilities;

    V_INTL_patch-10142

    V_INTL_patch-10177

    V_INTL_patch-10184

    V_INTL_patch-10196

    V_INTL_patch-10668

    V_INTL_patch-10997

    V_INTL_patch-11001

    V_INTL_patch-11078

    V_INTL_patch-11326

    V_INTL_patch-11328

    V_INTL_patch-11533

    V_INTL_patch-11537

    V_INTL_patch-11542

    V_INTL_patch-11717

    V_INTL_patch-11761

    V_INTL_patch-11977

    V_INTL_patch-11981

    V_INTL_patch-12040

    V_INTL_patch-12043

    V_INTL_patch-9211

    V_INTL_patch-9215

    V_INTL_RU-for-GNOME-and-others(20070314)

    V_INTL_RU-for-KDE-components(20070313)

    V_INTL_RU-for-Kernel-and-utilities(20070316)

    V_INTL_RU-for-limal-apparmor-components(20070315)

    V_INTL_RU-for-OpenOffice(20071113)

    V_INTL_RU-for-OpenOffice_org(20070508)

    V_INTL_RU-for-OpenOffice_org(20080411)

    V_INTL_RU-for-orarun(20070315)

    V_INTL_RU-for-pam_mount(20070315)

    V_INTL_RU-for-redbook(20070316)

    V_INTL_RU-for-Samba(20081001)

    V_INTL_RU-for-SaX2-and-MozillaFirefox(20070316)

    V_INTL_RU-for-sysconfig(20070911)

    V_INTL_RU-for-the-GCC-suite-and-valgrind(20070315)

    V_INTL_RU-for-Xen(20070316)

    V_INTL_RU-for-Xorg,-glibc-and-other-packages(20070316)

    V_INTL_RU-for-YaST2-and-components(20070316)

    V_INTL_RU-for-yast2-apparmor-parser(20070315)

    V_INTL_SU-for-Linux-kernel(20061218)

    V_INTL_SU-for-Linux-kernel(20070219)

    V_INTL_SU-for-Linux-kernel(20071128)

    V_INTL_SU-for-Linux-kernel(20080125)

    V_INTL_SU-for-Linux-kernel(20081008)

    V_INTL_SU-for-X.org-X11(20071008)

    V_INTL_SU-for-X11-libs-and-server(20080107)

    V_INTL_SU-for-Xen(20061009)

    V_INTL_SU-for-xorg-x11-Xnest(20080108)

    Solaris: 1 changed vulnerabilities;

    V_INTL_120954

    Spyware Updates

    Definitions

     

     

    LANDesk® Tips

    The LANDesk Spyware engine has been updated

    • The latest Spyware engine is available for LDSS 8.7 and 8.8. The update for 8.7 is available in the recently released Service Pack 6 and the update for 8.8 is available in the LANDesk Updates content. Below is a list of new features:

    • - x64 environment support
      - Improved LSP and NSP scanning
      - Improved Deep Scanning of Registry
      - Remediation of "User Mode Rootkits" during scan

    • In addition to these features both 8.7 and 8.8 will use the same definition file - core.aawdef. Please ensure both the core and all clients are updated.

     

    Where to Send Feedback

    At LANDesk, we are constantly striving to improve our products and services and hope you find these changes reflective of our ongoing commitment to listen to you-our partners and customers-in providing the best possible solutions to meet your needs now and in the future. Please continue to provide feedback by contacting our local support organization.

    Best regards,

    LANDesk Product Support

    Copyright © 2008 LANDesk Software. All rights reserved. LANDesk is either a registered trademark or trademark of LANDesk Software, Ltd. or its affiliated entities in the United States and/or other countries. Other names or brands may be claimed as the property of others.

    Information in this document is provided for information purposes only. The information presented here is subject to change without notice. This information is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including any implied warranties and conditions of merchantability or fitness for a particular purpose. LANDesk disclaims any liability with respect to this document and LANDesk has no responsibility or liability for any third party products of any content contained on any site referenced herein. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. For the most current product information, please visit [http://www.landesk.com/].