Norton Internet Security logo

Security Update 545 for Norton Internet Security

Feb 9, 2012

Security Updates give the most recent protection content for Norton Internet Security, which protect networked critical systems and remote and mobile users from unwanted network intrusions and hackers, as well as from viruses, Trojans, and worms.

To download and install the Security Update 545 you need to run LiveUpdate feature of Norton Internet Security product. Please note that LiveUpdate definition identifier of Security Update 545 is 20120208.002 and its description was last modified on February 8, 2012 5:34:28 PM PST.

Security Update 545 adds coverage for the following vulnerabilities and threats:

  • Web Attack: Malicious Injected Javascript 9:
    This signature detects attempts to exploit machine through malicious JavaScript.

  • Attack: Symantec PCAnywhere Elevation of Privilege CVE-2011-3478 2:
    This signature detects an attempt to exploit a vulnerability in Symantec PCAnywhere allowing an attacker to gain an elevation of privileges.

  • System Infected: Trojan.Gatak:
    This signature detects malicious Backdoor Trojan activity on the compromised computer.

  • Web Attack: Malicious JAR File Download 4:
    This signature detects attempts to download malicious JAR files.

  • Web Attack: Malicious Javascript Website 7:
    This signature detects attempts to exploit machine through malicious JavaScript.


Security Update 545 provides updated coverage for the following vulnerabilities and threats:
  • HTTP Windows Sharepoint Svc Spoofing:
    This signature detects an attempt to exploit a spoofing attack in MS Windows Sharepoint Services.

  • 2020Search Info. Upload Request:
    This signature detects the spyware uploading information to its controlling servers.

  • 2020Search Configuration Request:
    This signature detects the spyware requesting configuration from its controlling server.

  • HTTP MSIE Webdav Src BO:
    This signature detects an attempt to exploit a vulnerability in Internet Explorer which may result in remote code execution.

  • Web Attack: Eleonore Executable Download:
    This signature detects attempts to download exploits from a Eleonore toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: CrimePack Toolkit Website 2:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Malicious Executable Download:
    Scripts may be downloaded by a browser but be specified as an image, thus evading some types of monitoring software.

  • Fake App Attack: Adware Installer Download:
    This signature detects a file installer download which may be associated with adware.

  • Web Attack: Malicious Toolkit Website 9:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Malicious Toolkit Website 10:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Malicious Toolkit Website 13:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Malicious JAR File Download 2:
    This signature detects attempts to download malicious JAR files.

  • Web Attack: Blackhole Toolkit Website 12:
    This signature detects attempts to download exploits from Blackhole toolkit that may compromise a computer through various vendor vulnerabilities.

  • Fake App Attack: Fake AV Redirect 20:
    A Web based attack relating to misleading applications has been blocked. No further action is required, but you may wish to update your virus definitions and run a full system scan as a precautionary measure.

  • Web Attack: Malicious File Download Request 10:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Malicious Exploit Kit Website 6:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Blackhole Exploit Kit Website 11:
    This signature detects attempts to download exploits from Blackhole toolkit that may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Facebook LikeJacking Attack 23:
    This signature will detect malicious web pages which are used for facebook likejacking attacks.

  • Attack: ACDSee Fotoslate PLP File CVE-2011-2595:
    This signature detects attempt to exploit a buffer overflow vulnerability while processing crafted PLP Files in ACDSee application.

  • Web Attack: Malicious Injected Javascript 10:
    This signature detects attempts to exploit machine through malicious JavaScript.

  • Web Attack: Facebook LikeJacking Attack 38:
    This signature will detect malicious web pages which are used for facebook likejacking attacks.

  • Web Attack: Malicious Javascript Website 3:
    This signature detects attempts to exploit machine through malicious JavaScript.

  • System Infected: VBS Sojax Trojan Activity:
    This signature detects malicious Backdoor Trojan activity on the compromised computer.

  • Web Attack: Blackhole Toolkit Website 14:
    This signature detects attempts to download exploits from Blackhole toolkit that may compromise a computer through various vendor vulnerabilities.

  • Fake App Attack: Fake AV Website 28:
    A Web based attack relating to misleading applications has been blocked. No further action is required, but you may wish to update your virus definitions and run a full system scan as a precautionary measure.

  • Web Attack: Exploit Website 9:
    This signature detect attempts to download exploits from a malicious toolkit which may compromise a computer through various vendor vulnerabilities.

  • Web Attack: Mass Injection Website:
    It is an attack where an iframe which points to a malicious site is injected in large number of clean websites.


Symantec Corporation
www.symantec.com

0 comments: (+add yours?)

Post a Comment

Note: Only a member of this blog may post a comment.