19.05.2012, 16:39
SafeGroup
›
Bezpieczeństwo
›
Pakiety Internet Security
McAfee 2013 .WINDOWS-Produkty dla klientów indywidualnych
McAfee 2013 .WINDOWS-Produkty dla klientów indywidualnych
|
McAfee 2013 .WINDOWS-Produkty dla klientów indywidualnych
|
|
22.05.2012, 16:50
Jeżeli w idle, to dosyć sporo.
23.05.2012, 11:41
Jakaś aktualizacja w związku z Firefoxem:
Executive Summary Since the last McAfee® Labs Security Advisory (May 19), the following noteworthy event has taken place: McAfee product coverage has been updated for vulnerabilities in Mozilla Firefox. McAfee product coverage for this event: ================================================== ===== McAfee Product Coverage Updates * ================================================== ===== Threat:MTIS11-236-F Name:Mozilla FF RCE 3658 Importance:Medium DAT:UA => Part BOP:Exp Host IPS:Exp McAfee Network Security Platform: UA McAfee Vulnerability Manager:Yes McAfee Web Gateway:UA => Part McAfee Remediation Manager  end => YesMcAfee Policy Auditor:UA MNAC:UA McAfee Firewall Enterprise:UA McAfee Application Control:Exp -------------------------------------------------- ----- Threat:MTIS12-018-E Name:Mozilla FF RCE 3659 Importance:Medium DAT:UA => Part BOP:Exp Host IPS:Exp McAfee Network Security Platform: UA McAfee Vulnerability Manager:Yes McAfee Web Gateway:UA => Part McAfee Remediation Manager:Yes McAfee Policy Auditor:UA MNAC:UA McAfee Firewall Enterprise:UA McAfee Application Control:Exp ================================================== ============================= [MTIS11-236-F] Mozilla Firefox nsSVGValue Out-of-Bounds Access Remote Code Execution ================================================== ============================= Threat Identifier(s):CVE-2011-3658 Threat Type:Vulnerability Risk Assessment:High Main Threat Vectors:Web User Interaction Required:Yes Description:A vulnerability in some versions of Mozilla Firefox, Thunderbird, and SeaMonkey could lead to remote code execution. The flaw is due to the DOMAttrModified event handlers, which do not properly interact with the application''s SVG implementation. Successful exploitation could result in the execution of arbitrary code or a denial of service condition. Importance:Medium. On December 20, 2011, Mozilla released an update to address this vulnerability. McAfee Product Coverage * DAT files:The 6709 DAT files, released on May 12, provide coverage when using the following scanners while scanning with heuristics enabled: GS, PS, SIG, SMG, SWG, TOPS Email, VSE Email, and VSO Email. VSE BOP:Generic buffer overflow protection is expected to cover code execution exploits. Host IPS:Generic buffer overflow protection is expected to cover code execution exploits. McAfee Network Security Platform: Under analysis McAfee Vulnerability Manager:The FSL/MVM package of January 4 includes a vulnerability check to assess if your systems are at risk. McAfee Web Gateway:Coverage is provided in the 6709 DAT files (with heuristics enabled), released in the May 12 Gateway Anti-Malware Database Update. McAfee Remediation Manager:The V-Flash release of January 10 contains a remedy for this issue. McAfee Policy Auditor:Under analysis MNAC:Under analysis McAfee Firewall Enterprise:Under analysis McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control (only authorized programs can run) and Memory Protection (protection against remote code execution). Additional Information Mozilla: Mozilla Foundation Security Advisory 2011-55 [Aby zobaczyć linki, zarejestruj się tutaj] ================================================== ============================= [MTIS12-018-E] Mozilla Firefox Use-After-Free nsDOMAttribute Remote Code Execution ================================================== ============================= Threat Identifier(s):CVE-2011-3659 Threat Type:Vulnerability Risk Assessment:High Main Threat Vectors:Web User Interaction Required:Yes Description:A vulnerability in some versions of Mozilla Firefox could lead to remote code execution. The flaw lies in the nsDOMAttribute child nodes. Successful exploitation could allow an attacker to execute remote code. The exploit requires the user to visit a malicious website. Importance:Medium. On January 31, Mozilla released an update to address this vulnerability. McAfee Product Coverage * DAT files:The 6713 DAT files, released on May 16, provide coverage when using the following scanners while scanning with heuristics enabled: GS, PS, SIG, SMG, SWG, TOPS Email, VSE Email, and VSO Email. VSE BOP:Generic buffer overflow protection is expected to cover code execution exploits. Host IPS:Generic buffer overflow protection is expected to cover code execution exploits. McAfee Network Security Platform: Under analysis McAfee Vulnerability Manager:The FSL/MVM package of February 15 includes a vulnerability check to assess if your systems are at risk. McAfee Web Gateway:Coverage is provided in the 6709 DAT files (with heuristics enabled), released in the May 12 Gateway Anti-Malware Database Update. McAfee Remediation Manager:The V-Flash release of February 3 contains a remedy for this issue. McAfee Policy Auditor:Under analysis MNAC:Under analysis McAfee Firewall Enterprise:Under analysis McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control (only authorized programs can run) and Memory Protection (protection against remote code execution). Additional Information Mozilla: Mozilla Foundation Security Advisory 2012-04 [Aby zobaczyć linki, zarejestruj się tutaj] -------------------------------------------------- ------------------------- Detailed descriptions of the Security Advisories can be found in the Users Guide: [Aby zobaczyć linki, zarejestruj się tutaj] For more information on McAfee Labs Security Advisories, see: [Aby zobaczyć linki, zarejestruj się tutaj] For McAfee Technical Support: [Aby zobaczyć linki, zarejestruj się tutaj] For Multi-National Phone Support :[Aby zobaczyć linki, zarejestruj się tutaj] McAfee values your feedback on this Security Advisory. Please reply to this mail with your comments *The information provided is only for the use and convenience of McAfee''s customers in connection with their McAfee products, and applies only to the threats described herein. McAfee product coverage statements are limited to known attack vectors and should not be considered comprehensive. THE INFORMATION PROVIDED HEREIN IS PROVIDED "AS IS" AND IS SUBJECT TO CHANGE WITHOUT NOTICE. The information contained herein is the property of McAfee, Inc. and may not be reproduced or disseminated without the expressed written consent of McAfee, Inc. McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the United States and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. McAfee, Inc. 3965 Freedom Circle, Santa Clara, CA 95054 888.847.8766 [Aby zobaczyć linki, zarejestruj się tutaj] © 2012 McAfee, Inc. All rights reserved.
24.05.2012, 18:31
Widzę ,że ten program cieszy się ogromnym zainteresowaniem
 Ale co by nie było skoro firma znajduje się w rankingach myslę,ze warto o niej pisać. Dzis informuję o dostępnej becie: [Aby zobaczyć linki, zarejestruj się tutaj] Dostepna wersja McAfee Total Protection 5.6 Beta to stabilna wersja dzisiejszego McAfee Tp2012 z kompatybilnościa dla Win8 więc polecam, bo soft za free.Jest jeszcze McAfee Total Protection 6.0 Beta z Hipsem, ale tylko ograniczona liczba uzytkowników ma do niego dostep. 
24.05.2012, 19:11
I najważniejsze info dotyczące bety
 Beta jest darmowa na zawsze Po zakończeniu testów program aktualizuje się do wersji stabilnej z tą różnicą że nie można wybrać modułów oraz backup online jest niedostępny 
24.05.2012, 19:14
Uważam, że McAfee TP 2012 to naprawdę świetny pakiet. nie wiem tylko, dlaczego jest taki niedoszacowany (moim zdaniem) w testach.
24.05.2012, 19:19
zbir napisał(a):Uważam, że McAfee TP 2012 to naprawdę świetny pakiet. nie wiem tylko, dlaczego jest taki niedoszacowany (moim zdaniem) w testach. Bo kiedy uruchamiasz Ransoma, którego nawet darmowe avg blokuje McAfee siedzi cichutko Dodano: 24 maja 2012, 19:19 zord napisał(a):I najważniejsze info dotyczące bety Ja chce testować szóstkę:-(
24.05.2012, 19:23
A zmienili e becie wygląd pakietu?
alex1155: Ale to ostatnio własnie McAfee TP wyczyściło w komputerze mojego syna 13 różnych wirusów po Kasperskym IS. 
24.05.2012, 19:31
zbir, trudno powiedziec ,bo do szóstki mało kto ma dostep. Mozna próbowac sie rejestrowac i a nóż widelec się trafi...
Wygląda jednak na to ,że szufladki zostaja Ten program byłby fajny gdyby nie fakt,że 48 godzin temu wysłałem im plik do analizy, który mozna uruchamiać bez żadnego problemu. DO tego Firewall blokuje dostep do internetu danej aplikacji, a ona i tak z sieci korzysta. Aktualizacje raz dziennie i zużycie Ramu nawet ponad 200 mb w trakcie tego procesu. Chmura jest wolna . Ale za to Online Backup i Anti-Theft na poziomie KoKo Koko moze Mcafee w nowej wersji będzie spoko 
24.05.2012, 19:45
Na razie się nie zapowiada, na jakieś wielkie zmiany. Oni są dość mocno "opóźnieni".
28.05.2012, 13:43
Aktualizacja w związku z luka W Windowsie
Executive SummarySince the last McAfee® Labs Security Advisory (May 23), the following noteworthy event has taken place: McAfee product coverage has been updated for a vulnerability in Microsoft Windows. McAfee product coverage for this event: ================================================== ===== McAfee Product Coverage * ================================================== ===== Threat:MTIS12-084-A Name:MS Win Keyb DoS Importance:Medium DAT:UA BOP:UA Host IPS:UA McAfee Network Security Platform: UA McAfee Vulnerability Manager:Yes McAfee Web Gateway:UA McAfee Remediation Manager:UA McAfee Policy Auditor:UA MNAC:UA McAfee Firewall Enterprise:UA McAfee Firewall Enterprise:N/A ================================================== ============================= [MTIS12-084-A] Microsoft Windows Keyboard Layout Local Denial of Service ================================================== ============================= Threat Identifier(s):MS Win Keyb DoS Threat Type:Vulnerability Risk Assessment:Low Main Threat Vectors:Locally logged-on user User Interaction Required:No Description:A vulnerability in some versions of Microsoft Windows could lead to a local denial of service. The flaw lies in the file win32k!ReadLayoutFile(), which parses the keyboard layout data. Successful exploitation could allow an attacker to execute code with escalated privileges. The exploit requires the attacker to have physical access and valid credentials to the system. Importance:Medium. On May 23, details of this vulnerability were publicly disclosed. Proof-of-concept exploit code is available. McAfee Product Coverage * DAT files:Under analysis VSE BOP:Under analysis Host IPS:Under analysis McAfee Network Security Platform: Under analysis McAfee Vulnerability Manager:The FSL/MVM package of May 23 includes a vulnerability check to assess if your systems are at risk. McAfee Web Gateway:Under analysis McAfee Remediation Manager:Under analysis McAfee Policy Auditor:Under analysis MNAC:Under analysis McAfee Firewall Enterprise:Under analysis McAfee Application Control:Out of scope Additional Information Secunia: Secunia Advisory SA49200 Microsoft Windows Keyboard Layout Processing Vulnerability [Aby zobaczyć linki, zarejestruj się tutaj] -------------------------------------------------- ------------------------- Detailed descriptions of the Security Advisories can be found in the Users Guide: [Aby zobaczyć linki, zarejestruj się tutaj] For more information on McAfee Labs Security Advisories, see: [Aby zobaczyć linki, zarejestruj się tutaj] For McAfee Technical Support: [Aby zobaczyć linki, zarejestruj się tutaj] For Multi-National Phone Support :[Aby zobaczyć linki, zarejestruj się tutaj] McAfee values your feedback on this Security Advisory. Please reply to this mail with your comments *The information provided is only for the use and convenience of McAfee''s customers in connection with their McAfee products, and applies only to the threats described herein. McAfee product coverage statements are limited to known attack vectors and should not be considered comprehensive. THE INFORMATION PROVIDED HEREIN IS PROVIDED "AS IS" AND IS SUBJECT TO CHANGE WITHOUT NOTICE. The information contained herein is the property of McAfee, Inc. and may not be reproduced or disseminated without the expressed written consent of McAfee, Inc. McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the United States and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. I wczesniej aktualizacja w związku z: McAfee product coverage has been updated for vulnerabilities in RealNetworks, Adobe, PHP, and Cisco products. testy go wykańczają: [Aby zobaczyć linki, zarejestruj się tutaj] Ciekawa funkcja: [Aby zobaczyć linki, zarejestruj się tutaj] Do ciekawostek należy tez fakt, że na virustotal.com program dostaje definicje szybciej niż na komputerze ( i to nawet o 48 godzin!). Prawdopodobnie są to beta-bazy, o czym zielonego pojęcia nie maja konsultanci supportu McAfee. Ciekawym też jest fakt, że usunięcie nieznanego wirusa z komputera wiąże się z opłatą 90 dolców Jeśli pojawiają się problemy należy uzyc tego programiku: [Aby zobaczyć linki, zarejestruj się tutaj] Aby wysłać pliki do analizy tego:[Aby zobaczyć linki, zarejestruj się tutaj] Co ciekawe drugi programik sprawdza w chmurze reputacje plików. Wysyła do analizy tylko te podejrzane/nieznane.Dodano: 28 maja 2012, 13:42 i ciekawostka, Atemis potrafi zastąpić(choc nie zawsze oczywiscie) aktualizację fizyczną wydawaną raz dziennie. Otoż przed aktualizacja wykrywa nowe wirusy za pomocą Artemisa, natomiast po aktualizacji TE SAME wirusy sa juz wykrywane pod innymi definicjami. Nie funkcjonuje to we wszystkich przypadkach, jednak w wiekszości. Ciekawi mnie czy gdyby odciąc McAfee dostęp do sieci, to pliki podpisane przez sygnatury Artemisa zostałyby również wykryte. Co by nie było program dzięki temu aktualizuje sie praktycznie 24 godziny na dobę.
31.05.2012, 19:42
Znowu update:McAfee product coverage has been updated for the Skywiper worm.
McAfee product coverage has been updated for vulnerabilities in Microsoft, PHP, Symantec, Apple, and IBM products. McAfee product coverage for these events: ================================================== ===== McAfee Product Coverage * ================================================== ===== Threat:MTIS12-087-A Name:Symantec PHPSQL 0297 Importance:Low DAT:UA BOP:N/A Host IPS:N/A McAfee Network Security Platform: UA McAfee Vulnerability Manager:UA McAfee Web Gateway:UA McAfee Remediation Manager:N/A McAfee Policy Auditor:UA MNAC:UA McAfee Firewall Enterprise:UA McAfee Firewall Enterprise:Exp -------------------------------------------------- ----- Threat:MTIS12-087-B Name:Apple iOS DoS 529 Importance:Low DAT:UA BOP:N/A Host IPS:N/A McAfee Network Security Platform: UA McAfee Vulnerability Manager:UA McAfee Web Gateway:UA McAfee Remediation Manager:N/A McAfee Policy Auditor:UA MNAC:UA McAfee Firewall Enterprise:UA McAfee Firewall Enterprise:N/A -------------------------------------------------- ----- Threat:MTIS12-087-C Name:IBM Quickr RCE 2176 Importance:Low DAT:UA BOP:N/A Host IPS:N/A McAfee Network Security Platform: UA McAfee Vulnerability Manager:UA McAfee Web Gateway:UA McAfee Remediation Manager:N/A McAfee Policy Auditor:UA MNAC:UA McAfee Firewall Enterprise:UA McAfee Firewall Enterprise:Exp ================================================== ===== McAfee Product Coverage Updates * ================================================== ===== Threat:MTIS12-085-M Name:Skywiper Importance:High DAT:Yes BOP:UA => N/A Host IPS:UA => N/A McAfee Network Security Platform: UA => Yes McAfee Vulnerability Manager:No McAfee Web Gateway:Yes McAfee Remediation Manager:N/A McAfee Policy Auditor:N/A MNAC:N/A McAfee Firewall Enterprise:N/A => UA McAfee Application Control:UA => Exp -------------------------------------------------- ----- Threat:MTIS12-076-G Name:MS Exl RCE 1847 Importance:Medium DAT:UA => N/A BOP:Exp Host IPS:Exp McAfee Network Security Platform: Yes McAfee Vulnerability Manager:Yes McAfee Web Gateway:UA => N/A McAfee Remediation Manager end => YesMcAfee Policy Auditor end => UAMNAC end => UAMcAfee Firewall Enterprise:UA McAfee Application Control:Exp -------------------------------------------------- ----- Threat:MTIS12-078-A Name HP-CGI RCE 1823Importance:Low DAT:UA BOP:N/A Host IPS:N/A McAfee Network Security Platform: Yes McAfee Vulnerability Manager end => YesMcAfee Web Gateway:UA McAfee Remediation Manager:N/A McAfee Policy Auditor:UA MNAC:UA McAfee Firewall Enterprise:UA McAfee Application Control:UA => Exp ================================================== ============================= [MTIS12-087-A] Symantec Web Gateway HTTP Access Log SQL Injection Remote Code Execution ================================================== ============================= Threat Identifier(s):CVE-2012-0297 Threat Type:Vulnerability Risk Assessment:High Main Threat Vectors:LAN User Interaction Required:No Description:A vulnerability in some versions of Symantec Web Gateway Management could lead to remote code execution. The vulnerability is specific to the validation of external input by the GUI management console. Successful exploitation could allow an attacker to execute remote code. The exploit requires the attacker to be an authorized network user or to gain remote access to the network. Importance:Low. On May 17, Symantec released an update to address this vulnerability. McAfee Product Coverage * DAT files:Under analysis VSE BOP:Out of scope Host IPS:Out of scope McAfee Network Security Platform: Under analysis McAfee Vulnerability Manager:Under analysis McAfee Web Gateway:Under analysis McAfee Remediation Manager:Out of scope McAfee Policy Auditor:Under analysis MNAC:Under analysis McAfee Firewall Enterprise:Under analysis McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control and Memory Protection. Additional Information Symantec: Security Advisories Relating to Symantec Products - Symantec Web Gateway Multiple Security Issues [Aby zobaczyć linki, zarejestruj się tutaj] ================================================== ============================= [MTIS12-087-B] Apple iOS Safari match() Buffer Denial of Service ================================================== ============================= Threat Identifier(s):Apple iOS DoS 529 Threat Type:Vulnerability Risk Assessment:Low Main Threat Vectors:WAN; Web; LAN User Interaction Required:Yes Description:A vulnerability in some versions of Apple iOS could lead to remote code execution. The flaw lies in the Safari browser. Specifically a buffer overflow condition in the JavaScript function match() can be invoked via a maliciously crafted web page or request. Importance:Low. On May 25, details of this vulnerability were publicly disclosed. Proof-of-concept exploit code is available. McAfee Product Coverage * DAT files:Under analysis VSE BOP:Out of scope Host IPS:Out of scope McAfee Network Security Platform: Under analysis McAfee Vulnerability Manager:Under analysis McAfee Web Gateway:Under analysis McAfee Remediation Manager:Out of scope McAfee Policy Auditor:Under analysis MNAC:Under analysis McAfee Firewall Enterprise:Under analysis McAfee Application Control:Out of scope Additional Information Exploit-DB: iOS <= v5.1.1 Safari Browser JS match, search Crash PoC [Aby zobaczyć linki, zarejestruj się tutaj] ================================================== ============================= [MTIS12-087-C] IBM Lotus Quickr qp2.cab ActiveX Control Remote Code Execution ================================================== ============================= Threat Identifier(s):CVE-2012-2176 Threat Type:Vulnerability Risk Assessment:High Main Threat Vectors:WAN; LAN; Web User Interaction Required:Yes Description:A vulnerability in some versions of IBM Lotus Quickr could lead to remote code execution. The flaw is due to a boundary error within the QuickPlace ActiveX control. Successful exploitation by a remote attacker could result in the execution of arbitrary code. Importance:Low. On May 23, IBM released an update to address this vulnerability. McAfee Product Coverage * DAT files:Under analysis VSE BOP:Out of scope Host IPS:Out of scope McAfee Network Security Platform: Under analysis McAfee Vulnerability Manager:Under analysis McAfee Web Gateway:Under analysis McAfee Remediation Manager:Out of scope McAfee Policy Auditor:Under analysis MNAC:Under analysis McAfee Firewall Enterprise:Under analysis McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control and Memory Protection. Additional Information IBM Security Bulletin: IBM Lotus Quickr 8.2 for Domino ActiveX control buffer overflow vulnerability [Aby zobaczyć linki, zarejestruj się tutaj] ================================================== ============================= [MTIS12-085-M] Skywiper ================================================== ============================= Threat Identifier(s):Flame; Flamer; Wiper; M70492 Threat Type:Malware Risk Assessment:Low Main Threat Vectors:LAN; Web; WAN User Interaction Required:Yes Description:Skywiper covers malware associated with a long-standing and highly evolved information-theft and monitoring campaign that is targeted at specific entities in the Middle East and Europe. McAfee Labs has observed publicly available reports from antispyware companies and log files in public help forums that could indicate infections of early variants of Skywiper in Europe and Iran several years ago (for example, March 2010). The threat propagates via its own native mechanisms, and leverages vulnerabilities described in MS10-061 and MS10-046. Skywiper is a modular, extendable, and updateable threat. It is capable of, but not limited to, the following key espionage functions: - Scanning network resources - Stealing information as specified - Communicating with command and control (C&C) servers over SSH and HTTPS protocols - Detecting the presence of more than 100 security products (antivirus, antispyware, firewalls, etc.) - Using both kernel- and user-mode logic - Employing complex internal functionality using Windows APC calls and and threads start manipulation, and code injections to key processes. Loading as part of Winlogon.exe and then injecting itself into explorer.exe and services. - Concealing its presence as ~ named temp files, just as Stuxnet and Duqu - Attacking new systems via USB flash memory and local networks (spreading slowly) - Creating screen captures - Recording voice conversations - Running on Windows XP, Windows Vista, and Windows 7 systems - Containing known exploits, such as the print spooler and lnk exploits found in Stuxnet - Using the SQLite database to store collected information - Using a custom database for attack modules (this is very unusual, but shows the modularity and extendability of the malware) - Often located on nearby systems: a local network for both C&C and target-infection cases - Uses multiple encryption methods (for example, XOR and RC4) Importance:High. This threat has gained media attention. Analysis is ongoing as of May 30. McAfee Product Coverage * DAT files:Coverage is provided in the 6726 DATs (released on May 29) as "Skywiper." The Stinger release of May 30 also provides detection of associated malware and repair. VSE BOP:Out of scope Host IPS:Out of scope McAfee Network Security Platform: A Network Security Emergency User Defined Signature (HTTP: W32/Skywiper Activity Detected) has been created to detect this threat. The UDS is available for download via McAfee Knowledge Base article KB55447: [Aby zobaczyć linki, zarejestruj się tutaj] .McAfee Vulnerability Manager:Out of scope McAfee Web Gateway:Coverage is provided in the 6726 DATs (released on May 29) as "Skywiper." McAfee Remediation Manager:Out of scope McAfee Policy Auditor:Out of scope MNAC:Out of scope McAfee Firewall Enterprise:Under analysis McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control and Memory Protection. Additional Information McAfee Labs: Attack - Flame [Aby zobaczyć linki, zarejestruj się tutaj] McAfee Labs: Jumping Into the Flames of Skywiper [Aby zobaczyć linki, zarejestruj się tutaj] McAfee Labs: Skywiper ? Fanning the Flames of Cyberwarfare [Aby zobaczyć linki, zarejestruj się tutaj] CrySyS: sKyWIper -A complex malware for targeted attacks [Aby zobaczyć linki, zarejestruj się tutaj] IR CERT: Identification of a New Targeted Cyber-Attack [Aby zobaczyć linki, zarejestruj się tutaj] ================================================== ============================= [MTIS12-076-G] (MS12-030) Microsoft Office Excel Record Parsing Type Mismatch Remote Code Execution (2663830) ================================================== ============================= Threat Identifier(s):CVE-2012-1847; MS12-030 Threat Type:Vulnerability Risk Assessment:High Main Threat Vectors:LAN; Web; WAN; E-Mail; Peer-to-Peer Networks User Interaction Required:Yes Description:A vulnerability in some versions of Microsoft Excel could lead to remote code execution. The flaw lies in the mismatch of records parsing of an Excel file. Successful exploitation could allow an attacker to execute remote code. The exploit file requires the user to open a malicious Excel file. Importance:Medium. On May 8, Microsoft released an update to address this vulnerability. McAfee Product Coverage * DAT files:Out of scope VSE BOP:Generic buffer overflow protection is expected to cover code execution exploits. Host IPS:Generic buffer overflow protection is expected to cover code execution exploits. McAfee Network Security Platform: The sigset release of May 8 includes the signature "HTTP: Microsoft Office Excel Record Parsing Type Mismatch Remote Code Execution Vulnerability," which provides coverage. McAfee Vulnerability Manager:The FSL/MVM package of May 8 includes a vulnerability check to assess if your systems are at risk. McAfee Web Gateway:Out of scope McAfee Remediation Manager:The V-Flash package of May 10 includes a vulnerability check to assess if your systems are at risk. McAfee Policy Auditor:Under analysis MNAC:Under analysis McAfee Firewall Enterprise:Under analysis McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control and Memory Protection. Additional Information [Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj] ================================================== ============================= [MTIS12-078-A] PHP-CGI Nullcon CTF Remote Code Execution ================================================== ============================= Threat Identifier(s):CVE-2012-1823 Threat Type:Vulnerability Risk Assessment:High Main Threat Vectors:Web User Interaction Required:Yes Description:A vulnerability in some versions of PHP could lead to remote code execution. The flaw lies in CGI-based setups. Successful exploitation by a remote attacker could result in the execution of arbitrary code. Importance:Low. On May 2, details of this vulnerability were publicly disclosed. Proof-of-concept exploit code is available. McAfee Product Coverage * DAT files:Under analysis VSE BOP:Out of scope Host IPS:Out of scope McAfee Network Security Platform: The sigset release of May 8 includes the signature "HTTP: Detect PHP-CGI Remote Code Execution Vulnerability I," which provides coverage. McAfee Vulnerability Manager:The FSL/MVM package of May 4 includes a vulnerability check to assess if your systems are at risk. McAfee Web Gateway:Under analysis McAfee Remediation Manager:Out of scope McAfee Policy Auditor:Under analysis MNAC:Under analysis McAfee Firewall Enterprise:Under analysis McAfee Application Control:Run-Time Control locks down systems and provides protection in the form of Execution Control and Memory Protection. Additional Information PHP Security: NEW PHP-CGI EXPLOIT: CVE-2012-1823, POC EXPLOIT. [Aby zobaczyć linki, zarejestruj się tutaj] -------------------------------------------------- ------------------------- Detailed descriptions of the Security Advisories can be found in the Users Guide: [Aby zobaczyć linki, zarejestruj się tutaj] For more information on McAfee Labs Security Advisories, see: [Aby zobaczyć linki, zarejestruj się tutaj] For McAfee Technical Support: [Aby zobaczyć linki, zarejestruj się tutaj] For Multi-National Phone Support :[Aby zobaczyć linki, zarejestruj się tutaj] McAfee values your feedback on this Security Advisory. Please reply to this mail with your comments *The information provided is only for the use and convenience of McAfee''s customers in connection with their McAfee products, and applies only to the threats described herein. McAfee product coverage statements are limited to known attack vectors and should not be considered comprehensive. THE INFORMATION PROVIDED HEREIN IS PROVIDED "AS IS" AND IS SUBJECT TO CHANGE WITHOUT NOTICE. The information contained herein is the property of McAfee, Inc. and may not be reproduced or disseminated without the expressed written consent of McAfee, Inc. McAfee and/or additional marks herein are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the United States and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. Dodano: 31 maja 2012, 18:09 I zakonczyłem swoje testy Norton Internet Security wykrył jednego Trojan.Gen.2, PrevX nie widział żadnego zagrożenia, Hitman Pro podobnie jak Norton-1 zagrożenie(to samo). Biorąc pod uwagę, że pobrałem i uruchomiłem ponad 2500 wirusów(Sandbox), to chyba niezły wynik? McAfee działał na moim komputerze 2 tygodnie, miał stały dostęp do aktualizacji. Program polecam. Jest multifunkcjonalny i można go mieć za free. Nie ma praktycznie heurystyki, jest tylko chmura Artemis. Jednak wykrycia na paczkach są na godnym poziomie. Nie sypie FP, aktualizuje się w czasie rzeczywistym (chmura). Czas dodania wirusa do bazy Artemisa od 2 godzin do 72! Nie jest ciężki, ale lekki tez nie. Norton przy nim to piórko, ale NiS jednak nie ma tylu funkcji. Bardzo dobra ochrona sieci, skanuje USb, nie przeszkadza. Tworzy magazyny zaszyfrowane hasłem- pełna prywatnośc, nie da sie dostac do tych plikow nieuprawnionym. Polecam! Dodano: 31 maja 2012, 19:42 Chciałbym jeszcze dodac ,że na drugim dysku (mam połączone dwa ze sobą z osobnymi Windowsami) mojego brata McAfee jest wgrany od początku. Program zachowuje się skrajnie lekko, choć parametry komputera identyczne. Wniosek , nie można go wgrywac po innym pakiecie , nawet po dokładnym czyszczeniu rejestru :-( ( żeby osiągnąc najlepszy efekt wydajności oczywiście)
03.06.2012, 18:39
Executive Summary
Since the last McAfee® Labs Security Advisory (May 31), the following noteworthy event has taken place: McAfee product coverage has been updated for vulnerabilities in Adobe, Cisco, and SAP products. Executive Summary Since the last McAfee® Labs Security Advisory (June 1), the following noteworthy event has taken place: McAfee product coverage has been updated for vulnerabilities in Microsoft, RealNetworks, Symantec, and SAP products. 
03.06.2012, 21:42
Ludziska, jak sciagnac triala Site Advisor Live? Jak dodaje ten produkt do mojego konta, to nie widze opcji pobrania, tylko dane do kupna/przelewu... Alex?...
ps dzieki za puncik ;D
03.06.2012, 21:55
nie pomogę, w tej chwili Piszę z telefonu
Ale pobierz sobie bete zainstaluj kilka składników albo tylko live jak się będzie dało i luuz. Programik na zawsze. Jest bd dobry.
04.06.2012, 18:47
Parę screenów z wersji beta.
[Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj] [Aby zobaczyć linki, zarejestruj się tutaj]
avast! Free Antivirus
Asus X52JE | Intel Core i3 M370 | 3GB RAM DDR3 | ATI Radeon HD 5470
05.06.2012, 12:50
A spoofing vulnerability in Microsoft Internet Explorer has been disclosed.
McAfee product coverage has been updated for vulnerabilities in Cisco, Digium Asterisk, IrfanView, Microsoft, SAP, Symantec, and Wireshark products. 
05.06.2012, 13:32
Cytat: McAfee 2012 - niedoceniony gigant? Gigant dlatego, że jest często preinstalowany na laptopach i telefonach. Na mojej Toshibie miałem trial 30 dniowy. Przetestowałem i działał dość wolno (mam procesor 4 rdzeniowy Intel Core i7). Program ma słabą wykrywalność (Virus Bulletin, AV-Comparatives, AV-TEST.org) i słabo radzi sobie z zainfekowanymi komputerami.
05.06.2012, 13:34
A ja przeszedłem z MSE i szczerze mówiąc nie widzę różnicy... A ochrona jest dosyć przyzwoita (spr. ostatnią paczkę) także nie wiem w czym problem. Tak samo ochrona web, McAfee Site Advisor działa b. dobrze, nie mam mu nic do zarzucenia.
avast! Free Antivirus
Asus X52JE | Intel Core i3 M370 | 3GB RAM DDR3 | ATI Radeon HD 5470 |
|
« Starszy wątek | Nowszy wątek »
|
Użytkownicy przeglądający ten wątek: 1 gości