Антивирусная компания McAfee продала исследовательское подразделение McAfee Research компании Sparta из США, специализирующейся в технических разработках в военной сфере.
Среди клиентов McAfee Research — силовые ведомства США, в том числе Агентство усовершенствованных оборонных исследовательских проектов (DARPA), Агентство национальной безопасности (NSA), армейские исследовательские лаборатории, а также такие крупные компании, как Telcordia, Hewlett-Packard, Juniper и Boeing. «В ответ на запросы национальных силовых ведомств, большая часть исследований McAfee Research перешла от традиционных несекретных объектов к ресурсам с различными грифами ограничения доступа», — говорится в заявлении McAfee.
Финансовая сторона сделки не разглашается. По замыслу руководства, продажа подразделения поможет выправить финансовые показатели. В компании остался еще один исследовательский центр — McAfee Avert (команда экстренного реагирования на вирусы и уязвимости), сообщил Computer Weekly.
Beta II - End of February
Release Candidate - Beginning of April
Final Release - Mid-April
Patch Release: 14 January 2005
This release was developed and tested with:
- VirusScan Enterprise:8.0i
- DAT Version: 4416, December 22 2004
- Engine Version: 4.3.20
RESOLVED ISSUES
1. ISSUE:
A memory leak occurred in non-page pool memory
when accessing files via the network redirector.
The TDI driver did not release memory that had
been allocated for identifying Source IP
information.
RESOLUTION:
Memory is properly released by the TDI driver.
2. ISSUE:
If the TDI driver received an I/O Request Packet
(IRP) that did not have enough stack locations
to be passed down the stack, a new IRP was
created and the original IRP was left
uncompleted. This resulted in a small memory
leak.
RESOLUTION:
The original IRP is now completed.
3. ISSUE:
A driver conflict between the McAfee TDI driver
and a driver from Aventail VPN Client software
could result in NetBIOS network connectivity
being lost.
RESOLUTION:
NetBIOS network connectivity functions as
expected when these applications are installed.
4. ISSUE:
When a system was under considerable file I/O
stress, and the path information of a file was
not examined correctly by the exclusion library,
an excluded file or a file inside an excluded
folder could be scanned.
RESOLUTION:
The exclusion library has been updated to ensure
that file path information is examined correctly
under any stress condition.
5. ISSUE:
Malformed JPEG files taking advantage of the
MS04-028 exploit could be rendered by a browser
-– without first having to cache files locally
-- to induce an attack on the system. Details of
the security bulletin can be found at:
http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx
RESOLUTION:
The processes monitored by the Buffer Overflow
Protection feature are protected against
malicious code attempting to execute after
exploiting the MS04-028 vulnerability.
IMPORTANT:
When a buffer overflow has occurred, the
affected process may become unstable and may
need to be restarted.
This patch release is not a substitute for any
security patch(es) provided by Microsoft to
resolve the MS04-028 vulnerability.
6. ISSUE:
Toolbar icons in some applications, including
IBM WebSphere Studio, display as black boxes.
RESOLUTION:
Toolbar icons now display as expected.
7. ISSUE:
Web Inspector from Zixcorp would encounter an
error upon initializing, usually seen at logon.
RESOLUTION:
Web Inspector loads without issue.
8. ISSUE:
Windows Media Player 10 could stop responding
after you select the option to listen to a
"Radio" stream, then select the "Music" tab.
RESOLUTION:
Windows Media Player 10 operates correctly
without interruption when you change from the
"Radio" tab to "Music" tab, and vice versa.
NOTE:
Once the Patch is applied, a reboot may be
required to resolve this issue.
9. ISSUE:
List boxes and Message boxes in .NET
applications do not display any content.
RESOLUTION:
List boxes and Message boxes now display content
as expected.
10. ISSUE:
In some Notes configurations where user mail
databases were located in varying locations, the
Lotus Notes Scanner would not find a mailbox to
scan.
RESOLUTION:
User mailboxes are correctly located, and the
Lotus Notes scanner protects the database.
11. ISSUE:
The user interface option that allows you to
password protect the "On-Access Scanner:
Detection" page mistakenly protects both the
On-Access Scan "Detection" and On-Access Scan
"Set Exclusions" property pages. A user could
not add exclusions.
RESOLUTION:
Choosing to protect the "On-Access Scanner:
Detection" page from the "User Interface
Options" now protects only the On-Access Scan
"Detection" page.
12. ISSUE:
A "Cannot find the file specified" error message
could occur when starting Lotus Notes via a
shortcut, or when starting Lotus Notes from a
shell.
The same error message could occur when
third-party applications that inject an add-in
into Lotus Notes attempt to invoke the McAfee
Lotus Notes scanner extensions and fail to find
NCDAEMON.EXE.
RESOLUTION:
NCDAEMON.EXE now loads successfully.
13. ISSUE:
A delay in responsiveness of the script engine
would occur when executing scripts
sequentially.
RESOLUTION:
Scripts terminate correctly, allowing the script
engine to respond to subsequent script
commands.
14. ISSUE:
An "Access denied" error appeared in an
application that used the "delete-on-close" flag
when working with temporary files. The file
system filter driver would lose track of the
"delete-on-close" flag.
RESOLUTION:
The updated file system filter driver resolves
this issue, allowing temporary files to be
utilized as expected.
как McAfee заставить не сканировать большие файлы?
McAfee(R) Anti-Spyware Enterprise Module
Version 8.0 – BETA 2
==========================================================
- DAT Version: 6.00.1123.1
- Engine Version: 1.05.1108.2
==========================================================
WHAT IS THE ANTI-SPYWARE ENTERPRISE MODULE?
The Anti-Spyware Enterprise Module adds on to the
VirusScan Enterprise product to extend its ability
to detect and take action on potentially unwanted
spyware and cookies.
Once installed and configured, the module uses the
VirusScan Enterprise on-access and on-demand
scanners to detect and take action on spyware and
cookies.
- The on-access scanner provides the primary
protection against spyware. It uses the spyware
definitions that are included in the virus
definitions (DAT) file to detect spyware, then
takes action based on the options you have
specified on the Actions tab.
The on-access scanner does not detect cookies.
- In addition to file scanning, the on-demand
scanner uses a registry scan to detect
spyware-related registry entries that were not
previously cleaned and a cookies scan to detect
cookies. It uses the spyware and cookies
definitions that are included in the virus
definitions (DAT) file to detect these, then
takes the options that you have specified on the
Actions tabs.
See the McAfee Anti-Spyware Enterprise Module 8.0
Guide for more information about how the product
works.
Scanning can be configured and performed directly
from VirusScan Enterprise or from ePolicy
Orchestrator.
WHAT'S IN THIS FILE
- What is the Anti-Spyware Enterprise Module?
- Installation & System Requirements
- Known Issues
- General
- Protection Pilot
- ePolicy Orchestrator
- Documentation
- Anti-Spyware Enterprise Module 8.0
Documentation
- VirusScan Enterprise 8.0i Documentation
- Participating in the McAfee Beta Program
- Contact Information
- Copyright & Trademark Attributions
- License & Patent Information
Я так понял судя по записи в эбауте сабжа, после установки 10го патча, что это кумулятив и предыдущие патчи не нужны!
Я прав?
"5.Where will I see that I have the Beta installed ? The following items can be noted after installation:
You will see in the About Box - + Anti-Spyware Module 8.0.0 (Beta)
You will see 2 new items in the ODS scan targets: Registry and Cookies.
Unwanted Programs Policy will have all checkbox’s enabled
You will see in your log files Alerts of Anti-Spyware scan detections"
Configuring the module
Describes how to configure the module from VirusScan Enterprise or using ePolicy Orchestrator. For more information about using these
products, see What product documentation is available? on page 9.
From VirusScan Enterprise
Both the on-access scanner and on-demand scan tasks require
configuration before the module can detect spyware or cookies.
On-access scanner
The on-access scanner must be configured to detect unwanted
programs before it can detect spyware.
1 From the VirusScan Console, open the On-Access Scan Properties
dialog box.
2 Select All Processes in the left pane, then on the Unwanted
Programs tab, select Detect unwanted programs.
3 Review the Unwanted Programs actions to ensure they meet your
needs. If the action is set to Clean files automatically or Delete files
automatically, the file is deleted.
4 Click OK to save your settings and close the dialog box.
On-demand scan tasks
The on-demand scan tasks must be configured to detect unwanted
programs before they can detect spyware or cookies, then the
registry and cookies scan tasks can be created and configured.
Enabling unwanted programs detection
1 From the VirusScan Console, open the On-Demand Scan Properties
dialog box.
2 On the Unwanted Programs tab, select Detect unwanted programs.
3 Review the Unwanted Programs actions to ensure they meet your
needs.
�� For the registry scan, if the action is set to Clean files or Delete
files, the registry key or value is deleted. All other actions are
treated as Continue scanning.
�� For the cookies scan, the Delete files and Move files to a folder
actions will delete or move the entire cookie file. Clean files is
treated the same as Delete files.
4 Click Apply to save your settings.
Creating and configuring the registry scan task
1 From the VirusScan Console, open the On-Demand Scan Properties
dialog box.
2 On the Where tab, click Add.
3 Select Registry (using the Anti-Spyware Module) from the dropdown
list.
4 Click OK.to return to the On-Demand Scan Properties dialog box.
You see Registry (using the Anti-Spyware) in the Item Name list.
5 Configure the remaining options in the On-Demand Scan Properties
dialog box as you would for any on-demand scan task with these
exceptions:
�� The Heuristics options on the Advanced tab do not apply.
�� The options on the Actions tab do not apply.
6 Click Schedule if you want to schedule the task, then when
finished, click Apply to save your settings.
Соответственно отключив это, он не будет ловить "шпионов"
Настроить как-нибудь модуль этот для мониторинга
файлы обновлений вирусной базы extra.dat
удаляет "любимые" backdoor и трояны
было бы логично отправить его в карантин,
а пользователю или админстратору удалять и чистить карантин
Компания Network Associates начинает поставки LinuxShield, нового антивирусного решения для Linux-серверов. Продукт базируется на ядре McAfee Antivirus и включает в себя следующие возможности: автоматическое обновление сигнатур, поиск вредоносного кода в архивах, эвристический анализатор. LinuxShield поддерживает Red Hat и SUSE Linux
Supported distributions
Red Hat 9.0
Red Hat Enterprise 2.1 Advanced Server, Workstation, Enterprise Server
Red Hat Enterprise 3.0 Advanced Server, Workstation, Enterprise Server
SuSE 8.2
SuSE 9.0
SuSE Enterprise 8 Server United Linux 1.0
Страницы: 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081
Предыдущая тема: Какой программой посмотреть директории на сайте