Update Protection against Recent Malware Threats (27-Aug-09)
| Check Point Reference: | CPAI-2009-171 | |
| Date Published: | ||
| Severity: | ||
| Source: | Virus: W32.Sality.AM Trojan: Worm.Win32.Koobface.hy Trojan: TrojanSpy.Win32.Zbot.gen.C Trojan: Trojan.Win32.FraudPack.ogk Trojan: Trojan.Spy.Zbot.SO Trojan: Trojan.Spy.ZBot.RD Trojan: Trojan.LooksLike.Zaplot Trojan: Trojan-Spy.Win32.Zbot.wti Trickler: Trojan.Dropper.Win32.Agent.alda Trickler: Trojan-Dropper.Agent.IK Trickler: Trojan-Downloader.Win32.Banload.bda Snoopware: Wowpa KI Snoopware: PWS.Win32.Ldpinch.gen Rogue-Software: XP Antivirus Protection Rogue-Software: AntivirusDoktor2009 |
|
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Microsoft Windows clients | ||
| Vulnerability Description The update includes new protections against 15 recent malware threats: Virus: W32.Sality.AM Trojan: Worm.Win32.Koobface.hy Trojan: TrojanSpy.Win32.Zbot.gen.C Trojan: Trojan.Win32.FraudPack.ogk Trojan: Trojan.Spy.Zbot.SO Trojan: Trojan.Spy.ZBot.RD Trojan: Trojan.LooksLike.Zaplot Trojan: Trojan-Spy.Win32.Zbot.wti Trickler: Trojan.Dropper.Win32.Agent.alda Trickler: Trojan-Dropper.Agent.IK Trickler: Trojan-Downloader.Win32.Banload.bda Snoopware: Wowpa KI Snoopware: PWS.Win32.Ldpinch.gen Rogue-Software: XP Antivirus Protection Rogue-Software: AntivirusDoktor2009 |
||
|
Vulnerability Details Malware is a software designed to infiltrate or damage a computer system without the owner's informed consent. It is a general name for a variety of forms of hostile, intrusive, or annoying programs like Viruses, worms, Adware, Trojans, and spyware that exploit unprotected clients, using network access to intrude upon organizations, destroying or stealing data. Rogue Software is a software that uses Malware or malicious tools to advertise or install itself or to force computer users to pay for removal of nonexistent malware. Rogue software will often install a trojan horse to download a trial version, or it will execute other unwanted actions. Tricklers are software designed to download and install malicious applications by running silently in the background to be less noticeable. Tricklers are typically used to install a spyware programs onto the victim's machine. A Trojan horse is a program that installs malicious software while under the guise of doing something else. Trojans are known for installing backdoor programs which allow unauthorized non permissible remote access to the victim's machine by unwanted parties with malicious intentions. A virus is a program that spreads itself through infecting and modifying executable files and copying itself to removable drives or share folders. Rogue Software is a software that uses Malware or malicious tools to advertise or install itself or to force computer users to pay for removal of nonexistent malware. Rogue software will often install a trojan horse to download a trial version, or it will execute other unwanted actions. |
Protection Overview
The update enables the Header Rejection protection to detect and block the malware based on pre-defined header names.
In order for the protection to be activated, update your Security Gateway/VPN-1/InterSpect product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.