==============================================================

 

マカフィー サポート通信 - リスク管理ソリューション 2011.10.11

==============================================================

 

本メールはMcAfee Vulnerability Manager製品のサポートをご購入のお客様

に配信しております。

 

○-======  今週のマカフィー Vulnerability Manager (目次)  =======-○

1) FSL UPDATE

2) OSパッチアップデート

3) McAfee Vulnerability Manager Software v6.8のサポート終了について

4) サポートコミュニティサイトでのテクニカルドキュメント公開

5) 企業向けサポートコミュニティサイトの開設および Twitter サービスの開始について

6) 「サポート通信」配信について

 

※) マカフィーからのサービス

○-===================================================-○

 

-------------------------------------------------------

1) FSL UPDATE

-------------------------------------------------------

マカフィーは以下のVulnerability Manager製品のアップデートを提供しています。

最新更新日: 2011-OCT-10

 

(SUMMARY)

 

新しいチェック項目     :     111

改善されたチェック項目 :     192

削除されたチェック項目 :       3

 

 追加・改善されたシグネチャ項目等の詳細は以下の製品ダウンロード

 ページから「McAfee Foundstone Update」の最新版を入手してください。

 

 http://www.mcafee.com/japan/licensed2/

 

新しいチェック項目:

 

  * FID #41759 Red Hat Enterprise Linux RHSA-2011-1341 Update Is Not Installed

    Risk: High

  * FID #41760 Red Hat Enterprise Linux RHSA-2011-1349 Update Is Not Installed

    Risk: High

  * FID #41762 Red Hat Enterprise Linux RHSA-2011-1344 Update Is Not Installed

    Risk: High

  * FID #41764 Red Hat Enterprise Linux RHSA-2011-1342 Update Is Not Installed

    Risk: High

  * FID #41765 Red Hat Enterprise Linux RHSA-2011-1350 Update Is Not Installed

    Risk: High

  * FID #41767 Red Hat Enterprise Linux RHSA-2011-1343 Update Is Not Installed

    Risk: High

  * FID #85191 CentOS 5 CESA-2011-1349 Update Is Not Installed

    Risk: High

  * FID #85192 CentOS 4, 5 CESA-2011-1341 Update Is Not Installed

    Risk: High

  * FID #85193 CentOS 4, 5 CESA-2011-1343 Update Is Not Installed

    Risk: High

  * FID #85194 CentOS 4 CESA-2011-1344 Update Is Not Installed

    Risk: High

  * FID #90847 Oracle Enterprise Linux ELSA-2011-1342 Update Is Not Installed

    Risk: High

  * FID #90850 Oracle Enterprise Linux ELSA-2011-1343 Update Is Not Installed

    Risk: High

  * FID #90851 Oracle Enterprise Linux ELSA-2011-1344 Update Is Not Installed

    Risk: High

  * FID #90852 Oracle Enterprise Linux ELSA-2011-1341 Update Is Not Installed

    Risk: High

  * FID #90853 Oracle Enterprise Linux ELSA-2011-1349 Update Is Not Installed

    Risk: High

  * FID #32879 Sun Solaris 146672-02 Update Is Not Installed

    Risk: Medium

  * FID #41761 Red Hat Enterprise Linux RHSA-2011-1356 Update Is Not Installed

    Risk: Medium

  * FID #41763 Red Hat Enterprise Linux RHSA-2011-1359 Update Is Not Installed

    Risk: Medium

  * FID #41766 Red Hat Enterprise Linux RHSA-2011-1360 Update Is Not Installed

    Risk: Medium

  * FID #81979 Fedora Linux 14 FEDORA-2011-12481 Update Is Not Installed

    Risk: Medium

  * FID #85190 CentOS 5 CESA-2011-1359 Update Is Not Installed

    Risk: Medium

  * FID #90848 Oracle Enterprise Linux ELSA-2011-1360 Update Is Not Installed

    Risk: Medium

  * FID #90849 Oracle Enterprise Linux ELSA-2011-1356 Update Is Not Installed

    Risk: Medium

  * FID #90854 Oracle Enterprise Linux ELSA-2011-1359 Update Is Not Installed

    Risk: Medium

  * FID #92804 Mandriva Linux 2009.0, 2010.1 MDVSA-2011-139 Update Is Not Installed

    Risk: Medium

  * FID #92805 Mandriva Linux 2011.0 MDVSA-2011-141 Update Is Not Installed

    Risk: Medium

  * FID #92809 Mandriva Linux 2009.0, 2010.1 MDVSA-2011-140 Update Is Not Installed

    Risk: Medium

  * FID #32877 Sun Solaris 147632-01 Update Is Not Installed

    Risk: Low

  * FID #32878 Sun Solaris 111958-04 Update Is Not Installed

    Risk: Low

  * FID #32880 Sun Solaris 147631-01 Update Is Not Installed

    Risk: Low

  * FID #32881 Sun Solaris 111959-04 Update Is Not Installed

    Risk: Low

  * FID #50344 Ubuntu Linux 11.04 USN-1222-2 Update Is Not Installed

    Risk: Low

  * FID #50345 Ubuntu Linux 10.04, 10.10, 11.04 USN-1217-1 Update Is Not Installed

    Risk: Low

  * FID #50346 Ubuntu Linux 10.04 USN-1218-1 Update Is Not Installed

    Risk: Low

  * FID #50347 Ubuntu Linux 10.04, 10.10 USN-1210-1 Update Is Not Installed

    Risk: Low

  * FID #50348 Ubuntu Linux 8.04 LTS USN-1225-1 Update Is Not Installed

    Risk: Low

  * FID #50349 Ubuntu Linux 10.10, 11.04 USN-1226-2 Update Is Not Installed

    Risk: Low

  * FID #50350 Ubuntu Linux 11.04 USN-1222-1 Update Is Not Installed

    Risk: Low

  * FID #50351 Ubuntu Linux 10.04, 10.10, 11.04 USN-1223-1 Update Is Not Installed

    Risk: Low

  * FID #50352 Ubuntu Linux 10.04, 10.10, 11.04 USN-1213-1 Update Is Not Installed

    Risk: Low

  * FID #50353 Ubuntu Linux 11.04 USN-1224-1 Update Is Not Installed

    Risk: Low

  * FID #50354 Ubuntu Linux 10.04, 8.04 LTS USN-1226-1 Update Is Not Installed

    Risk: Low

  * FID #50355 Ubuntu Linux 10.04 USN-1219-1 Update Is Not Installed

    Risk: Low

  * FID #50356 Ubuntu Linux 10.04 USN-1223-2 Update Is Not Installed

    Risk: Low

  * FID #50357 Ubuntu Linux 10.10 USN-1220-1 Update Is Not Installed

    Risk: Low

  * FID #50358 Ubuntu Linux 10.04, 10.10, 11.04 USN-1221-1 Update Is Not Installed

    Risk: Low

  * FID #55121 Top Weekly Malware Env - Trojan-scandsk (scandsk.exe)

    Risk: Low

  * FID #55122 Top Weekly Malware Env - Trojan-opencp (opencp07.exe)

    Risk: Low

  * FID #58212 Debian Linux 5.0, 6.0 DSA-2315-1 Update Is Not Installed

    Risk: Low

  * FID #58213 Debian Linux 5.0, 6.0 DSA-2316-1 Update Is Not Installed

    Risk: Low

  * FID #58214 Debian Linux 6.0 DSA-2313-1 Update Is Not Installed

    Risk: Low

  * FID #58215 Debian Linux 5.0 DSA-2314-1 Update Is Not Installed

    Risk: Low

  * FID #58216 Debian Linux 6.0 DSA-2312-1 Update Is Not Installed

    Risk: Low

  * FID #58217 Debian Linux 6.0 DSA-2317-1 Update Is Not Installed

    Risk: Low

  * FID #58218 Debian Linux 5.0, 6.0 DSA-2318-1 Update Is Not Installed

    Risk: Low

  * FID #81961 Fedora Linux 15 FEDORA-2011-13442 Update Is Not Installed

    Risk: Low

  * FID #81962 Fedora Linux 16 FEDORA-2011-11871 Update Is Not Installed

    Risk: Low

  * FID #81963 Fedora Linux 16 FEDORA-2011-13424 Update Is Not Installed

    Risk: Low

  * FID #81964 Fedora Linux 16 FEDORA-2011-13417 Update Is Not Installed

    Risk: Low

  * FID #81965 Fedora Linux 16 FEDORA-2011-12322 Update Is Not Installed

    Risk: Low

  * FID #81966 Fedora Linux 16 FEDORA-2011-12211 Update Is Not Installed

    Risk: Low

  * FID #81967 Fedora Linux 16 FEDORA-2011-13130 Update Is Not Installed

    Risk: Low

  * FID #81968 Fedora Linux 16 FEDORA-2011-11717 Update Is Not Installed

    Risk: Low

  * FID #81969 Fedora Linux 15 FEDORA-2011-13180 Update Is Not Installed

    Risk: Low

  * FID #81970 Fedora Linux 16 FEDORA-2011-12815 Update Is Not Installed

    Risk: Low

  * FID #81971 Fedora Linux 16 FEDORA-2011-13425 Update Is Not Installed

    Risk: Low

  * FID #81972 Fedora Linux 16 FEDORA-2011-13422 Update Is Not Installed

    Risk: Low

  * FID #81973 Fedora Linux 16 FEDORA-2011-12667 Update Is Not Installed

    Risk: Low

  * FID #81974 Fedora Linux 16 FEDORA-2011-12085 Update Is Not Installed

    Risk: Low

  * FID #81975 Fedora Linux 16 FEDORA-2011-12945 Update Is Not Installed

    Risk: Low

  * FID #81976 Fedora Linux 15 FEDORA-2011-13388 Update Is Not Installed

    Risk: Low

  * FID #81977 Fedora Linux 16 FEDORA-2011-12503 Update Is Not Installed

    Risk: Low

  * FID #81978 Fedora Linux 16 FEDORA-2011-12569 Update Is Not Installed

    Risk: Low

  * FID #81980 Fedora Linux 16 FEDORA-2011-12657 Update Is Not Installed

    Risk: Low

  * FID #81981 Fedora Linux 16 FEDORA-2011-13166 Update Is Not Installed

    Risk: Low

  * FID #81982 Fedora Linux 14 FEDORA-2011-13236 Update Is Not Installed

    Risk: Low

  * FID #81983 Fedora Linux 16 FEDORA-2011-12399 Update Is Not Installed

    Risk: Low

  * FID #81984 Fedora Linux 14 FEDORA-2011-13235 Update Is Not Installed

    Risk: Low

  * FID #81985 Fedora Linux 15 FEDORA-2011-13230 Update Is Not Installed

    Risk: Low

  * FID #81986 Fedora Linux 16 FEDORA-2011-12905 Update Is Not Installed

    Risk: Low

  * FID #81987 Fedora Linux 16 FEDORA-2011-12336 Update Is Not Installed

    Risk: Low

  * FID #81988 Fedora Linux 16 FEDORA-2011-12457 Update Is Not Installed

    Risk: Low

  * FID #81989 Fedora Linux 15 FEDORA-2011-13809 Update Is Not Installed

    Risk: Low

  * FID #81990 Fedora Linux 14 FEDORA-2011-13467 Update Is Not Installed

    Risk: Low

  * FID #81991 Fedora Linux 15 FEDORA-2011-13465 Update Is Not Installed

    Risk: Low

  * FID #83623 FreeBSD pyblosxom Atom Flavor Multiple XML Injection Vulnerabilities (b07f3254-f83a-11dd-85a4-ea653f0746ab)

    Risk: Low

  * FID #83624 FreeBSD mozilla Multiple Vulnerabilities (1fade8a3-e9e8-11e0-9580-4061862b8c22)

    Risk: Low

  * FID #83625 FreeBSD quagga Multiple Vulnerabilities (ab9be2c8-ef91-11e0-ad5a-00215c6a37bb)

    Risk: Low

  * FID #92802 Mandriva Linux 2011.0 MDVSA-2011-142 Update Is Not Installed

    Risk: Low

  * FID #92803 Mandriva Linux 2010.1, 2011.0 MDVSA-2011-137 Update Is Not Installed

    Risk: Low

  * FID #92806 Mandriva Linux 2009.0 MDVSA-2011-136 Update Is Not Installed

    Risk: Low

  * FID #92807 Mandriva Linux 2009.0, 2010.1 MDVSA-2011-143 Update Is Not Installed

    Risk: Low

  * FID #92808 Mandriva Linux 2011.0 MDVSA-2011-138 Update Is Not Installed

    Risk: Low

  * FID #94822 SuSE SLES 10 SP3 quagga-7767 Update Is Not Installed

    Risk: Low

  * FID #94823 SuSE SLES 10 SP4, SLED 10 SP4 MozillaFirefox-7784 Update Is Not Installed

    Risk: Low

  * FID #94824 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 MozillaFirefox-5224 Update Is Not Installed

    Risk: Low

  * FID #94825 SuSE SLES 10 SP3 MozillaFirefox-7783 Update Is Not Installed

    Risk: Low

  * FID #94826 SuSE SLES 10 SP3 yast2-core-7725 Update Is Not Installed

    Risk: Low

  * FID #94827 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 librsvg-5166 Update Is Not Installed

    Risk: Low

  * FID #12688 HP Client Automation radexecd.exe Remote Code Execution

    Risk: High

  * FID #12700 ACDSee FotoSlate PLP File Processing Buffer Overflow Remote Code Execution

    Risk: High

  * FID #12702 IBM WebSphere MQ Subject DN X.509 Certificate Spoofing

    Risk: High

  * FID #12708 Sunway ForceControl YRWXls.ocx ActiveX Control Buffer Overflow Vulnerability

    Risk: High

  * FID #12709 Sunway ForceControl SCADA SNMP NetDBServer Integer Signedness Buffer Overflow Remote Code Execution

    Risk: High

  * FID #12710 Mozilla Firefox Multiple Vulnerabilities Prior To 7.0

    Risk: High

  * FID #12711 Mozilla Firefox Multiple Vulnerabilities Prior To 3.6.23

    Risk: High

  * FID #12692 WordPress TheCartPress Plugin tcp_class_path Parameter Remote File Include Vulnerability

    Risk: Medium

  * FID #12695 WordPress Mailing List Plugin wpabspath Remote File Include Vulnerability

    Risk: Medium

  * FID #12698 WordPress Adsense Extreme Plugin adsensextreme Remote File Include Vulnerability

    Risk: Medium

  * FID #12699 WordPress Zingiri Web Shop Plugin wpabspath File Inclusion Vulnerabilities

    Risk: Medium

  * FID #12706 Apache Tomcat HTTP DIGEST Authentication Multiple Security Weaknesses

    Risk: Medium

 

改善されたチェック項目:

 

  * FID #2090 (MS03-036) Microsoft Office WordPerfect Converter Buffer Overflow

    Recommendation is updated

  * FID #2122 (MS04-004) Cumulative Patch for Internet Explorer

    Recommendation is updated

  * FID #2189 (MS04-012) Microsoft Windows RPC DCOM Cumulative Update

    Recommendation is updated

  * FID #2268 (MS04-013) Outlook Express IE Key

    Recommendation is updated

  * FID #2272 (MS04-012) Microsoft Windows RPC DCOM REMOTE Cumulative Update

    Recommendation is updated

  * FID #2575 (MS04-025) Microsoft Internet Explorer Multiple Buffer Overruns

    Recommendation is updated

  * FID #2670 (MS04-028) Microsoft Windows Buffer Overrun in JPEG Processing (GDI+)

    Recommendation is updated

  * FID #2671 (MS04-028) Microsoft Office Buffer Overrun in JPEG Processing (GDI+)

    Recommendation is updated

  * FID #2672 (MS04-028) Microsoft Internet Explorer Buffer Overrun in JPEG Processing (GDI+)

    Recommendation is updated

  * FID #2674 (MS04-028) Microsoft Visual Studio.NET Overrun in JPEG Processing (GDI+)

    Recommendation is updated

  * FID #2806 (MS04-038) Microsoft Internet Explorer Cumulative Update

    Recommendation is updated

  * FID #2979 (MS04-040) Microsoft Internet Explorer Cumulative Security Update

    Recommendation is updated

  * FID #3128 (MS05-012) Microsoft Windows OLE Input Validation

    Recommendation is updated

  * FID #3135 (MS05-009) Microsoft Windows Messenger LibPNG Multiple Issues

    Recommendation is updated

  * FID #3136 (MS05-009) Microsoft Windows Media Player 9.0 LibPNG Multiple Issues

    Recommendation is updated

  * FID #3340 (MS05-016) Microsoft Windows Shell Vulnerability

    Recommendation is updated

  * FID #3404 (MS06-003) Microsoft Outlook 2003 TNEF Code Execution

    Recommendation is updated

  * FID #3408 (MS06-003) Microsoft Exchange Server TNEF Code Execution

    Recommendation is updated

  * FID #3442 (MS06-003) Microsoft Outlook XP TNEF Code Execution

    Recommendation is updated

  * FID #3443 (MS06-003) Microsoft Outlook 2000 TNEF Code Execution

    Recommendation is updated

  * FID #4174 (MS06-012) Microsoft Excel 2000 Multiple Vulnerabilities

    Recommendation is updated

  * FID #4176 (MS06-012) Microsoft Excel 2003 Multiple Vulnerabilities

    Recommendation is updated

  * FID #4177 (MS06-012) Microsoft Excel Viewer 2003 Multiple Vulnerabilities

    Recommendation is updated

  * FID #4178 (MS06-012) Microsoft Outlook 2000 Multiple Vulnerabilities

    Recommendation is updated

  * FID #4179 (MS06-012) Microsoft Outlook 2002 Multiple Vulnerabilities

    Recommendation is updated

  * FID #4182 (MS06-012) Microsoft Word 2000 Multiple Vulnerabilities

    Recommendation is updated

  * FID #4183 (MS06-012) Microsoft Word 2002 Multiple Vulnerabilities

    Recommendation is updated

  * FID #4236 (MS02-040) MDAC Unchecked Buffer

    Recommendation is updated

  * FID #4390 (MS06-027) Microsoft Word Code Execution Vulnerability (917336)

    Recommendation is updated

  * FID #4412 (MS06-024) Microsoft Windows Media Player Vulnerability (917734)

    Recommendation is updated

  * FID #4509 (MS06-051) Microsoft Windows Kernel Unhandled Exception Vulnerability (KB917422)

    Recommendation is updated

  * FID #4510 (MS06-051) Microsoft Windows Kernel User Profile Elevation of Privilege Vulnerability (KB917422)

    Recommendation is updated

  * FID #4576 (MS06-060) Microsoft Word Malformed Stack Vulnerability (924554)

    Recommendation is updated

  * FID #4616 (MS06-067) Microsoft DirectAnimation ActiveX Controls Memory Corruption Vulnerability I (922760)

    Recommendation is updated

  * FID #4677 (MS06-065) Microsoft Object Packager Dialogue Spoofing Vulnerability (924496)

    Recommendation is updated

  * FID #4678 (MS06-060) Microsoft Word Vulnerability (924554)

    Recommendation is updated

  * FID #4680 (MS06-060) Microsoft Word Mail Merge Vulnerability (924554)

    Recommendation is updated

  * FID #4696 (MS05-012) Microsoft Windows COM Structured Storage

    Recommendation is updated

    CVE is updated

  * FID #4943 (MS07-016) Microsoft Internet Explorer FTP Server Response Parsing Memory Corruption Vulnerability (928090)

    Recommendation is updated

  * FID #5236 (MS07-035) Microsoft Win32 API Vulnerability (935839)

    Recommendation is updated

  * FID #5531 (MS07-061) Microsoft Windows URI Handling Vulnerability (943460)

    Recommendation is updated

  * FID #32124 Sun Solaris 116669-40 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32126 Sun Solaris 122371-15 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #1992 (MS01-040) Microsoft Windows Invalid RDP Data Memory Leak

    Recommendation is updated

  * FID #2080 (MS03-048) Microsoft Windows Internet Explorer Cumulative Patch

    Recommendation is updated

  * FID #2082 (MS03-050) Microsoft Office Excel Macro Security And Word Buffer Overflow Patch

    Recommendation is updated

  * FID #2095 (MS03-035) Microsoft Word Macro Execution Security Bypass

    Recommendation is updated

  * FID #2350 (MS03-010) Microsoft RPC Endpoint Mapper Denial-of-Service

    Recommendation is updated

  * FID #2980 (MS05-003) Microsoft Windows Index Service Code Execution

    Recommendation is updated

  * FID #4175 (MS06-012) Microsoft Excel 2002 Multiple Vulnerabilities

    Recommendation is updated

  * FID #4511 (MS06-045) Microsoft Windows Explorer Folder GUID Code Execution Vulnerability (KB921398)

    Recommendation is updated

  * FID #4602 (MS06-053) Microsoft Windows Indexing Service Vulnerability (920685)

    Recommendation is updated

  * FID #4663 (MS06-067) Microsoft DirectAnimation ActiveX Controls Memory Corruption Vulnerability II (922760)

    Recommendation is updated

  * FID #4664 (MS06-067) Microsoft HTML Rendering Memory Corruption Vulnerability (922760)

    Recommendation is updated

  * FID #4788 (MS06-072) Microsoft Script Error Handling Memory Corruption Vulnerability (925454)

    Recommendation is updated

  * FID #4789 (MS06-072) Microsoft DHTML Script Function Memory Corruption Vulnerability (925454)

    Recommendation is updated

  * FID #4790 (MS06-072) Microsoft TIF Folder Information Disclosure Vulnerability II (925454)

    Recommendation is updated

  * FID #4791 (MS06-072) Microsoft TIF Folder Information Disclosure Vulnerability I (925454)

    Recommendation is updated

  * FID #4863 (MS07-002) Microsoft Excel Malformed IMDATA Record Vulnerability (927198)

    Recommendation is updated

  * FID #4864 (MS07-002) Microsoft Excel Malformed Record Vulnerability (927198)

    Recommendation is updated

  * FID #4865 (MS07-002) Microsoft Excel Malformed String Vulnerability (927198)

    Recommendation is updated

  * FID #4866 (MS07-002) Microsoft Excel Malformed Column Record Vulnerability (927198)

    Recommendation is updated

  * FID #4867 (MS07-002) Microsoft Excel Malformed Palette Record Vulnerability (927198)

    Recommendation is updated

  * FID #4938 (MS07-012) Microsoft MFC Overrun Vulnerability (924667)

    Recommendation is updated

  * FID #4944 (MS07-016) Microsoft Internet Explorer COM Object Instantiation Memory Corruption Vulnerability I (928090)

    Recommendation is updated

  * FID #4945 (MS07-016) Microsoft Internet Explorer COM Object Instantiation Memory Corruption Vulnerability II (928090)

    Recommendation is updated

  * FID #30073 Sun Solaris 114016-09 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #30827 Sun Solaris 114017-08 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #2187 (MS04-010) MSN Messenger Could Allow Information Disclosure

    Recommendation is updated

  * FID #4180 (MS06-012) Microsoft PowerPoint 2000 Malformed Routing Slip

    Recommendation is updated

  * FID #4181 (MS06-012) Microsoft PowerPoint 2002 Malformed Routing Slip

    Recommendation is updated

  * FID #32652 Sun Solaris 115695-06 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32653 Sun Solaris 115696-06 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32707 Sun Solaris 124628-14 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32709 Sun Solaris 124629-16 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32843 Sun Solaris 146294-03 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32862 Sun Solaris 146295-03 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32871 Sun Solaris 147441-03 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #32872 Sun Solaris 147440-03 Update Is Not Installed

    Name is updated

    Description is updated

    Observation is updated

    Recommendation is updated

    FASLScript is updated

  * FID #83482 FreeBSD chromium Multiple Vulnerabilities (6887828f-0229-11e0-b84d-00262d5ed8ee)

    FASLScript is updated

  * FID #83521 FreeBSD tomcat Cross-site Scripting Vulnerability (553ec4ed-38d6-11e0-94b1-000c29ba66d2)

    FASLScript is updated

  * FID #94818 SuSE SLES 11, 11 SP1, SLED 11, 11 SP1 nss-31211-5138 Update Is Not Installed

    FASLScript is updated

  * FID #4975 Mozilla Network Security Services SSLv2 Client Overflow Vulnerability

    CVE is updated

  * FID #12375 Oracle Java RMI Services Default Configuration Remote Code Execution

    Recommendation is updated

  * FID #12525 FlexNet License Server Manager Remote Code Execution

    Recommendation is updated

  * FID #12527 WordPress Link Library Plugin id Parameter Cross Site Scripting Vulnerability

    Recommendation is updated

  * FID #12545 WordPress WP DS FAQ Plugin id SQL Injection Vulnerability

    Recommendation is updated

  * FID #12577 HP SiteScope Default Credentials Weaknesses

    Recommendation is updated

  * FID #12587 Microsoft Windows Script Host 'wshesn.dll' DLL Loading Arbitrary Code Execution Vulnerability

    Recommendation is updated

  * FID #12641 ScadaTEC ModbusTagServer And ScadaPhone Remote Buffer Overflow

    Recommendation is updated

  * FID #12643 Advantech BroadWin SCADA/HMI WebAccess Client ActiveX Control Remote Code Execution

    Recommendation is updated

  * FID #12644 Google SketchUp .DAE File Memory Corruption Vulnerability

    Recommendation is updated

  * FID #12647 AzeoTech DAQFactory NETB Remote Code Execution

    Recommendation is updated

  * FID #12667 eSignal StyleTemplate Buffer Overflow

    Recommendation is updated

  * FID #12674 Apple QuickTime ActiveX Buffer Overflow Denial of Service

    Recommendation is updated

  * FID #12705 Sterling Trader Integer Overflow Denial Of Service

    Recommendation is updated

  * FID #85166 CentOS 4 CESA-2011-1268 Update Is Not Installed

    FASLScript is updated

  * FID #85168 CentOS 4 CESA-2011-1267 Update Is Not Installed

    FASLScript is updated

  * FID #12356 Sybase Advantage Database Server Memory Corruption Vulnerability

    Recommendation is updated

  * FID #12359 Oracle Java Runtime Environment Insecure File Loading

    Recommendation is updated

  * FID #12411 Novell File Reporter SRS Tag Arbitrary File Deletion Vulnerability

    Recommendation is updated

  * FID #12428 WordPress bSuite Plugin index.php Page Cross Site Scripting Vulnerability

    Recommendation is updated

  * FID #12504 WordPress Register Plus Redux Plugin Multiple Cross Site Scripting Vulnerabilities

    Recommendation is updated

  * FID #12531 Microsoft Internet Explorer 'Iedvtool.dll' Malformed HTML Denial Of Service Vulnerability

    Recommendation is updated

  * FID #12536 WordPress WP e-Commerce Plugin cart_messages[] Cross Site Scripting Vulnerability

    Recommendation is updated

  * FID #12574 WordPress WP CSS Plugin f Local File Inclusion Vulnerability

    Recommendation is updated

  * FID #12608 Microsoft Windows Server 2008 R1 Local Denial Of Service

    Recommendation is updated

  * FID #12635 WordPress Donation Plugin did Parameter SQL Injection Vulnerability

    Recommendation is updated

  * FID #12646 Rockwell Automation RSLogix 5000 Remote Denial of Service

    Recommendation is updated

  * FID #12651 Beckhoff TwinCAT SCADA Remote Denial of Service

    Recommendation is updated

  * FID #12655 Cogent DataHub Multiple Vulnerabilities

    Recommendation is updated

  * FID #12664 Progea Movicon PowerHMI Multiple Vulnerabilities

    Recommendation is updated

  * FID #12669 Carel Industries PlantVisor Enhanced Directory Traversal Vulnerability

    Recommendation is updated

    CVE is updated

  * FID #12697 WordPress AllWebMenus Plugin abspath Remote File Include Vulnerability

    CVE is updated

  * FID #12703 Microsoft Windows wab32res.dll Insecure Library Loading Remote Code Execution

    Recommendation is updated

  * FID #12437 Microsoft Windows CSRSS SrvGetConsoleTitle Type Casting Weakness Information Disclosure

    Recommendation is updated

  * FID #94803 SuSE SLES 11, 11 SP1 cyrus-imapd-5096 Update Is Not Installed

    FASLScript is updated

  * FID #973 TFTP Server Detected

    Recommendation is updated

    CVE is updated

  * FID #1701 Do Not Display Last Username Policy

    Name is updated

  * FID #1702 Shutdown Without Logon Policy

    Name is updated

  * FID #1703 Clear Pagefile On Shutdown Policy

    Name is updated

  * FID #1704 Shutdown On Audit Fail Policy

    Name is updated

  * FID #1708 Microsoft Windows LDAP client signing requirements enumeration

    Name is updated

  * FID #1726 Microsoft Windows Maximum System Password Age Policy Enumeration

    CVE is updated

  * FID #1727 Microsoft Windows Digitally sign secure channel data Policy Enumeration

    Name is updated

  * FID #1728 Microsoft Windows Digitally encrypt secure channel data Policy Enumeration

    Name is updated

  * FID #1729 Microsoft Windows Digitally encrypt or sign secure channel data Policy Enumeration

    Name is updated

  * FID #1730 Microsoft Windows Require Strong Session Key Policy Enumeration

    Name is updated

  * FID #1740 Microsoft Windows Do not allow anonymous enumeration of SAM accounts and shares Policy Enumeration

    Name is updated

  * FID #1743 Microsoft Windows Send unencrypted password to connect to third-party SMB servers Policy Enumeration

    Name is updated

  * FID #1746 Audit The Use Of Backup And Restore Privilege Policy

    Name is updated

  * FID #1756 Require DC authentication To Unlock Workstation Policy

    CVE is updated

  * FID #1765 Microsoft Windows LM Compatibility Level Policy Enumeration

    CVE is updated

  * FID #1790 Microsoft Windows Recovery console automatic admin logon policy

    Name is updated

  * FID #1849 Microsoft Windows Maximum Application Log Size Policy Enumeration

    Name is updated

  * FID #1850 Microsoft Windows Maximum Security Log Size Policy Enumeration

    Name is updated

  * FID #1851 Microsoft Windows Maximum System Log Size Policy Enumeration

    Name is updated

  * FID #2664 Microsoft Windows Policy Security Log Restrict Guest Access

    Name is updated

  * FID #2828 Default Guest Account Has Not Been Renamed

    Name is updated

  * FID #2832 Members Of The Remote Desktop Users Group

    Name is updated

  * FID #2835 Application Log Restrict Guest Access Policy

    Name is updated

  * FID #2874 New User Drive Autorun Policy

    Name is updated

  * FID #2876 Microsoft Windows Computer Browser Spoofing Attack (RefuseReset) Policy

    CVE is updated

  * FID #2877 Microsoft Windows Computer Announcement to Domain Master Browsers (Hidden) Policy

    Name is updated

  * FID #2880 Microsoft Windows Force Logoff Policy

    Name is updated

  * FID #2891 Microsoft Windows Default Owner For Objects Created By Members of Administrators Group Policy

    Name is updated

  * FID #2909 Audit Account Management Policy

    Name is updated

  * FID #2915 User Rights Access Computer From Network Policy

    Name is updated

  * FID #2916 User Rights Act As Part Of The OS Policy

    Name is updated

  * FID #2917 User Rights Allow Logon Through Terminal Services Policy

    Name is updated

  * FID #2918 User Rights Backup Files And Directories Policy

    Name is updated

  * FID #2919 User Rights Bypass Traverse Checking Policy

    Name is updated

  * FID #2920 User Rights Change The System Time Policy

    Name is updated

  * FID #2943 User Rights Create Pagefile Policy

    Name is updated

  * FID #2944 User Rights Create Token Object Policy

    Name is updated

  * FID #2945 User Rights Create Permanent Shared Objects Policy

    Name is updated

  * FID #2946 User Rights Debug Programs Policy

    Name is updated

  * FID #2947 User Rights Deny Network Access Policy

    Name is updated

  * FID #2948 User Rights Force Shutdown From Remote Policy

    Name is updated

  * FID #2949 User Rights Manage Auditing And Security Log Policy

    Name is updated

  * FID #2951 User Rights Increase Scheduling Priority Policy

    Name is updated

  * FID #2952 User Rights Load And Unload Devices Drivers Policy

    Name is updated

  * FID #2953 User Rights Lock Pages In Memory Policy

    Name is updated

  * FID #2957 User Rights Log On Locally Policy

    Name is updated

  * FID #2958 User Rights Generate Security Audits Policy

    Name is updated

  * FID #2959 User Rights Modify Firmware Environment Variables Policy

    Name is updated

  * FID #2960 User Rights Perform Volume Maintenance Tasks Policy

    Name is updated

  * FID #2961 User Rights Profile Single Process Policy

    Name is updated

  * FID #2962 User Rights Profile System Performance Policy

    Name is updated

  * FID #2963 User Rights Remove Computer From Docking Station Policy

    Name is updated

  * FID #2964 User Rights Replace A Process Level Token Policy

    Name is updated

  * FID #2965 User Rights Restore Files And Directories Policy

    Name is updated

  * FID #2966 User Rights Shut Down The System Policy

    Name is updated

  * FID #2967 User Rights Take Ownership Of File Or Other Objects Policy

    Name is updated

  * FID #2969 User Rights Add Workstations To Domain Policy

    Name is updated

  * FID #2970 User Rights Logon As Service Policy

    Name is updated

  * FID #2987 Power Users Group Membership Policy

    Name is updated

  * FID #2992 New User ScreenSaverIsSecure Policy

    Name is updated

  * FID #3213 Hide Share Passwords Policy Determination

    Name is updated

  * FID #3214 File Checker Progress Meter Display Policy

    Name is updated

  * FID #3995 Microsoft Windows Restrict Anonymous Access to Named Pipes and Shares

    Name is updated

  * FID #4002 Microsoft Windows Deny Logon As A Batch Job User Right Policy

    Name is updated

  * FID #4003 Microsoft Windows Enable Computer And User Accounts To Be Trusted For Delegation User Right Policy

    Name is updated

  * FID #4007 Microsoft Windows Adjust Memory Quotas For A Process User Right Policy

    Name is updated

  * FID #4017 Microsoft Windows Remote Desktop Users Group Member

    Name is updated

  * FID #4029 Default TsInternetUser Account Has Not Been Renamed

    Name is updated

  * FID #4030 Default SUPPORT_388945a0 Account Has Been Renamed Or Removed

    Name is updated

  * FID #4916 Microsoft Windows Legal Notice Policy II

    CVE is updated

  * FID #5245 Microsoft Windows Administrator account status Policy Enumeration

    Name is updated

  * FID #5246 Microsoft Windows Shares that can be accessed anonymously Policy Enumeration

    Name is updated

  * FID #5250 Microsoft Windows ICMP Redirects Policy

    Name is updated

  * FID #5256 Microsoft Windows Screen Saver Grace Peroid Policy

    Name is updated

 

削除されたチェック項目:

 

  * FID #31480 Sun Solaris 121321-03 Update Is Not Installed

  * FID #31504 Sun Solaris 121322-03 Update Is Not Installed

  * FID #32794 Sun Solaris 146859-01 Update Is Not Installed

 

-------------------------------------------------------

2) アプライアンス OSパッチアップデート

-------------------------------------------------------

 期間: 2011/10/03 ~ 2011/10/11 (日本時間)

 

今回のアップデートはございません。

 

-------------------------------------------------------

3) McAfee Vulnerability Manager Software v6.8のサポート終了について

-------------------------------------------------------

McAfee Vulnerability Manager Softwareにつきまして、以下のバージョンの

サポート終了を予定しておりますのでご案内いたします。

 

McAfee Vulnerability Manager Software v6.8

サポート終了日:2012年6月30日

 

■備考

・現在の最新バージョンは、McAfee Vulnerability Manager Software v7.0です。

・本バージョンへの移行などに関しましては、弊社サポート窓口までお問い合わせください。

・ソフトウェアンおよびドキュメントは下記ダウンロードページよりご入手いただけます。

 http://www.mcafee.com/japan/licensed2/

 

-------------------------------------------------------

4) サポートコミュニティサイトでのテクニカルドキュメント公開

-------------------------------------------------------

サポートコミュニティサイト「Japan Corporate Support」にVulnerability Manager

に関する下記のテクニカルドキュメントを公開いたしましたので、是非ご覧ください。

 

i) Vulnerability Manager v6.8(MVM3100)評価ガイド

     MVM3100をはじめて利用される方向けの簡易評価ガイドです。

 

ii) VulnerabilityManager(MVM3100)評価機初期化マニュアル

     MVM3100を初期化する際のマニュアルです。

 

■備考

・評価機のご利用につきましては弊社営業までお問合わせください。

・ダウンロード方法

 サポート・コミュニティ・サイト https://community.mcafee.com/community/japan

 にて、「ドキュメント」タブ をクリック、「カテゴリーとタグによる絞り込み」を

 クリックし「Vulnerability Manager」をクリックしてください。

 画面下部に上記2ドキュメントが表示されます。

 

-------------------------------------------------------

5) 企業向けサポートコミュニティサイトの開設および Twitter サービスの開始について

-------------------------------------------------------

○ お知らせ

 

企業向けサポートコミュニティサイト「Japan Corporate Support」を開設いたしました。

また、「企業向けお客様サポート公式 Twitter」を開設し、サポート情報のリアルタイム

配信を開始しました。

 

マカフィー、ユーザー参加型の企業向け製品コミュニティサイトをオープン

~サポート部門が主体となり企業セキュリティに関するディスカッションの場を提供~

(4月18日発プレスリリース)

http://www.mcafee.com/japan/about/prelease/pr_11a.asp?pr=11/04/18-1

 

● 開始日

 

2011/04/18 (月) 9:00

 

○ 備考

 

- 企業向けサポートコミュニティサイト「Japan Corporate Support」

   https://community.mcafee.com/community/japan

   サポート通信や FAQ 掲載情報、製品及びパッチのリリース情報やドキュメントが掲載

   されます。また、製品に関する技術的な情報に関して、コミュニティご登録者が参加

   可能なフリーディスカッションのスペースがございます。

 

- 企業向けお客様サポート公式 Twitter

   http://twitter.com/McAfee_BTS_JP

   Twitter サービスを利用し、サポート通信や FAQ 掲載情報、製品及びパッチのリリー

   ス情報がリアルタイムで配信されます。

 

  コミュニティサイトの登録方法、 Twitter のフォロー方法などの詳細につきましては、

  以下のページをご覧ください。

  http://www.mcafee.com/Japan/support/japancorporate.asp

 

-------------------------------------------------------

6) 「サポート通信」配信について

-------------------------------------------------------

 

新規契約をしたお客様には、4種類のサポート通信を配信いたします。

各種サポート通信が不要な方は、各サポート通信の文末に記載されているURLにアクセスして、

解除手続きを行っていただきます。

 

障害などでサポート窓口にお問い合わせいただいた新規のご担当者様には、

今までどおり、「サポート通信 - 登録のご案内」メールを1回のみ配信いたします。

http://www.mcafee.com/japan/support/customer_support/techsupport_regform.asp

 

---------------------------------------------------------

※ マカフィーからのサービス

---------------------------------------------------------

● マカフィーモバイルサービス

  携帯電話を利用して、緊急ウイルス情報をリアルタイムに確認し、

  ウイルス被害を抑制できます。

   ⇔ http://www.mcafee.com/japan/support/mobileservice.asp

 

○ サポートQ&A

- 製品の評価、導入、トラブル、障害の発生時に参考となる解決策や

   回避策のFAQをご確認頂けます。 是非お役立て下さい。

   ⇔ http://www.mcafee.com/japan/pqa/pqa.asp

- 1週間のあいだに更新(あるいは新掲載)されたQ&Aはこちら

   ⇔ http://www.mcafee.com/japan/pqa/pqa_newqa.asp

 

● 企業向けサポートコミュニティサイト「Japan Corporate Support」

   https://community.mcafee.com/community/japan

   サポート通信や FAQ 掲載情報、製品及びパッチのリリース情報やドキュメントが掲載

   されます。また、製品に関する技術的な情報に関して、コミュニティご登録者が

   参加可能なフリーディスカッションのスペースがございます。

 

○ 企業向けお客様サポート公式 Twitter

   http://twitter.com/McAfee_BTS_JP

   Twitter サービスを利用し、サポート通信や FAQ 掲載情報、製品及びパッチのリリース

   情報がリアルタイムで配信されます。

 

● マカフィーサポート通信について

- 配信停止

  「マカフィー サポート通信 - リスク管理ソリューション 」の配信停止をご希望される方は、

  以下のページより手続きをお願い致します。

 https://md.pbz.jp/s/r-ctrl.php?act=PCDelAuth&funcinfo_allreset=1&uid=mcafee&mid= foundstone_supp

- 各種法人ユーザ登録情報の変更はこちら

   ⇔ http://www.mcafee.com/japan/support/customer_support/tourokuhenkou.asp

 

●===McAfee=============================================○

発信元:

マカフィー株式会社

テクニカルサポートセンター インフォメーション係

http://www.mcafee.com/japan/support/customer_support/

(c) 2011 McAfee, Inc. All Rights Reserved.

お客様は,マカフィー株式会社の事前の書面による承諾を得ることなく、

掲載内容の無断転載を禁じます。

○=============================================McAfee===●