Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Integrity Clientless Security (ICS) Update 3.7.71.0

Subscribe

Check Point Reference: CPAI-2006-049
Date Published:
Severity:
Last Updated:
Source: SmartDefense Research Center
Protection Provided by: Connectra
  • NGX R61
  • NGX
  • 2.0
Who is Vulnerable?
Microsoft Windows clients
Vulnerability Description
Check Point Integrity ™ Clientless Security (ICS) for Connectra prevents users with potentially harmful software from accessing your network and requires that they conform to the organization’s antivirus and firewall policies. For more information, please refer to Connectra documentation and to ICS administration Guide. 

69 new malware signatures were added to ICS version 3.7.71.0. For a full list of the added malware, refer to the Details tab.
Vulnerability Details

The following malware have been added:

     Win32.Trojan.Downloader.Small.cah
     Win32.Backdoor.Aimbot.af
     Win32.AdWare.ToolBar.MyWebSearch.o
     Win32.Trojan.Downloader.Small.aou
     Win32.Nuker.Panther
     Win32.Napalm.a
     Win32.DownLoader.970
     Win32.Backdoor.Rbot.zk
     Win32.Backdoor.Rbot.aqg
     Win32.Trojan.Clicker.Small.jf
     Win32.Trojan.Keylogger.AC
     Win32.Trojan.Downloader.VB.tw
     Win32.AdWare.SurfSide.c
     Win32.DownLoader.214
     Win32.Backdoor.SdBot.akt
     Win32.Backdoor.Rbot.akv
     Win32.BackDoor.Generic.977
     Win32.AdClicker.DO
     Win32.Trojan.DownLoader.5740
     Win32.DoS.ICMP.Nemesy
     Win32.MediaTicket
     Win32.Trojan.Click.937
     Win32.Adware.NCase
     Win32.NTDLL
     Win32.Backdoor.Wisdoor.bf
     Win32.Backdoor.SdBot.aho
     Win32.MulDrop.857
     Win32.AdWare.WinAD.bv
     Win32.Trojan.Qhost.df
     Win32.AdWare.BetterInternet.af
     Win32.Email.Worm.Bagle.fn
     Win32.TrojanDownloader.Dluca.p
     Win32.Trojan.Downloader.Agent.yd
     Win32.Peflog.147
     Win32.Trojan.Clicker.VB.ju
     Win32.Trojan.Small.ev
     Win32.Backdoor.Rbot.aqo
     Win32.Backdoor.Rbot.amu
     Win32.BackDoor.CSJ
     Win32.Email.Worm.Bagle.ex
     Win32.Trojan.Rbot
     Win32.Generic AdClicker
     Win32.Backdoor.SdBot.afo
     Win32.WinDir32.a
     Win32.Adware.ClearSearch
     Win32.Backdoor.Rbot.aas
     Win32.Trojan.Spy.Small.dg
     Win32.Trojan.Dropper.Agent.ada
     RegistryFreeze
     Win32.W32Bagle
     Win32.Bobax.Worm.m
     Win32.Trojan.Clicker.Bomka.d
     Win32.Gator
     Win32.Adware.OrbitView
     Win32.Apropo.h
     Win32.Trojan.Downloader.Small.awa
     Win32.Spam.DComServ
     Win32.Backdoor.Rbot.aag
     Win32.AdWare.CommAd.a
     Win32.Trojan.PWS.GoldSpy
     Win32.SpamTool.Mailbot.aj - service
     Win32.Trojan.Downloader.IstBar.mx
     Win32.Trojan.Downloader.Harnig.ax
     Bambo.BH.trojan
     Win32.Trojan.Downloader.Bagle.f
     Win32.Adware.Idesk
     Win32.Trojan.Clicker.Delf.dp
     Win32.Click.954
     Win32.Trojan.Downloader.Delf.ahn  

Protection Overview
The Update adds 69 new malware signatures, detecting threats posed by malware types such as worms, Trojan horses, hacker's tools, key loggers, browser plug-ins, Adwares, third party cookies, and so forth.

To configure the defense, select your product from the list below and follow the related protection steps.

Additional Information
Zone Labs Spyware Information Center

Connectra NGX R61

How Can I Protect My Network?

Update version for Connectra NGX R61:  692060427

Users of Connectra NGX R61 should update their Integrity Clientless Security (ICS) component:

1. On the navigation tree, click Security > SmartDefense Updates.



2. In the Download updated content pane, enter your credentials and check Update Integrity Clientless Security and Integrity Secure Workspace.
3. Click Download Updates.
4. Install security policy.

How Do I Know if My Network is Under Attack?
Users Of Connectra NGX R61 who have updated their Connectra machines will identify logs such as the following (example only, malware name varies by malware detected):

Malware type: 3rd party cookie
Malware name: Win32.Trojan.LipGame.c

Connectra NGX

How Can I Protect My Network?
Users of Connectra NGX can update their Integrity Clientless Security (ICS) component.

Update version for Connectra NGX:  691060427

For instructions on how to update your SmartDefense Service including your Integrity Clientless Security component, please refer to CPSA-2005-11.

How Do I Know if My Network is Under Attack?
Users Of Connectra NGX/2.0 who have updated their Connectra machines will identify logs such as the following (example only, malware name varies by malware detected):

Malware type: 3rd party cookie
Malware name: Win32.MediaTicket

Connectra 2.0

How Can I Protect My Network?
Users of Connectra 2.0 can update their Integrity Clientless Security (ICS) component.

Update version for Connectra 2.0: 690060427

For instructions on how to update your SmartDefense Service including your Integrity Clientless Security component, please refer to CPSA-2005-11.

How Do I Know if My Network is Under Attack?
Users Of Connectra 2.0 who have updated their Connectra machines will identify logs such as the following (example only, malware name varies by malware detected):

Malware type: 3rd party cookie
Malware name:  Win32.MediaTicket