Integrity Clientless Security (ICS) version 3.7.46.0

Attack ID:	CPAI-2005-153

Publish Date:

Category:	Endpoint Security

Vulnerable Systems:	Microsoft Windows clients

Source:	SmartDefense Research Center

Description:	Check Point Integrity ™ Clientless Security (ICS) for Connectra prevents users with potentially harmful software from accessing your network and requires that they conform to the organizations antivirus and firewall policies. For more information, please refer to Connectra documentation and to ICS administration Guide.

Severity:

Details:	Several malware signatures were added to build 3.7.46.0: Win32.Haxdoor Win32.Bagle.pbc PSW.Legendmir Win32.Lemir.BT PTech Haxdoor.q Win32.Trojan.VB Win32.Startpage.QL Zango Grab & Burn Win32.PacerD Inet20063 Group Spytector 1.2.8 WinFixer2005 Win32.Betalire.H Win32.SilentCaller Win32.Bancos.AFL BlackHole.K

Attack Detection:	Users Of Connectra NGX and Connectra 2.0 who have updated their Connectra machines will identify logs such as the following (example only, malware name varies by malware detected): Malware type: 3rd party cookie Malware name: Haxdoor.q

Solution:	Users of Connectra NGX and Connectra 2.0 can update their Integrity Clientless Security (ICS) component. This Update refers to the following versions: Connectra 2.0 - version 690051130 Connectra NGX - version 691051130 For instructions on how to update your SmartDefense Service including your Integrity Clientless Security component, please refer to CPSA-2005-11.

Industry Reference:

Additional Information:	Zone Labs Spyware Information Center