Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Integrity Clientless Security (ICS) Update 3.7.88.0

Subscribe

Check Point Reference: CPAI-2006-067
Date Published:
Severity:
Last Updated:
Source: SmartDefense Research Center
Protection Provided by: Connectra
  • NGX R61
  • NGX
  • 2.0
Who is Vulnerable?
Microsoft Windows clients
Vulnerability Description

Check Point Integrity ™ Clientless Security (ICS) for Connectra prevents users with potentially harmful software from accessing your network and requires that they conform to the organization’s antivirus and firewall policies. For more information, please refer to Connectra documentation and to ICS administration Guide. 

90 new malware signatures were added to ICS version 3.7.88.0. For a full list of the added malware, refer to the Details tab.

Vulnerability Details
 Update 3.7.88.0 includes signatures of 90 malware: 
     IamBigBrother
     Win32.AdWare.AdBlaster.b
     Win32.AdWare.BargainBuddy.q
     Win32.AdWare.Craagle.19
     Win32.AdWare.EZula.bx
     Win32.AdWare.HotSearchBar.g
     Win32.AdWare.OnWebMedia.b
     Win32.AdWare.ToolBar.Hotbar.p
     Win32.Adware.Mirar
     Win32.Adware.NewDotNet
     Win32.Application.Adware.ErrorSafe
     Win32.BackDoor.IRC.based
     Win32.BackDoor.Noer
     Win32.Backdoor.Agobot.kh
     Win32.Backdoor.Agobot.tv
     Win32.Backdoor.Aimbot.bo
     Win32.Backdoor.Assasin.11
     Win32.Backdoor.Beastdoor.206.a
     Win32.Backdoor.Codbot.aj
     Win32.Backdoor.Codbot.s
     Win32.Backdoor.Codbot.x
     Win32.Backdoor.Gobot.r
     Win32.Backdoor.IRCBot.bv
     Win32.Backdoor.Iroffer.1219
     Win32.Backdoor.Iroffer.13b8
     Win32.Backdoor.Nucleroot.c
     Win32.Backdoor.Optix.f
     Win32.Backdoor.Prorat.ae
     Win32.Backdoor.Prorat.s
     Win32.Backdoor.RA.based.ao
     Win32.Backdoor.Rbot.acx
     Win32.Backdoor.Rbot.afc
     Win32.Backdoor.Rbot.nt
     Win32.Backdoor.Rbot.rq
     Win32.Backdoor.Rbot.xe
     Win32.Backdoor.SdBot.afx
     Win32.Backdoor.SdBot.nv
     Win32.Backdoor.SdBot.xm
     Win32.Backdoor.Small.fb
     Win32.Backdoor.VB.agz
     Win32.BlazeFind
     Win32.Charger
     Win32.Dialer.PluginAccess.1
     Win32.EliteMediaGroup
     Win32.Email.Worm.Banwarum.b
     Win32.Email.Worm.LovGate.f
     Win32.Email.Worm.LovGate.w
     Win32.MalwareWipe
     Win32.Net.Worm.Bobic.am
     Win32.Net.Worm.Mytob.v
     Win32.ProcessKill
     Win32.RiskWare.Monitor.Perflogger.f
     Win32.Servu.25
     Win32.SpamTool.WbFind.a
     Win32.SurfAcc
     Win32.Surfside
     Win32.Trojan.Aphex.71
     Win32.Trojan.Avkillah.10
     Win32.Trojan.Clicker.Autoup.a
     Win32.Trojan.Clicker.VB.ly
     Win32.Trojan.Dialer.hh
     Win32.Trojan.DownLoader.10159
     Win32.Trojan.DownLoader.6298
     Win32.Trojan.Downloader.Delf.ang
     Win32.Trojan.Downloader.Delf.es
     Win32.Trojan.Downloader.Dyfuca.bt
     Win32.Trojan.Downloader.Dyfuca.cn
     Win32.Trojan.Downloader.Dyfuca.j
     Win32.Trojan.Downloader.Dyfuca.v
     Win32.Trojan.Downloader.Mediket.cd
     Win32.Trojan.Downloader.Murlo.dd
     Win32.Trojan.Downloader.PurityScan.ax
     Win32.Trojan.Downloader.PurityScan.w
     Win32.Trojan.Downloader.Small.csn
     Win32.Trojan.Downloader.Tiny.cp
     Win32.Trojan.Downloader.VB.me
     Win32.Trojan.Dropper.Small.aoh
     Win32.Trojan.KillAV.gf
     Win32.Trojan.PSW.Sinowal.q
     Win32.Trojan.PSW.Sinowal.v
     Win32.Trojan.Pakes
     Win32.Trojan.Proxy.Agent.hs
     Win32.Trojan.Proxy.Ranky.bc
     Win32.Trojan.Proxy.Xorpix.v
     Win32.Trojan.ShowWebPage.e
     Win32.Trojan.Spy.AdvancedKeyLogger.c
     Win32.Trojan.Spy.Delf.v
     Win32.Trojan.Spy.Dgs.b
     Win32.Trojan.Spy.PCspy.c
     Win32.dginan

Protection Overview

The Update adds 90 new malware signatures, detecting threats posed by malware types such as worms, Trojan horses, hacker's tools, key loggers, browser plug-ins, Adwares, third party cookies, and so forth.
 

To configure the defense, select your product from the list below and follow the related protection steps.

Connectra NGX R61

How Can I Protect My Network?
Update version for Connectra NGX R61: 692060619

To update your Integrity Clientless Security (ICS) component:

1. On the navigation tree, click Security > SmartDefense Updates.
2. In the Download updated content pane, enter your credentials and check Update Integrity Clientless Security and Integrity Secure Workspace.
3. Click Download Updates.
4. Install security policy.

How Do I Know if My Network is Under Attack?
Users Of Connectra NGX R61 who have updated their Connectra machines will identify logs such as the following (example only, malware name varies by malware detected):

Malware type: 3rd party cookie
Malware name: Win32.Trojan.Aphex.71

Connectra NGX

How Can I Protect My Network?
Users of Connectra NGX can update their Integrity Clientless Security (ICS) component.

Update version for Connectra NGX: 691060619

For instructions on how to update your SmartDefense Service including your Integrity Clientless Security component, please refer to CPSA-2005-11.

How Do I Know if My Network is Under Attack?
Users Of Connectra NGX who have updated their Connectra machines will identify logs such as the following (example only, malware name varies by malware detected):

Malware type: 3rd party cookie
Malware name: Win32.Trojan.Aphex.71

Connectra 2.0

How Can I Protect My Network?
Users of Connectra 2.0 can update their Integrity Clientless Security (ICS) component.

Update version for Connectra 2.0: 690060619

For instructions on how to update your SmartDefense Service including your Integrity Clientless Security component, please refer to CPSA-2005-11.

How Do I Know if My Network is Under Attack?
Users Of Connectra 2.0 who have updated their Connectra machines will identify logs such as the following (example only, malware name varies by malware detected):

Malware type: 3rd party cookie
Malware name: Win32.Trojan.Aphex.71