Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Integrity Clientless Security (ICS) Update 3.7.260.0

Subscribe

Check Point Reference: CPAI-2009-070
Date Published:
Preemptive Since:
Severity:
Source: SmartDefense Research Center
Protection Provided by: Connectra
  • NGX R62
  • NGX R61
  • NGX
Who is Vulnerable?
Microsoft Windows clients
Vulnerability Description
Check Point Integrity ™ Clientless Security (ICS) protects your Web site by detecting and disabling spyware processes and allowing you to enforce security policies before a user logs onto your network. Using ICS you can prevent users with potentially harmful software from accessing your Web site, and also require that they conform to your antivirus and critical patch policies.

Integrity Clientless Security requires no pre-installed software on endpoint computers, except a supported browser. The scan is performed by an ActiveX component deployed from your Web server to each endpoint computer that requests access. 

176 new malware signatures were added to ICS version 3.7.260.0. For a full list of the added malware, refer to the Details tab.
Vulnerability Details
ICS Update 3.7.260.0 includes 176 new malware patterns:

 Win32.Atom boob
 Win32.Axis anti
 Win32.Backdoor.Generic.165164
 Win32.Backdoor.Generic.165419
 Win32.barb sixth
 Win32.bows meet
 Win32.BScope.Trojan.PSW.Gomex.8
 Win32.Cool Info
 Win32.DEAD SOFTWARE
 Win32.does active
 Win32.Downloader.Agent.aenj
 Win32.Downloader.Agent.bjea.2
 Win32.Downloader.Banker.Banker.aenl
 Win32.Four poll
 Win32.global bolt
 Win32.LOCKS THIS
 Win32.Meal Dead
 Win32.ONCE WAY
 Win32.Pile delete
 Win32.Ping Bird
 Win32.plan four
 Win32.plus send
 Win32.POP SHOW
 Win32.Proc Store
 Win32.Rootkit.15038
 Win32.STORE BIND
 Win32.test sign
 Win32.Trojan.Agent.11776.37
 Win32.Trojan.Agent.977
 Win32.Trojan.Banker.Banker.aakw
 Win32.Trojan.Cinmus.K.382
 Win32.Trojan.Downloader.Delf.hns
 Win32.Trojan.Dropper.Agent.UKT
 Win32.Trojan.Dropper.Onlinegames.DS
 Win32.Trojan.DropperUecri
 Win32.Trojan.Generic.1459852
 Win32.Trojan.Generic.1460049
 Win32.Trojan.Generic.1460301
 Win32.Trojan.Generic.1460365
 Win32.Trojan.Generic.1460667
 Win32.Trojan.Generic.1460677
 Win32.Trojan.Generic.1460687
 Win32.Trojan.Generic.1460688
 Win32.Trojan.Generic.1460689
 Win32.Trojan.Generic.1460723
 Win32.Trojan.Generic.1460952
 Win32.Trojan.Generic.1461320
 Win32.Trojan.Generic.1463605
 Win32.Trojan.Generic.1472521
 Win32.Trojan.Generic.1472526
 Win32.Trojan.Generic.1472534
 Win32.Trojan.Generic.1481884
 Win32.Trojan.Generic.1481886
 Win32.Trojan.Generic.1535805
 Win32.Trojan.Generic.1536631
 Win32.Trojan.Generic.1537418
 Win32.Trojan.Generic.1537777
 Win32.Trojan.Generic.1537779
 Win32.Trojan.Generic.1537789
 Win32.Trojan.Generic.1537790
 Win32.Trojan.Generic.1537797
 Win32.Trojan.Generic.1538031
 Win32.Trojan.Generic.1538575
 Win32.Trojan.Generic.1538576
 Win32.Trojan.Generic.1538675
 Win32.Trojan.Generic.1538676
 Win32.Trojan.Generic.1538677
 Win32.Trojan.Generic.1538716
 Win32.Trojan.Generic.1538719
 Win32.Trojan.Generic.1538721
 Win32.Trojan.Generic.1538722
 Win32.Trojan.Generic.1538755
 Win32.Trojan.Generic.1538757
 Win32.Trojan.Generic.1538760
 Win32.Trojan.Generic.1538761
 Win32.Trojan.Generic.1538762
 Win32.Trojan.Generic.1538784
 Win32.Trojan.Generic.1538785
 Win32.Trojan.Generic.1538834
 Win32.Trojan.Generic.1538862
 Win32.Trojan.Generic.1538866
 Win32.Trojan.Generic.1538890
 Win32.Trojan.Generic.1538891
 Win32.Trojan.Generic.1538892
 Win32.Trojan.Generic.1538893
 Win32.Trojan.Generic.1538894
 Win32.Trojan.Generic.1538895
 Win32.Trojan.Generic.1538937
 Win32.Trojan.Generic.1538940
 Win32.Trojan.Generic.1539032
 Win32.Trojan.Generic.1539723
 Win32.Trojan.Generic.1540160
 Win32.Trojan.Generic.1540205
 Win32.Trojan.Generic.1540547
 Win32.Trojan.Generic.1540664
 Win32.Trojan.Generic.1540951
 Win32.Trojan.Generic.1541262
 Win32.Trojan.Generic.1541263
 Win32.Trojan.Generic.1541264
 Win32.Trojan.Generic.1541304
 Win32.Trojan.Generic.1541305
 Win32.Trojan.Generic.1541308
 Win32.Trojan.Generic.1541338
 Win32.Trojan.Generic.1541339
 Win32.Trojan.Generic.1541340
 Win32.Trojan.Generic.1541343
 Win32.Trojan.Generic.1541345
 Win32.Trojan.Generic.1541468
 Win32.Trojan.Generic.1541482
 Win32.Trojan.Generic.1541483
 Win32.Trojan.Generic.1541484
 Win32.Trojan.Generic.1541777
 Win32.Trojan.Generic.1541791
 Win32.Trojan.Generic.1542282
 Win32.Trojan.Generic.1542289
 Win32.Trojan.Generic.1542558
 Win32.Trojan.Generic.1542559
 Win32.Trojan.Generic.1542567
 Win32.Trojan.Generic.1542659
 Win32.Trojan.Generic.1542867
 Win32.Trojan.Generic.1542874
 Win32.Trojan.Generic.1543356
 Win32.Trojan.Generic.1543795
 Win32.Trojan.Generic.1543944
 Win32.Trojan.Generic.1543973
 Win32.Trojan.Heur.0116E9FCAC
 Win32.Trojan.Heur.1024DBC8C8
 Win32.Trojan.Heur.50C13E2B2B
 Win32.Trojan.Heur.5142BDA898
 Win32.Trojan.Heur.6054ABBFBF
 Win32.Trojan.Heur.GM.1404050000
 Win32.Trojan.Packed.60232
 Win32.Trojan.Packed.60263
 Win32.Trojan.Packed.60335
 Win32.Trojan.Packed.60336
 Win32.Trojan.Packed.60338
 Win32.Trojan.Packed.60510
 Win32.Trojan.Packed.60553
 Win32.Trojan.Packed.60566
 Win32.Trojan.Packed.60567
 Win32.Trojan.Packed.61109
 Win32.Trojan.Packed.61330
 Win32.Trojan.Packed.61363
 Win32.Trojan.Packed.61364
 Win32.Trojan.Packed.61365
 Win32.Trojan.Packed.61368
 Win32.Trojan.Packed.61602
 Win32.Trojan.Packed.62069
 Win32.Trojan.Packed.62371
 Win32.Trojan.Packed.63422
 Win32.Trojan.PCK.Katusha.A.58
 Win32.Trojan.PCK.Krap.B.381
 Win32.Trojan.PCK.Krap.G.145
 Win32.Trojan.PCK.Tdss.F.301
 Win32.Trojan.PCK.Tdss.F.302
 Win32.Trojan.PCK.Tdss.F.303
 Win32.Trojan.PCK.Tdss.F.304
 Win32.Trojan.PCK.Tdss.F.305
 Win32.Trojan.PCK.Tdss.F.317
 Win32.Trojan.PCK.Tdss.F.436
 Win32.Trojan.PCK.Tdss.F.437
 Win32.Trojan.PCK.Tdss.F.442
 Win32.Trojan.PSW.49152.42
 Win32.Trojan.PSW.53248.84
 Win32.Trojan.PSW.57344.28
 Win32.Trojan.PSW.Agent.mgp
 Win32.Trojan.PSW.OnlineGames.usfm
 Win32.Trojan.PSW.QQPass.NFU
 Win32.Trojan.Spy.Agent.aaip
 Win32.Trojan.Spy.ZBot.nto
 Win32.Trojan.Spy.Zeus.I
 Win32.Trust Jump
 Win32.Two Soap
 Win32.Wait hole
 Win32.WIN REF
 Win32.Worm.Small.AK

Protection Overview
The Update adds 176 new malware signatures, detecting threats posed by malware types such as worms, Trojan horses, hacker's tools, key loggers, browser plug-ins, Adwares, third party cookies, and so forth.

To configure the defense, select your product from the list below and follow the related protection steps.

Additional Information
Zone Labs Spyware Information Center

Connectra NGX R62

How Can I Protect My Network?
Update version for Connectra NGX R62: 692090421

To update your Integrity Clientless Security (ICS) component:

1. On the navigation tree, click Security > SmartDefense Updates.
2. In the Download updated content pane, enter your credentials and check Update Integrity Clientless Security.
3. Click Download Updates.
4. Install security policy. 

How Do I Know if My Network is Under Attack?
Users Of Connectra NGX R62 who have updated their machines will identify logs such as the following (example only, malware name varies by malware detected):

Malware Type: 3rd party cookie
Malware Name: Win32.Trojan.Spy.ZBot.nto

Connectra NGX R61

How Can I Protect My Network?
Update version for Connectra NGX R61: 692090421

To update your Integrity Clientless Security (ICS) component:

1. On the navigation tree, click Security > SmartDefense Updates.
2. In the Download updated content pane, enter your credentials and check Update Integrity Clientless Security and Integrity Secure Workspace.
3. Click Download Updates.
4. Install security policy. 

How Do I Know if My Network is Under Attack?
Users Of Connectra NGX R61 who have updated their machines will identify logs such as the following (example only, malware name varies by malware detected):

Malware Type: 3rd party cookie
Malware Name: Win32.Trojan.Spy.ZBot.nto

Connectra NGX R60

How Can I Protect My Network?
Update version for Connectra NGX: 691090421

For instructions on how to update your SmartDefense Service including your Integrity Clientless Security component, please refer to CPSA-2005-11

How Do I Know if My Network is Under Attack?
Users Of Connectra NGX who have updated their Connectra machines will identify logs such as the following (example only, malware name varies by malware detected):

Malware Type: 3rd party cookie
Malware Name: Win32.Trojan.Spy.ZBot.nto