1. /
  2. Security Response/
  3. Security Updates Detail

Symantec Enterprise Security Manager - Symantec™ Enterprise Security Manager Patches module

January 11, 2013

Description

The Patches module checks for the presence of the operating system and application patches that strengthen system security. The Patch information is stored in Patch templates.

Symantec updates the Patch templates with the Symantec ESM policy installer. This ensures that the updated Patch templates for the supported operating systems and applications are available for the policies that are delivered with the Security Update releases. Installing this update adds or updates the Patches policy and the associated template files on the Symantec ESM manager.

This rapid response patch update for Symantec Enterprise Security Manager reports the operating systems and application patches for Windows and UNIX.

 

There are a total of 779 new patch signatures and 264 updated patch signatures in 20 templates.

 

The new templates are as follows:

 

      • Patch.pwv (Microsoft Windows Vista - 6 new, 1 updated)
      • Patch.pxw (Microsoft Windows Vista for x64-based Systems - 6 new, 1 updated)
      • oel-patch.plx (Oracle Enterprise Linux - 68 new)
      • patch.p28i (Microsoft Windows 2008 R2 for 64-Bit Itanium-based Systems - 14 new)
      • patch.p2s8 (Microsoft Windows 2008 R2 for x64-based Systems - 23 new)
      • patch.p3i (Microsoft Windows Server 2003 for 64-Bit Itanium-based Systems - 3 new)
      • patch.p64 (Microsoft Windows Server 2003 for x64-based Systems - 4 new)
      • patch.p6s (Microsoft Windows Server 2003 - 3 new)
      • patch.p8i (Microsoft Windows 2008 for 64-Bit Itanium-based Systems - 6 new)
      • patch.p8s (Microsoft Windows 2008 - 8 new)
      • patch.pai (IBM AIX - 4 new)
      • patch.ph1 (HP-UX 11.23 - 11.31 PA-RISC - 11 new)
      • patch.ph2 (HP-UX 11.23 - 11.31 for Itanium-based systems - 14 new)
      • patch.plx (RedHat Enterprise Linux - 181 new)
      • patch.ps6 (Sun Solaris 2.6+ - 6 new)
      • patch.ps8 (Microsoft Windows 2008 for x64-based Systems - 10 new)
      • patch.psl (SUSE Linux - 381 new, 260 updated)
      • patch.pw7 (Microsoft Windows 7 - 13 new, 1 updated)
      • patch.pwx (Microsoft Windows XP Professional - 3 new)
      • patch.px7 (Microsoft Windows 7 for x64-based Systems - 15 new, 1 updated)

 

This rapid response policy includes updates to the Patches module templates that detect new vendor-released patches on the following operating systems:

      • Windows Vista Enterprise 32-bit
      • Windows Vista Enterprise 64-bit (x64)
      • Windows Server 2003 and 2008 64-bit (x64)
      • Windows Server 2003 and 2008
      • Windows Server 2003 and 2008 (Itanium)
      • Windows XP Professional
      • Windows 7 on x86 and Opteron
      • Windows 2008 R2 on Itanium, Opteron, and Xeon
      • AIX
      • AIX VIO Server
      • Solaris
      • Red Hat Enterprise Linux
      • Oracle Enterprise Linux
      • SUSE Linux Enterprise Server 9, 10 and 11

 

See the Symantec Enterprise Security Manager Data Sheet link:

http://eval.veritas.com/mktginfo/enterprise/fact_sheets/ent-factsheet_enterprise_security_manager_6.5_06-2005.en-us.pdf] for specific version information.

This policy is designed for Symantec ESM agents running SU 24 (and later) versions of the Patch module. 

 

ESM 6.5 or later users: To automatically install, use the link below or use LiveUpdate.

 

Download Patch Policy for Manager <BestPractice_OS_Patch_Updates.exe>

 

MD5: a6896adb190cecb809f2ddceb26fc40c

 

 

For 6.5 or later agents, use the LiveUpdate package titled, Patch Policies - OS Comprehensive.

 

Note:  For more information regarding this update, download the Patch Policy Release Notes <Symantec_ESM_Patch_Policy_Release_Notes_2013.01.01.pdf>.

 

* Signature names may have been updated to comply with an updated IPS Signature naming convention. See http://www.symantec.com/business/support/index?page=content&id=TECH152794&key=54619&actp=LIST for more information.
Last modified on: January 11, 2013
Security Response Blog
The State of Spam