1. /
  2. Security Response/
  3. Security Updates Detail

Symantec Enterprise Security Manager - Security Update 2008.06.01 (SU 35)

July 4, 2008

Description

The Symantec Enterprise Security Manager™ Security Update 2008.06.01 has been enhanced to support HP-UX 11.31 (Itanium and PA-RISC), AIX 6.1 (PPC64), and Windows XP SP3 operating systems. A new logging feature has been introduced in the Windows Password Strength module. This feature enables Symantec ESM to store the logs of the module at the runtime.
In addition, nine new checks and three new templates have been added in several modules on UNIX.
Note: On the LiveUpdate wizard, the SU version will now be visible in the following format: SU <YYYY>.<MM>.<Release_Version>. Here, YYYY is the year of release, MM is the month of release, and Release_Version is the release version of this SU. For example, SU 35 will be displayed as SU2008.06.01 on the LiveUpdate wizard.
Install Security Update 2008.06.01 to upgrade UNIX and Windows security modules on Symantec ESM 6.x agents. For detailed descriptions of new features and enhancements, download the Security Update 2008.06.01 Release Notes.

Enhancements

Security Update 2008.06.01 provides the following enhancements:
  • Support for the following operating systems:
      • HP-UX 11.31 on Itanium
      • HP-UX 11.31 on PA-RISC
      • AIX 6.1 on PPC64
      • Windows XP SP3

  • New Logging feature for the Windows Password Strength module


  • 1 new check in the UNIX File Attributes module:
      • Detect Extended attributes

  • 1 new check in the UNIX Network Integrity module:
      • Daemon Logging

  • 3 new checks in the UNIX Password Strength module:
      • Verify DICTIONDBDIR entry
      • Verify DICTIONLIST entry
      • NAMECHECK allows username=password

  • 4 new checks in the UNIX Startup Files module:
      • Connection logging is not enabled
      • Services which are enabled
      • Verify Network parameter Values
      • Grub password

  • 3 new templates:
      • Daemon Logging (UNIX Network Integrity)
      • Extended Attributes (UNIX File Attributes)
      • SVCS Enabled Services (UNIX Startup Files)

  • New columns added in the DCOM Machine Restriction and Password Requirements template

Downloads

Download Security Update 2008.06.01 for AIX-PPC64
  • AIX 5.3 (64-bit only)
  • AIX 6.1 (64-bit)
  • MD5: 7a14f33c952c710c180fb3fc4cda8b60
Download Security Update 2008.06.01 for AIX RS/6000
  • AIX 5.2 (32-bit and 64- bit only)
  • AIX 5.3 (32-bit only)
  • MD5: 875ea0a3dd8784ae4666d9ebf5487d15
Download Security Update 2008.06.01 for HP-UX
  • MD5: 0b1a778fc93e4351e6a5dc6ec7dc6761
Download Security Update 2008.06.01 for Linux
  • MD5: c7196609dc6efb12af7f0ed980a9e02f
Linux Platforms include:
  • Red Hat Enterprise Server (x86, Opteron and EM64T)
  • SUSE Linux Enterprise Server 9/10 (x86)
  • SUSE Linux Enterprise Server 9/10 (Opteron and EM64T)
  • ESX Server (x86, Opteron)
Download Security Update 2008.06.01 for Windows XP
  • MD5: 8fec0fa49634b12387952abdf62d3ee2
For these platforms, continue to use Security Update 18:
For these platforms, continue to use Security Update 17:

Extended Support

The Extended Support TPK includes the following enhancements:
  • Large file support
  • Extended unprintable characters in filenames support (Solaris only)
  • Full promiscuous mode detection (Solaris only)
Download Security Update 2008.06.01 for HP-UX (Extended Support - 11.00+ only)
  • MD5: 6920e357d0e5e0743e99029dc6ac9634

Agent Installs

Refer the following Security Response Web page for information on downloading the ESM 6.0/6.5.x agents:

Documentation

The SU Release Notes contain the details of all module enhancements.The Symantec ESM OS Checks Reference contains information about the Symantec ESM modules, checks, and messages. Continue using your Security Update 17 User’s Guides until the updated guides are released.
Save the CHM to your local computer. After launching the CHM from your local computer, if the CHM does not display any topics, visit the following Microsoft Help and Support site and refer to the section on RESOLUTION:
http://support.microsoft.com/kb/902225
* Signature names may have been updated to comply with an updated IPS Signature naming convention. See http://www.symantec.com/business/support/index?page=content&id=TECH152794&key=54619&actp=LIST for more information.
Last modified on: July 4, 2008
Security Response Blog
The State of Spam