1. /
  2. Security Response/
  3. Security Updates Detail

Symantec Enterprise Security Manager - Security Update 2009.03.01 (SU 37)

March 31, 2009

Description

Description

The Symantec Enterprise Security Manager™ Security Update 2009.03.01 has been enhanced to support AIX 6.1 on AIX Workload Partition (WPAR) and Support for Red Hat Enterprise Linux Server 5 on PPC e-Server.

Security Update 2009.03.01 introduces 19 new checks across several modules.

Install Security Update 2009.03.01 to upgrade UNIX and Windows security modules on Symantec ESM 6.5 and later agents. For detailed descriptions of new features and enhancements, download the Security Update 2009.03.01 Release Notes.

Enhancements

Security Update 2009.03.01 provides the following enhancements:
  • Support for the following operating systems on ESM 6.5.3 and later versions:
    • AIX 6.1 on AIX Workload Partition (WPAR)
    • Red Hat Enterprise Linux Server 5 on PPC e-server
  • One new check in the Windows Account Integrity module
    • Prevent group expansion
  • One new check in the Unix Account Integrity module
    • Integrity of password and group files
  • One new check in the Windows Agent Information module
    • Computer SID
  • One new check in the Windows File Attributes module
    • Permission inheritance
  • Two new checks in the UNIX File Attributes module
    • Prohibited user ownership
    • Prohibited group ownership
  • One new check in the Windows and UNIX File Watch module
    • Maximum reported messages
    o
  • Three new checks in the UNIX Login Parameters module
    • Maximum logins allowed
    • Multiline warning banners
    • Warning banners (Check service running)
  • One new check in the Windows Network Integrity module
    • Established TCP ports
  • One new check in the Windows Startup Files module
    • Scheduled Tasks
  • Six new checks in the Windows Symantec Product Information module
    • LiveUpdate frequency
    • Scan frequency
    • Maximum virus definition file age
    • File system auto-protected
    • Internet email auto-protected
    • Outlook Auto-Protected
  • One new check in the Windows System Auditing module
    • Granular system audit setting
  • One new template in the Windows System Auditing module
    • Granular System Audit Setting
Note: : On the LiveUpdate wizard, the SU version is now visible in the following format: SU<YYYY>.<MM>.<Release_Version>. ... Where, YYYY is the year of release, MM is the month of release, and Release_Version is the release version of the SU. For example, SU 37 displays as SU 2009.03.01 on the LiveUpdate wizard.

Downloads

Download Security Update 2009.03.01 for AIX-PPC64
  • AIX 5.3 (64-bit only)
  • AIX 6.1 (64-bit)
    MD5:2a0c121cc3b7b7e3b0e944c1ee980217
Linux Platforms include:
  • Red Hat Enterprise Server (x86, Opteron and EM64T)
  • SUSE Linux Enterprise Server 9/10 (x86)
  • SUSE Linux Enterprise Server 9/10 (Opteron and EM64T)
  • ESX Server (x86, Opteron)
For these platforms, continue to use Security Update 18:
For these platforms, continue to use Security Update 17:

Extended Support

The Extended Support TPK includes the following enhancements:
  • Large file support
  • Extended unprintable characters in filenames support (Solaris only)
  • Full promiscuous mode detection (Solaris only)
Download Security Update 2009.03.01 for AIX RS/6000 (Extended Support on AIX 5.2 and later)
  • AIX 5.2 (32-bit and 64-bit) and AIX 5.3 (32-bit)
    MD5:af1d47d465e8e94c32342d3f788e167d
Note: The non-extended TPK installers of AIX RS/6000, HP-UX, and Solaris SPARC are no longer shipped with the Security Updates. However, you can download the extended support TPK installers.

Agent Installs

Refer the following Security Response Web page for information on downloading the ESM 6.0/6.5.x agents:

Documentation

The SU Release Notes contain the details of all module enhancements. Continue using your Security Update 17 User’s Guides until the updated guides are released.
* Signature names may have been updated to comply with an updated IPS Signature naming convention. See http://www.symantec.com/business/support/index?page=content&id=TECH152794&key=54619&actp=LIST for more information.
Last modified on: March 31, 2009
Security Response Blog
The State of Spam