1. /
  2. Security Response/
  3. Security Updates Detail

Symantec Enterprise Security Manager - Symantec™ Enterprise Security Manager Security Update 2011.09.01 (SU 42)

October 3, 2011

Description

With the Security Update 2011.09.01, Symantec Enterprise Security Manager has been enhanced to support Red Hat Enterprise Linux 6.1 on x86, x86_64, PPC64, and zLinux (s390x) and Oracle Solaris 11 Express on x86 and SPARC.

 

The Security Update 2011.09.01 also includes a new content separation functionality, six new checks, and six new messages across various modules on UNIX and Windows.

 

Install Security Update 2011.09.01 to upgrade UNIX and Windows security modules on Symantec ESM 9.0 or later agents. For detailed descriptions of new features and enhancements, download the Security Update 2011.09.01 Release Notes.

New Support

New support on ESM 9.0 or later versions are as follows:

 

  • Red Hat Enterprise Linux 6.1 on x86, x86_64, PPC64, and zLinux (s390x)
  • Oracle Solaris 11 Express on x86 and SPARC

New Features

New features in Security Update 2011.09.01 are as follows:

  • Content Separation

From this release onwards, two separate content packages are shipped. Install the package that contains the module binaries on the ESM agents and install the package that contains the security content such as configuration (.m) files, word files, template files, properties files, and report content files (RDL) on the ESM managers.

  • A new check, Signature using prelink in the File Watch module on UNIX.
  • A new check, IIS configured certificates in the IIS Configurations module on Windows.
  • A new check, Fullcore disabled in the Object Integrity module on UNIX.
  • A new check, Use lastLogonTimestamp for Inactive accounts checks in the Login Parameters module on Windows.
  • A new check, File system nodev protection in the Startup Files module on UNIX.
  • A new check, root CRONTAB file content ownership in the System Queues module on UNIX.
  • Two new messages are added in the Agent Information module on UNIX.
  • Three new messages are added in the Object Integrity module on UNIX.
  • One new message is added in the Security Update installer on UNIX.

 

Note: On the LiveUpdate wizard, the SU version is now visible in the following format: SU<YYYY>.<MM>.<Release_Version>. Where, YYYY is the year of release, MM is the month of release, and Release_Version is the release version of the SU. For example, SU 42 is displayed as SU 2011.09.01 on the LiveUpdate wizard.

 

Manager Downloads

Download Security Update 2011.09.01 for Solaris SPARC

MD5: a9dc9895b26b246d59ebe4558ec76730

 

Download Security Update 2011.09.01 for Windows

MD5: 1d6e633e742653f02643dbba4ef4c90f

Agent Downloads

Download Security Update 2011.09.01 for AIX-PPC64
  • AIX 5.3 (64-bit only)
  • AIX 6.1 (64-bit)
  • AIX 7.1 (64-bit)

MD5: d16aa9cc95239aecd2dafe6b8dd4cf87

 

Download Security Update 2011.09.01 for AIX RS/6000
  • AIX 5.2 (32-bit and 64- bit only)
  • AIX 5.3 (32-bit only)

MD5: f1bc67817746c294af0f5a3b17b8e49c

 

Download Security Update 2011.09.01 for HP-UX

MD5: d3e776aaa5d0b9b209e41a95614c9842

 

Download Security Update 2011.09.01 for HP-UX 11i for Itanium-based systems

MD5: 83ccba912aca5881d5f026f7bbb7e3ca

 

Download Security Update 2011.09.01 for Red Hat Enterprise Linux for Itanium

MD5: f88d5e4172d620a54d579b4dc2144490

 

Download Security Update 2011.09.01 for SUSE Linux Enterprise Server for Itanium

MD5: f88d5e4172d620a54d579b4dc2144490

 

Download Security Update 2011.09.01 for Red Hat Enterprise Linux for IBM eServer PPC (64-bit)

MD5: fe525c3af1ce5d1fa2b01552a2bb91cc

 

Download Security Update 2011.09.01 for SUSE Linux Enterprise Server for IBM eServer PPC (64-bit)

MD5: fe525c3af1ce5d1fa2b01552a2bb91cc

 

Download Security Update 2011.09.01 for Linux

MD5:  99990020a55a889bc31d7d1971d61e67

Linux Platforms include:

  • Red Hat Enterprise Server (x86, X86_64)
  • SUSE Linux Enterprise Server (x86)
  • SUSE Linux Enterprise Server (X86_64)
  • ESX Server (x86, Opteron)

 

Download Security Update 2011.09.01 for Red Hat Enterprise Linux on IBM zSeries (s390x)

MD5:  242407959b475a990d2856ac34c10cb6

 

Download Security Update 2011.09.01 for SUSE Linux Enterprise Server on IBM zSeries (s390x)

MD5: 242407959b475a990d2856ac34c10cb6

 

Download Security Update 2011.09.01 for Solaris SPARC

MD5: b256b9dcbd573eb062fa2631b3de99a4

 

Download Security Update 2011.09.01 for Solaris 10 (x86, X86_64)

MD5: 158c3bd045be8c301b3dbd1ebb20594b

 

Download Security Update 2011.09.01 for Windows XP

MD5: 24431a5af97af8edef9767697bb910f7

 

Download Security Update 2011.09.01 for Windows Server 2003

MD5: 0d708405a937fc17de52a9715d711a74

 

Download Security Update 2011.09.01 for Windows Server 2003 for 64-bit Itanium-based systems

MD5: b07b537c0c4c9446263b6afe3b513b3f

                                     

Download Security Update 2011.09.01 for Windows Server 2003 (X86_64)

MD5: 91aabbb6c1596db8f063c72f87ea983e

 

Download Security Update 2011.09.01 for Windows Vista (32-bit)

MD5: 9ad8988da95a2c12cab224fac5ca1a1e

 

Download Security Update 2011.09.01 for Windows Vista (64-bit)

MD5: 5218c60ef886ea17578106bc598c79c9

 

Download Security Update 2011.09.01 for Windows 7 (32-bit)

MD5: e03bb98cee72f7b9a01f49b7c611e088

 

Download Security Update 2011.09.01 for Windows 7 (64-bit)

MD5: 5740945159a7eec385fc456b0b900187

 

Download Security Update 2011.09.01 for Windows Server 2008

MD5: f6f6d1ef05dda12d308b53c38cf7ea9f

 

Download Security Update 2011.09.01 for Windows Server 2008 for 64-bit Itanium-based systems

MD5: 6c1ed2d924db18bef89538c01c9b9daf

 

Download Security Update 2011.09.01 for Windows Server 2008 (X86_64)

MD5: af70284a301663a1e5a8858bbd6550c7

 

For these platforms, continue to use Security Update 18:

Download Security Update 18 for Digital UNIX

 

For these platforms, continue to use Security Update 17:

Download Security Update 17 for Irix

Download Security Update 17 for Sequent

 

Agent Installs

Refer to the ESM Agent Downloads section on the following Security Response Web site or information on downloading the ESM 9.0 or later agents:

http://www.symantec.com/avcenter/security/Content/Product/Product_ESM.html

 

Documentation

The SU Release Notes contain the details of all module enhancements. Continue using your Security Update 17 User Guides until the updated guides are released. 

 

Download Security Update 2011.09.01 Release Notes (PDF)

Download Security Update 17 User Guide for UNIX (PDF)

Download Security Update 17 User Guide for Windows (PDF)

* Signature names may have been updated to comply with an updated IPS Signature naming convention. See http://www.symantec.com/business/support/index?page=content&id=TECH152794&key=54619&actp=LIST for more information.
Last modified on: October 3, 2011
Security Response Blog
The State of Spam