Shavlik NetChk Compliance 3.0 release

We have received a solid response from our customers about the product since the January 2006 launch of our compliance solution Shavlik NetChk Compliance, which automates the management of critical system and security configurations for both assessment and remediation, The feedback we are getting is how it helps them lower operational costs and reduce their risk of exposure by automating many of the tasks required to assess system health and prepare for IT audits.

We have also learned a number of key things about where the industry is at in regards to security compliance enforcement – in short we are just getting started at automating this, or for some even doing it at all.  The industry needs to head in this direction because w/o a properly configured computer security is just not possible, and a lot of money is spent to prove its not possible.  Like Edison said when he worked to commercialize the light bulb – he learned 1000s of ways to not make a long lasting bulb, its the same for security – as an industry we are still learning what does not work, but I do believe a solid automation around compliance does work, assuming it includes Patch Management and the removal of unwanted s/w of course!

We  listened to our customers about some desired new features for NetChk Compliance, and we incorporated those into NetChk Compliance 3.0, our latest version, this release is mostly built around adding what our customers asked us for, so the markets are starting to mature for Compliance management – which is good news.  We will be announcing general availability soon but I wanted to put a note out now.

We are always committed to providing a simplified, automated and flexible approach to compliance and security management as we are in all our products. We are finding that while managing networks from a policy compliance is hard work and time consuming, products like ours do help and are a great foundation to build from.  One key item in our release is the ability of customers to add in their own low, and lower, level checks so its easy to make specific policies such as which AV is running, or having the desktop F/W enabled if that F/W is not the MS F/W which we have built in support for.  Every company seems to want to focus on different aspects to create and enforce policy for, so while we provide a large number of built in items, the ability to add more is key since no matter how many we add, someone will need the one we do not have.  There is something like 2,000 possible things to create a security policy for on the Microsoft platform, its best to pick the top 10 to start with, and once that is well underway go to your top 100 etc.

If you find that you are facing similar challenges keeping your environment in compliance or have found solutions that work for you, I would really like to hear about it.

patch day

Microsoft has released nine new security bulletins today, six of them critical.  Shavlik is currently testing these patches and will release updated XML files shortly.

MS07-042: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)
Severity: Critical
http://www.microsoft.com/technet/security/Bulletin/MS07-042.mspx

MS07-043: Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)
Severity: Critical
http://www.microsoft.com/technet/security/Bulletin/MS07-043.mspx

MS07-044: Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)
Severity: Critical
http://www.microsoft.com/technet/security/Bulletin/MS07-044.mspx

MS07-045: Cumulative Security Update for Internet Explorer (937143)
Severity: Critical
http://www.microsoft.com/technet/security/Bulletin/MS07-045.mspx

MS07-046: Vulnerability in GDI Could Allow Remote Code Execution
(938829)
Severity: Critical
http://www.microsoft.com/technet/security/Bulletin/MS07-046.mspx

MS07-047: Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (936782)
Severity: Important
http://www.microsoft.com/technet/security/Bulletin/MS07-047.mspx

MS07-048: Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution (938123)
Severity: Important
http://www.microsoft.com/technet/security/Bulletin/MS07-048.mspx

MS07-049: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986)
Severity: Important
http://www.microsoft.com/technet/security/Bulletin/MS07-049.mspx

MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127)
Severity: Critical
http://www.microsoft.com/technet/security/Bulletin/MS07-050.mspx

Testing patches article

Here is an article we recently published on the importance of patch testing.

“Information technology personnel have grown accustomed to the virtual onslaught of security updates, or patches, released monthly, weekly and sometimes even daily for the key operating systems on their networks. With each of these security updates, a thousand questions need answering: “What does this patch fix?” “Does the risk actually impact my environment?” and more importantly “Will this update break my systems?”

It is inevitable — a security update will break something, or force network administrators to find a work-around to make a core application on their network function properly again. Knowing what security updates will affect the network is essential to ensure network uptime and minimize that technology demon known as “unscheduled downtime”

Patch, malware updates

Shavlik Technologies has released updated patch and spyware XML files for Shavlik HFNetChkPro and Shavlik NetChk Protect.

[Patch]
XML data version = 1.1.3.3694  Last modified on 7/31/2007

This update includes the following changes:

– Added FF07-005 Firefox 2.0.0.6
– Added MSWU-145 Intel patch (already present for 5.9 customers, this patch has now been added for customers using NetChk version 5.8.1)
– Added MSWU-146 (KB936529) Some Interix-related functions do not work, and you cannot open a command shell after you upgrade computers to Windows Server 2003 with Service Pack 2 (versions 5.81 and 5.9 only)
– Added MSWU-149 Update for Windows XP (KB938828)
– Updated detection logic for Services for Unix

[Spyware]
Version 5.6/5.8.1/5.9
XML Date:  07/27/2007
XML Version:  1.0.2.1552
XML Object Count:  109,321

Version 5.5
XML Date:  07/27/2007
XML Version:  1.0.2.1553
XML Object Count:  108,964

Added ErrorProtector
Added LinkedIn Outlook Toolbar
Added LinkedIn Internet Explorer Toolbar Added ErrorSafe