File(s)
The files below have been obsoleted by a newer Security Update.
Download Security Update 12 Release Notes (PDF)
Download Security Update 12 for Solaris SPARC
Download Security Update 12 for HP-UX
Download Security Update 12 for AIX RS/6000
Download Security Update 12 for Red Hat Linux
Download Security Update 12 for Digital UNIX
Download Security Update 12 for Sequent x86
Download Security Update 12 for IRIX
Download Security Update 12 for Windows 2000
Download Security Update 12 for Windows NT
Download Security Update 12 for Windows XP
Download Security Update 12 User's Guide for UNIX (PDF)
Download Security Update 12 User's Guide for Windows 2000 (PDF)
Download Security Update 12 User's Guide for Windows NT (PDF)
Download Security Update 12 User's Guide for Windows XP (PDF)
Download ICE Module Training Guide (PDF)
Download ICE Module Training Guide Demonstrations
If you plan to upgrade to ESM 5.5 in the near future, we recommend that you install ESM 5.5 before applying SU12. ESM 5.5 contains SU8. If SU12 is installed to an older version of ESM, it will need to be reapplied after ESM 5.5 is installed.
Install Security Update 12 to upgrade the Windows and UNIX security modules on Symantec ESM 5.x agents. For detailed descriptions of new features and enhancements, download the ESM Security Update 12 Release Notes.
Windows and UNIX platforms
- The new Response module lets users use templates at the Symantec Web site for new security incidents and vulnerabilities between Security Updates
- Three new checks in the Network Integrity module report New, Modified, and Deleted Listening ports
- The text field added to password cracking checks in the Password Strength module lets users specify a percentage of enabled word files to compare to passwords. The next time the module is run, the comparison resumes where the previous run ended
Windows only platforms
- Six checks in the new Active Directory module (Windows 2000 only) report Group Policy Objects (GPOs) for computers in Active Directory Services (ADS)
- Two new checks in the Account Integrity module (Windows XP only) reports accounts that have and are denied the right to log on through Terminal Services
- Another new check reports accounts that have the right to Perform Volume Maintenance Tasks
- The Increase Quotas check is now the Adjust Memory Quotas for a Process and it checks memory quotas rather than processor quotas
- Two new checks in the Network Integrity module report Listening TCP and UDP Ports
- Three new checks report New and Modified Network Shares
- The OS Patch template has a new Type column where users can specify Mandatory or Forbidden installed patches
- The OS Patch module now supports file-only patch IDs that start with f, F, q, Q, and S
- In the checks for Required, Forbidden, and Unknown Services in the Startup Files module, you can now specify service names or display names interchangeably in name lists. You can also use wildcard characters in names
UNIX only platforms
- The new Conditions sublist in the File Content Search template defines search criteria for running processes and configured services
- New Check Required Files and Check Forbidden Files checks in the User Files module report Required files that are and are not found in the user's home directory
Correctable messages
In certain messages of the following Windows modules you can change agent settings to match snapshot or template files. These corrections are made in the Updateable/Correctable field of the Symantec ESM grid.
- Account Integrity
- Network Integrity
- Password Strength
- Startup Files
- System Auditing
Last modified on: Saturday, 25-Oct-03 04:23:48
|
