Posts Tagged patches
Microsoft prepares 13 patches for Next Tuesday
Posted by Mourad Ben Lakhoua in Operating System, Software Security, Vulnerabilities on February 5, 2010
Microsoft announce that they are about to release a 13 security updates on next Tuesday, these new security patches are issued to fix 26 security vulnerabilities in windows operating system and Microsoft office suite.
According to the Advanced Notification five updates are critical and the 8 others are important. While we can find 11 of 13 patches are issued to fix vulnerabilities in one or more operating systems, and the remaining two patches are for Office XP and Office 2003 for windows and Office 2004 for Mac.
Among the patches we can find a fix for a 17 year old Bug in 32-bit windows version, and will close the loophole that involves the venerable DOS operating system. Internet Explorer two recent critical vulnerabilities will not be patched for this Tuesday updates.
You can find Microsoft Security Bulletin Advance Notification for February 2010 Here.
make sure you subscribe to my RSS feed!
Hewlett-Packard Fixes a Bunch of OpenView Vulnerabilities
Posted by Mourad Ben Lakhoua in Vulnerabilities, Vulnerabilities & attacks on December 11, 2009
Hewlett-Packard Company has released several patches for a bunch of vulnerability on OpenView Software products. HP advises administrators to install the patches immediately to mitigate the risk.
OpenView Network Node Manager (OV NNM) is affected by 12 critical bugs that attackers could use to execute remote arbitrary code and gain control over the system.
The vulnerable versions are OV NNM 7.01 and 7.35 running on HP-UX, Linux, Solaris and Microsoft Windows. But here it is important to note that fixes are released only to version 7.53 so to install the patches for all previous versions Admin are required to upgrade to the latest one and then install the updates.
About eleven of the twelve bugs are detected by TippingPoint and the last bug is reported by researcher from IBM X-Force unit.
So go a head To review the Support Communication –Security Bulletin and act upon as soon as possible.
make sure you subscribe to my RSS feed!
Microsoft leaves patches surprise
Posted by Mourad Ben Lakhoua in News, Operating System, Vulnerabilities on September 6, 2009
Microsoft announced lately that it will release five critical updates for windows, but at this time Microsoft did not provide the technical details regarding the patch list like the previous one.
However Andrew Storms nCircle’s Director of Security Operations, made a statement about the possible upgrade kit composition, In particular the expert suggested that we will see update for the Active Template Library (ATL) the vulnerability which has been disclosed publically in July while there is four to five updates concerning Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008.
According to Storm the Tuesday patches will not include the IIS Web server vulnerability while Microsoft promised that it would patch IIS at some point.
Release of these bulletins is scheduled for Tuesday, September 8, so we are still looking for the surprise.
make sure you subscribe to my RSS feed!
Cisco Releases Security Advisory for Firewall Services Module Vulnerability
Posted by Mourad Ben Lakhoua in News, Vulnerabilities on August 21, 2009
Cisco has released a new update designed to patch vulnerabilities in their network devices. According to Cisco this hole can allow an attacker to create a denial of service on the routers and switches. This vulnerability particularly concerns the Cisco Firewall Services Module (FWSM) for Cisco catalyst 6500 and Cisco router 7600 series.
The vulnerability exists in the Firewall Services Module. By sending specially crafted ICMP messages to the Firewall Services Module, an attacker can cause a denial-of-service condition.
For this month there were already long lists of software patches among them the latest ColdFusion and JRun patches and the monthly set of patches by Microsoft that was designed to eliminate 19 Bugs.
So take a look at all security advisories and apply any necessary updates or workarounds to help mitigate the risks.
make sure you subscribe to my RSS feed!
Apple releases 45 patches for iPhone, iPod
Posted by Mourad Ben Lakhoua in Vulnerabilities & attacks on June 18, 2009
Big number of fixes surprising, but no known malicious software for devices
Apple Inc released 45 software patches on Wednesday to address rare security vulnerabilities in its popular iPhone and iPod Touch mobile devices.
The company released them as part of its widely anticipated iPhone 3.0 operating system.
“This is a large cluster of patches for the iPhone,” said Dino Dai Zovi, a security expert who is writing a book on cracking the iPhone.
[Source: msnbc]
make sure you subscribe to my RSS feed!
SUBSCRIBE
