Posts Tagged Update
Microsoft to Fix 12 Vulnerabilities On Tuesday, While Sophos Alerts of fake Microsoft updates coming through email
Posted by Mourad Ben Lakhoua in News, Software Security, Vulnerabilities, Vulnerabilities & attacks on December 5, 2009
On this Tuesday we are going to have the regular monthly update by Microsoft the release will include a set of patches to fix 12 problem, we can find among the patches a fix to Internet Explorer 8 vulnerability.
These releases are issued for windows 2000, XP, Vista, Windows 7, Windows Server 2003, 2008 as well as IE 8, Office XP and Office 2003. Three patches status are critical, this means that the impact allows a hacker to use these bugs to run an arbitrary command remotely.
Internet Explorer 8 vulnerability will also be among the patches this bug can allow attacker to run malicious software on the system like Trojan or rootkit to steal credential and data authentication, Microsoft already warned of an existing exploit for this bug and recommends all customers to prevent this attack by keeping antivirus up to date, using a good Pc Firewall and installing all previous patches.
On the other hand Sophos security lab alerted of a fake email message that includes a link to an executable file Windows-KBxxxxx-ENU.exe which contains malware Mal/EncPK-LL here you can find the email image:
The source of the message appears coming directly from Steve Lipner, Microsoft’s Director of Security Assurance, it is here important to be careful and not follow direct links to executable files and make sure that you are updating your system from a trusted sources.
make sure you subscribe to my RSS feed!
Adobe Fixes Five Critical Vulnerabilities in Shockwave
Posted by Mourad Ben Lakhoua in News, Vulnerabilities on November 6, 2009
New set of patches have been released by Adobe to fix 5 critical vulnerabilities in the Shockwave player.
Adobe invites all shockwave users to update immediately there flash players, Four of these five bugs allows an attacker to execute a malicious code remotely which have been discovered by VUPEN security researchers.
According to the research lab, the Adobe vulnerability includes a violation in the memory information integrity, pointers and wrong indexing when a malicious content processed. All these errors can be used by an attacker to compromise a vulnerable system and exploit it when visiting a customized website regardless of your browser (IE or Firefox).
This is concerning the first four bugs while the last one is related to the boundary conditions Issues and can be used to cause a DoS-attack. here you can find the Security bulletin by Adobe.
make sure you subscribe to my RSS feed!
VMware Hosted products update libpng and Apache HTTP Server
Posted by Mourad Ben Lakhoua in News, Vulnerabilities on August 24, 2009
VMware has released new security advisory VMSA-2009-0010, in this advisory there is updates for the VMware Workstation, VMware Player, VMware ACE and a pending updates for VMware Server 1.X and 2.X.
According to the Security advisory descriptions there were discovered in the way third party library libpng handled uninitialized pointers. An attacker could create a PNG image file in such a way, that when loaded by an application linked to libpng, it could cause the application to crash or execute arbitrary code at the privilege level of the user that runs the application. The new version of ACE updates the Apache HTTP Server on Windows hosts to version 2.0.63 which addresses multiple security issues that existed in the previous versions of this server.
So it’s time to apply any necessary updates or workarounds to help mitigate the risks.
make sure you subscribe to my RSS feed!
New major updates for Sysinternal
Posted by Mourad Ben Lakhoua in News, Tools on July 28, 2009
Sysinternal announced some major updates for their tools package. The most interesting in these updates is the end life of Filemon and Regmon and adding a number of enhancements for Procmon, including new by-extension and by-directory views in the File Summary dialog, a new Network Summary view, quick filtering in all the summary views, additional IOCTL and error result decoding, and a number of bug fixes.
Process Monitor is the replacement for Filemon and Regmon and is much more advanced and scalable than its predecessors. We only aim to make Sysinternals tools work on Windows XP and higher, we’ve decided that it’s time to retire these venerable utilities that were born in the early days of Sysinternals (then NTinternals) back in 1996. So that you have a chance to say goodbye, we’re announcing now that they will be removed from the site on September 1.
It is always good when we have a new functionality and updates in Sysinternal.
make sure you subscribe to my RSS feed!
Apple releases 45 patches for iPhone, iPod
Posted by Mourad Ben Lakhoua in Vulnerabilities & attacks on June 18, 2009
Big number of fixes surprising, but no known malicious software for devices
Apple Inc released 45 software patches on Wednesday to address rare security vulnerabilities in its popular iPhone and iPod Touch mobile devices.
The company released them as part of its widely anticipated iPhone 3.0 operating system.
“This is a large cluster of patches for the iPhone,” said Dino Dai Zovi, a security expert who is writing a book on cracking the iPhone.
[Source: msnbc]
make sure you subscribe to my RSS feed!
New security solution from Panda
Posted by Mourad Ben Lakhoua in Software Security on June 15, 2009
Panda have recently released a new antivirus solution for Pcs and servers that are based on the concept of Software as a Service. in usual cases Implementing AV solution for companies can take a pretty long time and the management of this solution also demand a good number of specialist in the security area to maintain the logs make sure that all AV hosts are installed and there signature are up-to-date.
Personally I haven’t tried this AV solution but as a security consultant, I’m occasionally invited to remove malicious software from infected computers. There still no perfect anti-malware because each infection have a special way to remove .Now a day malware are having a very advanced way to hide in the system and defend them selves against anti-viruses, so it is always recommended to take the preventive measures against such a threat.
So my suggestion is to keep working with a limited account under windows system. To have the latest security updates. Configure your pc firewall software to not allow any unusual activities. and to keep your sensitive files out of network.
make sure you subscribe to my RSS feed!
Microsoft pushes fake Windows 7 updates
Posted by Mourad Ben Lakhoua in Operating System on May 13, 2009
Microsoft is set to test Windows 7′s update mechanism by issuing as many as 10 fake updates for the operating system over the coming week.
It will be the second time that Microsoft has released phony updates for Windows 7. In February, it tested the beta by delivering five bogus patches.
People running Windows 7 RC, which which was launched to the public last week, will be offered the mock updates beginning on Tuesday said Brandon LeBlanc, a Microsoft spokesman. Microsoft wants to “verify our ability to deliver and manage updating of Windows 7 in certain real-life scenarios,” LeBlanc explained in a blog post.
[Source: ComputerworldUK]
make sure you subscribe to my RSS feed!
Three new updates in Sysinternal
Posted by Mourad Ben Lakhoua in News on May 12, 2009
Sysinternals have announced lately three applications updates on there blog:
Autoruns v9.5: This update to Autoruns, a powerful autostart manager, adds display of audio and video codecs, which are gaining popularity as an extension mechanism used by malware to gain automatic execution.
PsLoglist v2.7: This version of PsLoglist, a command-line event log display utility, now properly displays event log entries for default event log sources on Windows Vista and higher and accepts wildcard matching for event sources.
PsExec v1.95: This version of PsExec, a utility for executing applications remotely, fixes an issue that prevented the -i (interactive) switch from working on Windows XP systems with a recent hotfix and includes a number of minor bug fixes.
make sure you subscribe to my RSS feed!
Omaha or Google Update
Posted by Mourad Ben Lakhoua in Software Security on April 15, 2009
Google have released new software that is designed to update automatically the installed software product within a computer. This program is called Omaha and currently it supports many Google products for Windows, including Google Chrome and Google Earth. In last Friday Jordan Miles a member of the Google Software Engineering Team wrote on the corporate blog that some users can be surprised to find this program running so they are working hard to address these concerns, and releasing the source code for Omaha to make the purpose of Google Update absolutely transparent.
At Google security experts are thinking that automatic updates is the best way to patch the discovered vulnerabilities, as it provides patches instantly in silent mode, so if you are looking of developing your own auto-updater go to Omaha and download it , by the way Omaha project is distributed under Apache License Version 2.0 which is preferred by Google.
VMware patches a critical security vulnerability
Posted by Mourad Ben Lakhoua in Vulnerabilities on April 11, 2009
VMWare has released new patches to address multiple vulnerabilities in the VMWare Hosted products, and ESX. These vulnerabilities may allow the ability to execute on the host server from a guest operating system.
Relevant releases :
• VMware Workstation 6.5.1 and earlier,
• VMware Player 2.5.1 and earlier,
• VMware ACE 2.5.1 and earlier,
• VMware Server 2.0,
• VMware Server 1.0.8 and earlier,
• VMware Fusion 2.0.3 and earlier,
• VMware ESXi 3.5 without patch ESXe350-200904201-O-SG,
• VMware ESX 3.5 without patch ESX350-200904201-SG,
• VMware ESX 3.0.3 without patch ESX303-200904403-SG,
• VMware ESX 3.0.2 without patch ESX-1008421.
So it is time to apply any necessary updates to help mitigate the risks.
SUBSCRIBE
Latest Comments