Archive for July, 2010

Flaws in how all browsers handle SSL sessions in Tabs

Friday, July 30th, 2010

Everything I am reading here seems to indicate that as long as you open your SSL sessions in a new browser window, you should be ok. That is what I recommend. http://threatpost.com/en_us/print/5953[1]LAS VEGAS–A security researcher has found a slew of fundamental problems with the way that modern browsers are designed and built, leading to serious […]

Microsoft to release out of band patch for shortcut vulnerability – Aug2

Friday, July 30th, 2010

On Monday, August 2, Microsoft is scheduled to release an out of band patch. Everything I am seeing seems to indicate this is a patch for the .lnk shortcut vulnerability.  Update – July 30 – 2:00 p.m.They are kind of vague in both the advance notification and also the original advisory – but this seems […]

What comes next for desktop security after antivirus and good email practices?

Friday, July 23rd, 2010

http://www.pcworld.com/article/201309/article.html?tk=nl_bex_h_topstoriesSecurity Secrets the Bad Guys Don’t Want You to KnowRogue scripts, fake antivirus programs, and infected PDFs: Defend yourself against the Web’s most insidious threats.

Vulnerability in Windows Shell – All Windows OSs potentially affected – fix it now available

Wednesday, July 21st, 2010

On Friday, July 16, a vulnerability was identified in Windows Shell that affects all Windows Operating Systems.  The Security Advisory is available at  http://www.microsoft.com/technet/security/advisory/2286198.mspx General Information Executive Summary Microsoft is investigating reports of limited, targeted attacks exploiting a vulnerability in Windows Shell, a component of Microsoft Windows. This advisory contains information about which versions of […]

Oracle Patches for July – total 59

Wednesday, July 14th, 2010

If you have any oracle systems – please see the following patch list. >>> “Luevano, Ana” <> 7/14/2010 8:13 AM >>>Oracle has released its Critical Patch Update for July 2010<http://www.oracle.com/technology/deploy/security/critical-patch-updates /cpujul2010.html>  to address 59 vulnerabilities across multipleproducts. This update contains the following security fixes: *    6 for Oracle Database Server*    2 for TimesTen In-Memory Database*   […]

Microsoft patches for July – 2 critical for OSs – 1 critical and 1 important for Office

Thursday, July 8th, 2010

Below is a brief summary of what has been announced for the July Microsoft patches. As more information comes available I will update this entry. http://www.microsoft.com/technet/security/bulletin/ms10-jul.mspx Two critical patches for Windows operating systemsWindows XP/SP2 (32 and 64bit) and also SP3 (32bit) Windows 7 and 2008R2 (64bit) One critical and one important patch for Office Office […]

Dont forget to patch Acrobat/Reader -versions are 8.2.3 and 9.3.3 respectively

Thursday, July 1st, 2010

Please make sure you update Adobe Acrobat and Reader to versions 8.2.3 and 9.3.3 as soon as possible. They can be downloaded from http://www.adobe.com/support/security/bulletins/apsb10-15.html