Archive for September, 2010
ASP.Net vulnerability
Wednesday, September 22nd, 2010Update – September 28 – Microsoft to release an Out of Band update for ASP.Net applications. See http://blogs.technet.com/b/msrc/archive/2010/09/27/out-of-band-release-to-address-microsoft-security-advisory-2416728.aspx for additional details. On September 17, a major vulnerability was identified in all ASP.Net applications. The condition has been recognized by Microsoft and efforts are underway to develop a patch. The URLs provided below include most of …
Autoupdates for Firefox 3.5.11 and 3.6.9 have been temporarily halted
Wednesday, September 15th, 2010As an aside - I have patched at least 4 personal machines to version 3.6.9 with no problem. http://www.networkworld.com/news/2010/091410-mozilla-halts-firefox-security.html?hpg1=bnMozilla has stopped providing security updates to Firefox users as it investigates a bug that caused computers to crash last week. Computerworld blogger Michael Horowitz first reported on the problem last Sunday after he tried to update …
Microsoft patches for September
Thursday, September 9th, 2010Microsoft has just announced the patches that are scheduled to be released for September – http://www.microsoft.com/technet/security/bulletin/ms10-sep.mspx The patches are scheduled to be released on September 14. As has been the trend, the older operating systems (generally XP and Server 2003) have the larger number of applicable bulletins and also more often receive the critical classification. …
Updated versions of Firefox, Thunderbird and Seamonkey
Wednesday, September 8th, 2010http://secunia.com/advisories/41297Secunia Advisory SA41297Mozilla Firefox Multiple VulnerabilitiesSecunia Advisory SA41297 Release Date 2010-09-08 Criticality level Highly critical Impact Cross Site ScriptingExposure of sensitive informationSystem accessWhere From remote DescriptionMultiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting …
Vulnerability in Adobe Reader & Acrobat – all windows versions
Wednesday, September 8th, 2010Update – October 5 - A new version of Adobe Reader and Acrobat are available. Please do a check for updates. For users on XP machines you will need to be logged in as an administrator. Secunia announcementhttp://secunia.com/advisories/41340 Secunia Advisory SA41340 Adobe Reader / Acrobat Font Parsing Buffer Overflow Vulnerability level Extremely critical Impact …
Quicktime vulnerability
Wednesday, September 1st, 2010>>> “White, Kevin” <> 9/1/2010 8:49 AM >>>MS-ISAC ADVISORY NUMBER:2010-072 DATE(S) ISSUED:8/30/2010 SUBJECT:Vulnerability in Apple QuickTime Player Could Allow for Remote Code ExecutionOVERVIEW: A vulnerability has been discovered in Apple QuickTime Player that could allow remote code execution. Apple QuickTime Player is used to play media files on Microsoft Windows and Mac OS X operating …
