PREVIOUS GNEWS. 4 Patches / 5 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE,...
-
Upload
allen-todd -
Category
Documents
-
view
215 -
download
0
Transcript of PREVIOUS GNEWS. 4 Patches / 5 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE,...
PREVIOUS GNEWSPREVIOUS GNEWS
• 4 Patches / 5 Vulns – 3 Critical
• Affecting Winodow (all of them), Office, IE, SharePoint, .net
• Other updates, MSRT, Defender Definitions, Junk Mail Filter
– MS10-042 - Critical - Vulnerability in Help and SupportCenter Could Allow Remote Code Execution (2229593)
– Reported to have active exploits in the wild
– MS10-043 - Critical - Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)
– MS10-044 - Critical - Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335)
– MS10-045 - Important - Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212)
Patch Tuesday
• Oracle, 59 fixes – 21 affecting solaris
• Adobe, 2 patches– APSA10-14 Flash– APSA10-15, Reader + Acrobat
• Apple,– Security Update 2010-004 / OSX 10.6.4– iOS 4 (iphone(3g) ipod touch)– Safari 5
• Cisco– 8 patches, multiple products– ASA Software versions prior to 8.1(2), XSS / Remote
Execution– CSS / ACE, SSL spoofing
• Browsers– Firefox, Chrome, Opera, Safari
Holes / Patches
• unrealircd
• ipad needs email diaper
• 1000+ websites get malicious javascript from 2677.in
Hacking / Holes
• Kaminsky Tool– Anti XSS / SQL Injection
• OpenSolaris??– Oracle not working with the community
• US Cyber Command– Secret logo 9ec4c12949a4f31474f299058ce2b22a
Corp. Hell
Papers
yes
Updates
All images scavenged without permission
All images scavenged without permission