PREVIOUS GNEWSPREVIOUS GNEWS

• 4 Patches / 5 Vulns – 3 Critical

• Affecting Winodow (all of them), Office, IE, SharePoint, .net

• Other updates, MSRT, Defender Definitions, Junk Mail Filter

– MS10-042 - Critical - Vulnerability in Help and SupportCenter Could Allow Remote Code Execution (2229593)

– Reported to have active exploits in the wild

– MS10-043 - Critical - Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)

– MS10-044 - Critical - Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335)

– MS10-045 - Important - Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212)

Patch Tuesday

• Oracle, 59 fixes – 21 affecting solaris

• Adobe, 2 patches– APSA10-14 Flash– APSA10-15, Reader + Acrobat

• Apple,– Security Update 2010-004 / OSX 10.6.4– iOS 4 (iphone(3g) ipod touch)– Safari 5

• Cisco– 8 patches, multiple products– ASA Software versions prior to 8.1(2), XSS / Remote

Execution– CSS / ACE, SSL spoofing

• Browsers– Firefox, Chrome, Opera, Safari

Holes / Patches

• unrealircd

• ipad needs email diaper

• 1000+ websites get malicious javascript from 2677.in

Hacking / Holes

• Kaminsky Tool– Anti XSS / SQL Injection

• OpenSolaris??– Oracle not working with the community

• US Cyber Command– Secret logo 9ec4c12949a4f31474f299058ce2b22a

Corp. Hell

Papers

yes

Updates

All images scavenged without permission

All images scavenged without permission