Mozilla Firefox 33.0 Released: October 14, 2014

Uncategorized Comments Off
Version 33.0, first offered to Release channel users on October 13, 2014

Check out “What’s New” and “Known Issues” for this version of Firefox below.
As always, you’re encouraged to tell us what you think, or file a bug in Bugzilla. If interested, please see the complete list of changes in this release.

https://www.mozilla.org/en-US/firefox/33.0/releasenotes/

Microsoft Security Advisory Notification Issued: August 12, 2014

Security Bulletins / Advisories, Uncategorized Comments Off

Security Advisories Updated or Released Today


* Microsoft Security Advisory (2755801)
– Title: Update for Vulnerabilities in Adobe Flash Player in
Internet Explorer
– »technet.microsoft.com/library/se···/2755801
– Revision Note: V27.0 (August 12, 2014): Added the 2982794
update to the Current Update section.

Microsoft Security Bulletin(s) for August 12, 2014

Security Bulletins / Advisories, Uncategorized Comments Off
Note: There may be latency issues due to replication, if the page does not display keep refreshing

Today Microsoft released the following Security Bulletin(s).

Note: http://www.microsoft.com/technet/security and http://www.microsoft.com/security are authoritative in all matters concerning Microsoft Security Bulletins! ANY e-mail, web board or newsgroup posting (including this one) should be verified by visiting these sites for official information. Microsoft never sends security or other updates as attachments. These updates must be downloaded from the microsoft.com download center or Windows Update. See the individual bulletins for details.

Because some malicious messages attempt to masquerade as official Microsoft security notices, it is recommended that you physically type the URLs into your web browser and not click on the hyperlinks provided.

Bulletin Summary:

https://technet.microsoft.com/library/security/ms14-aug

Critical (2)

Microsoft Security Bulletin MS14-051
Cumulative Security Update for Internet Explorer (2976627)

https://technet.microsoft.com/library/security/ms14-051

Microsoft Security Bulletin MS14-043
Vulnerability in Windows Media Center Could Allow Remote Code Execution (2978742)

https://technet.microsoft.com/library/security/ms14-043

Important (7)

Microsoft Security Bulletin MS14-048
Vulnerability in OneNote Could Allow Remote Code Execution (2977201)

https://technet.microsoft.com/library/security/ms14-048

Microsoft Security Bulletin MS14-044
Vulnerabilities in SQL Server Could Allow Elevation of Privilege (2984340)

https://technet.microsoft.com/library/security/ms14-044

Microsoft Security Bulletin MS14-045
Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2984615)

https://technet.microsoft.com/library/security/ms14-045

Microsoft Security Bulletin MS14-049
Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (2962490)

https://technet.microsoft.com/library/security/ms14-049

Microsoft Security Bulletin MS14-050
Vulnerability in Microsoft SharePoint Server Could Allow Elevation of Privilege (2977202)

https://technet.microsoft.com/library/security/ms14-050

Microsoft Security Bulletin MS14-046
Vulnerability in .NET Framework Could Allow Security Feature Bypass (2984625)

https://technet.microsoft.com/library/security/ms14-046

Microsoft Security Bulletin MS14-047
Vulnerability in LRPC Could Allow Security Feature Bypass (2978668)

https://technet.microsoft.com/library/security/ms14-047

Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so.

If you have any questions regarding the patch or its implementation after reading the above listed bulletin you should contact Product Support Services in the United States at 1-866-PCSafety 1-866-727-2338. International customers should contact their local subsidiary.

As always, download the updates only from the vendors website – visit Windows Update and Office Update or Microsoft Update websites. You may also get the updates thru Automatic Updates functionality in Windows system.

Security Tool
Find out if you are missing important Microsoft product updates by using MBSA.

Storm Worm Botnet Attacks Anti-Spam Firms

Uncategorized Comments Off

There’s no need to warn the anti-spam researchers at the Spamhaus Project about the Storm worm authors’ ability to launch massive denial-of-service attacks. They’ve been fending them off for several months. And they’ve lived — or at least stayed online — to tell the tale.

“It’s been a pretty constant battle to stay online,” Vincent Hanna, an investigator for the non-profit Spamhaus Project, told InformationWeek. “It’s an arms race. They try something. We block it. They try something else. We block it. It goes on and on. Sometimes it’s fine and sometimes we spend hours a day on this.”

Full Story at informationweek.com 

 

AVG 7.1 Free Edition Users

Uncategorized Comments Off

As of February 18th, 2007, AVG 7.1 Free Edition is no longer supported. If you are still using AVG 7.1 Free Edition, please take action now to remain safe by downloading the new AVG 7.5 Free Edition.

Microsoft Security Bulletin Minor Revisions – January 2007

Uncategorized Comments Off

Issued: January 24, 2007

Summary

The following bulletins have undergone a minor revision increment.
Please see the appropriate bulletin for more details.

  * MS07-003

Bulletin Information:

* MS07-003

   – Reason for Revision: Bulletin updated to add “You receive an
    error message “Microsoft Office Outlook has encountered a
    problem and needs to close. We are sorry for the
    inconvenience.” when you use Microsoft CRM client for
    Microsoft Outlook (931270)” under “What are the known issues
    that customers may experience when they install this security
    update?” in the “Frequently Asked Questions (FAQ) Related to
    This Security Update” section.  
  – Originally posted: January 9, 2007
  – Updated: January 24, 2007
  – Bulletin Severity Rating: Critical
  – Version: 1.1
        
Support:

Technical support resources can be found at:
http://go.microsoft.com/fwlink/?LinkId=21131

Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat

Uncategorized Comments Off

This Security Bulletin addresses several vulnerabilities, including issues that have already been disclosed. An update is available for a cross-site scripting (XSS) vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat that could allow remote attackers to inject arbitrary JavaScript into a browser session. This vulnerability, previously reported in APSA07-01 on January 4, 2007, has been assigned an important severity rating. Additional vulnerabilities have been identified in versions 7.0.8 and earlier of Adobe Reader and Acrobat that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. These vulnerabilities have been assigned a critical severity rating. A malicious file must be loaded in Adobe Reader by the end user for an attacker to exploit these vulnerabilities. It is recommended that users update to the most current version of Adobe Reader or Acrobat available.

 


McAfee Weaves Cisco NAC Into Total Protection

Uncategorized Comments Off
McAfee Monday unveiled a revamped version of its Total Protection Enterprise offering that includes a range of security improvements and support for Cisco’s network admission control (NAC) technology.

Total Protection Enterprise, which McAfee launched in April, bundles the Santa Clara, Calif.-based vendor’s antivirus, antispyware, antispam and intrusion prevention products and makes them accessible through its ePolicy Orchestrator management console. Total Protection Enterprise Advanced edition adds McAfee’s Policy Enforcer network access control (NAC) software.

Techweb 

Apple Fixes 15 Flaws, Updates Mac OS X To 10.4.8

Uncategorized Comments Off

Apple Computer Inc. on Friday updated Mac OS X 10.4 to patch 15 vulnerabilities in the operating system and bundled software that can let attackers run malicious code, crash the computer, or gain unauthorized access to the machine.

Techweb 

Internet Explorer HTML Help ActiveX Control Memory Corruption

Uncategorized Comments Off

Secunia Advisory:
SA20906
Release Date: 2006-07-04

Description:
HD Moore has discovered a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to an error in the HTML Help ActiveX control (hhctrl.ocx) when handling the “Image” property. This can be exploited to cause a memory corruption by setting an overly long string multiple times for the property.

Successful exploitation may allow execution of arbitrary code.

The vulnerability has been confirmed on a fully patched system running Windows XP SP2 with Internet Explorer 6.0. Other versions may also be affected.

Solution:
Disable the “Run ActiveX controls and plug-ins” setting for all but trusted sites.




© 2014 DP's Security Bits.
WordPress Theme & Icons by N.Design Studio. Provided by WPMU DEV -The WordPress Experts   Hosted by Microsoft MVPs
Entries RSS Comments RSS Log in