PREVIOUS GNEWS. 8 Patches – 10 bugs addressed Affecting Project, Visio, DNS, GDI, Scripting, Activex, IE, Windows Other updates, MSRT, Defender Definitions,

Slides:



Advertisements
Similar presentations
PREVIOUS GNEWS. ? Patches – ? Critical – ? CVEs Affected – ? Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.
Advertisements

PREVIOUS GNEWS. 7 Patches – 3 Critical – 23 CVEs Affected – RDP, IE, Lync, Windows Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS
PREVIOUS GNEWS. 11 Patches – 5 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS IE, Remote Execution.
. 15 Patches / 32 Vulns – 9 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.
PREVIOUS GNEWS. 13 Patches – 5 Critical Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS
3 Patches – x bugs addressed Affecting Kernel, SChannel, DNS/WINS Other updates, MSRT, Defender Definitions, Junk Mail Filter 3 Security Patches - 1 Critical,
PREVIOUS GNEWS. 4 Patches – 9 bugs addressed Affecting Windows, SQL, Exchange (OWA) Other updates, MSRT, Defender Definitions, Junk Mail Filter 8 Security.
PREVIOUS GNEWS. Oct - 8 Patches – 3 Critical - 24 CVEs MS Cumulative Security Update for Internet Explorer MS NET Framework, Remote Code.
CS Nathan Digangi.  Secret, undocumented routine embedded within a useful program  Execution of the program results in execution of secret code.
Advanced Security Center Overview Northern Illinois University.
Web server security Dr Jim Briggs WEBP security1.
PREVIOUS GNEWS "This is Gary Gnu... and the no gnews is good gnews show. The ONLY tv gnews show guar-an-TEED-- to contain NO gnews what-so-ever."
PREVIOUS GNEWS. Apr 4 Patches – 2 Critical – 11 CVEs MS Microsoft Word and Office Web Apps, Remote Code MS Cumulative Security Update.
PREVIOUS GNEWS. 4 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions,
To receive our video stream in LiveMeeting: - Click on “Voice & Video” - Click the drop down next to the camera icon - Select “Show Main Video” Dial-in.
PREVIOUS GNEWS. 11 Patches – bugs addressed Affecting Windows (all versions) Other updates, MSRT, Defender Definitions, Junk Mail Filter 11 Security Patches.
9 Patches – 2 Critical – 12 CVEs Affected – IE, Kernel, SharePoint, Remote Desktop, AD….. Other updates, MSRT, Defender Definitions, Junk Mail Filter.
PREVIOUS GNEWS. 6 Patches – 1 Critical – 22 CVEs Affected – IE. Kernel, Print, Office MS Cumulative Security Update for Internet Explorer MS
PREVIOUS GNEWS. 7 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions,
PREVIOUS GNEWS. Patches – 1 Critical Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS DNS Server, DoS –MS Kernal Mode Driver,
PREVIOUS GNEWS. 7 Patches – 3 Critical – 23 CVEs Affected – Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Microsoft Word, Remote.
PREVIOUS GNEWS. 4 Patches – 2 bugs addressed Affecting Windows, Windows Servers, Other updates, MSRT, Defender Definitions, Junk Mail Filter, RootCert.
PREVIOUS GNEWS. 7 Patches – 3 Critical – 20 CVEs Affected – IE, Kernel, Visio, Silverlight Sarepoint,….. Other updates, MSRT, Defender Definitions, Junk.
PREVIOUS GNEWS. 2 Patches / 3 Vulns – 1 Critical Affecting Windows XP, Vista, 7, 2003, 2008 Other updates, MSRT, Defender Definitions, Junk Mail Filter.
PREVIOUS GNEWS. 4 Patches – 12 bugs addressed Affecting Office, Visual Studio, BizTalk Other updates, MSRT, Defender Definitions, Junk Mail Filter 4 Security.
September 2015 LCCU Meeting How can you manage the Adobe Flash security risk? How can you keep Flash and other software updated? We’ll answers members’
Previous Gnews. 13 Patches – 8 Critical, Affects pretty much everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS SMBv2.
PREVIOUS GNEWS. 7 Patches – 11 bugs addressed Affecting Windows, Windows Servers, Vista, Media Player, DirectX, Macrovision (DRM) Other updates, MSRT,
PREVIOUS GNEWS. July - 6 Patches – 2 Critical - 27 CVEs MS Cumulative Security Update for IE, Remote Code MS – Windows Journal, Remote Code.
PREVIOUS GNEWS. 8 Patches – 3 Critical – 19+ CVEs Affected – GDI, Hyper-V, Outlook, Office, IE, Activex, and more MS Cumulative Security Update.
PREVIOUS GNEWS. 7 Patches – 1 Critical Affecting server builds and powerpoint Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.
PREVIOUS GNEWS. 6 Patches – 4 Critical – 19 CVEs Affected – Kernel, SQL, Kerberos, Word, HTML, SharePoint Other updates, MSRT, Defender Definitions, Junk.
P  e  i  Gne . 6 Patches, 12 bugs – 3 Critical, Affects Windows, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS
PREVIOUS GNEWS. 6 Patches – 4 Critical – 11 CVEs Affected – SQL, Visual Basic, Visual Foxpro, more… Other updates, MSRT, Defender Definitions, Junk Mail.
PREVIOUS GNEWS. Oct - ? Patches – ? Critical - ? CVEs Come Back Next Week Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.
PREVIOUS GNEWS. 4 Patches – x bugs addressed Affecting Windows, SQL, Office, Visual Studio,.Net Other updates, MSRT, Defender Definitions, Junk Mail Filter.
. 6 Patches, 15 bug – 3 Critical, Affects 2000, XP, Srv 2003 / 8, Vista, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter.
PREVIOUS GNEWS. Advanced Notification on Thursday Patch Tuesday.
. Next Week Yo! Patch Tuesday Java Multiple advisories and updates Openssl DoS in ASN1_STRING_print_ex() cisco ios DoS in Cisco Tunneling.
PREVIOUS GNEWS. –MS Microsoft XML Core Services, Remote Execution –MS Cumulative Security Update for Internet Explorer –MS Microsoft.
PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS Microsoft XML Core Services, Info Disclosure MS
PREVIOUS GNEWS. 7 Patches – 6 Critical – 35 CVEs Affected –.NET, GDI+, IE, Defender, DirectShow MS NET Framework and Silverlight, Remote Code.
PREVIOUS GNEWS. try again next week Patch Tuesday.
PREVIOUS GNEWS. 16 Patches / 49 Vulns – 4 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Cumulative.
Previous Gnews. 5 Patches – x bugs addressed Other updates, MSRT, Defender Definitions, Junk Mail Filter 5 Security Patches - 5 Critical –MS – JScript.
PREVIOU S GNEWS. May 7 Patches – 2 Critical - 70 CVEs MS Remote Desktop, Allow Tampering MS TCP Protocol, DoS MS Microsoft Lync.
PREVIOUS GNEWS A Hacker is You!. 1 Patches – 1 bugs addressed Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk.
PREVIOUS GNEWS. 4 Patches / 5 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE, SharePoint,.net Other updates, MSRT, Defender Definitions,
PREVIOUS GNEWS. Aug - 4 Patches – 1 Critical - 42 CVEs MS – IE Cumulative Security Update, Remote Code MS –.NET Framework, DoS MS –
PREVIOUS GNEWS. 2 Patches – 2 Important Affecting Windows Movie Maker, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS –
PREVIOUS GNEWS. 2 Patches – 2 Critical Affecting VB and Mail Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS – Visual Basic for.
PREVIOUS GNEWS. 3 Patches – 4 Critical – 53+ CVEs Affected – Kernel, AD, SharePoint, Office, and more MS Microsoft SharePoint Server, Remote Code.
Previous Gnews. Patch Tuesday April – 8 Patches (5 high/critical), Windows, Excel, ISA, IE, HTTP Services MS thru MS May – 1 Patch (critical)
PREVIOUS GNEWS. 2 Patches – bugs addressed Affecting Windows (all versions) Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.
PREVIOU S GNEWS. May 9 Patches – 3 Critical - 1 out of band – 14 CVEs MS Security Update for Internet Explorer MS SharePoint Server, Remote.
Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter 10 Security Patches - 6 Critical, 3 Important, 1 Moderate –MS Active.
PREVIOUS GNEWS. Aug - 9 Patches – 1 Critical - 37 CVEs MS Windows Media Center, Remote Code MS – SQL Server, Privilege Escalation MS
PREVIOUSLY GNEWS Patch Tuesday Nov - 12 Patches – 8 Critical – 60ish CVEs MS Cumulative Security Update for IE, Remote Code MS Cumulative.
PREVIOUSLY GNEWS. Patch Tuesday Aug - 13 Patches – 6 Critical - 57 CVEs MS Cumulative Security Update for IE (Aug Out of Band) MS Cumulative.
PREVIOUSLY GNEWS Patch Tuesday Jan – 10 (9) Patches – 6 Critical – 24ish CVEs MS Cumulative Security Update for IE, Remote Code MS Cumulative.
GNEWS, PREVIOUSLY Patch Tuesday Aug - 6 Patches – 3 Critical - 33 CVEs MS Cumulative Security Update for Internet Explorer MS Cumulative.
Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter Out of Band Patchs –MS – IE Cumulative Security Update / Activex –MS
Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.
PREVIOUS GNEWS Mar – 13 Patches – 6 Critical – 30 CVEs MS Cumulative Security Update for IE MS Cumulative Security Update for Microsoft.
PREVIOUS GNEWS. 8 Patches – 6 Critical – 19+ CVEs Affected – Kernel, AD, Exchange, Unicode, ICMP MS Security Update for Internet Explorer, Remote.
All images scavenged without permission
All images scavenged without permission
All images scavenged without permission
All images scavenged without permission
All images scavenged without permission
Presentation transcript:

PREVIOUS GNEWS

8 Patches – 10 bugs addressed Affecting Project, Visio, DNS, GDI, Scripting, Activex, IE, Windows Other updates, MSRT, Defender Definitions, Junk Mail Filter 8 Security Patches - 5 Critical, 3 Important –MS – Project - Remote Code Execution –MS – Visio - Remote Code Execution –MS – DNS - Spoofing –MS – GDI - Remote Code Execution –MS – VBScript / JScript - Remote Code Execution –MS – Update to Activex Kill Bits –MS – IE Cumulative update –MS – Kernel Update – Privilege Escalation

Holes / Patches Oracle Patches Scheduled for April 15 th Apple Security Page has a new look Apple Patches released for –Safari 3.1 –Bundle , 46 patches affecting 90+ CVEs –AirPort Extreme Base Station Firmware –Digital Camera RAW Compatibility Update 2.0 –QuickTime Unreleased iPhone already hacked –disables boot loader firmware check 2 Vulns in Safari, 1 allows code execution 3 Vulns in Asterisk, 1 allows code execution

Hacking P2P data leakage back in the news SCADA vulnerability database launched –Delphi, hosted by Wurldtech Security Technologies (closed membership) Zone-H drops defacement archive? Facebook privacy enhancements used to gain access to private photos Opus Palladianum (OP) new secure browser –University of Illinois Kraken Botnet bigger than Storm Sans April Fools Wrap Up

Holes / Patches (more) IE 5 an 6 FTP Command Injection Vista SP1 gets bad reviews Windows 2008 vulnerabilities bypass security features –No details released Multiple vulnerabilities in Firefox, Thunderbird, and SeaMonky Multiple Vulnerabilities in Opera Wireshark, multiple DoS vulnerabilities (tftp, ldap, sccp, and more) Cisco ACS for Windows, BO in /securecgi-bin/CSUserCGI.exe Multiple vulnerabilities in Cisco IOS, memory leak, DoS

Corp. Hell Peru begins teacher training for OLPC NVIDIA drivers bad for Vista –Reported cause for 28% of all crashes Sony / BMG sued for illegal software –PointDev system administration tools Feds ban IBM contracts / purchases –‘concerns raised about potential activities involving an EPA procurement‘

Film / Music New Futurama in June –‘The Beast with a Billion Backs’ Flat-Rate iTunes purchasing model? Canadian TV –CBC to use DRM free torrent distribution of primetime content RIAA Lawsuit –Includes provision to stop 'continuing to engage in criminal investigation of private American citizens'

Japanese ISP disconnect file sharers MI-5 wants Oyster Card data –British Public Transit Smart Card Foreign Intelligence Surveillance Act (FISA) –‘the FISA Amendments Act of 2008 or H.R. 3773, relaxes the requirement of emergency warrants’ Click and go directly to jail –FBI Child Porn Dragnet uses fake links and ads to target would be offenders Legal

SELinux build R Inguma (python pentest framework) Fwknop (single packet auth) looking glass (malware / process analysis) Photoshop Express Beta (free photoshop) –complaints spawn rewrite of TOS OpenOffice 2.4 Capture-HPC 2.1 Wireshark 1.0 freenet 0.7 (P2P) FireFox 3 beta 5 ProxyStrike 1.0 (web app proxy) Updates

UK wants DNA of potential offenders, as young as 5 Cat caught in dirty bomb scanner WTF

CON Events Completed Cons –SOURCE Boston, Mar / Boston MA –Black Hat Europe, Mar / Amsterdam –CanSecWest 2008, Mar / Vancouver BC –CarolinaCon 4, Mar / Chapel Hill NC –Notacon 5, Apr / Cleveland OH RECON announces CFP

CON Results Source – Source Boston videos on technologytroll.com Source – symbiotic vs. parasitic computing BH Europe – Operation System Security Metric, “0-day patch rate” BH Europe – Paterva presentation BH Europe – Christopher Tarnovsky, smart card hacker BH Europe – BioLogger PoC released, biometric capture and hack CanSecWest – Pwn2Own, Mac via Safari, Vista via Adobe CanSecWest – Photos (not so much of the con)

CON Events Future Cons –USENIX Usability, Psychology, and Security 2007, 14 Apr / San Francisco CA –Hack In The Box, Apr / Dubai –Trooper 08, 23 – 24 Apr / Munich –Infosecurity Europe 2008, 22 – 24 Apr / London –Interop, 27 Apr - 2 May / Las Vegas NV –Layerone, 17 – 18 May / Pasadena CA –DallasCon 2008, TBD / Dallas, TX –AusCERT 2008, May / Gold Coast AU –HOPE 7, July / New York NY

All images scavenged without permission

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.