PREVIOUS GNEWS. 4 Patches – 2 bugs addressed Affecting Windows, Windows Servers, Other updates, MSRT, Defender Definitions, Junk Mail Filter, RootCert.

Slides:



Advertisements
Similar presentations
Computing Fundamentals
Advertisements

7 Effective Habits when using the Internet Philip O’Kane 1.
PREVIOUS GNEWS. ? Patches – ? Critical – ? CVEs Affected – ? Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.
PREVIOUS GNEWS. 7 Patches – 3 Critical – 23 CVEs Affected – RDP, IE, Lync, Windows Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS
Leveraging WinPE and Linux Preboot for Effective Provisioning Jonathan Richey | Director of Development | Altiris, Inc.
PREVIOUS GNEWS. 11 Patches – 5 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS IE, Remote Execution.
. 15 Patches / 32 Vulns – 9 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.
PREVIOUS GNEWS. 6 Patches – 9 bugs addressed Affecting Windows, Outlook Express / Windows Mail, Office, IE Other updates, MSRT, Defender Definitions,
PREVIOUS GNEWS. 13 Patches – 5 Critical Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS
3 Patches – x bugs addressed Affecting Kernel, SChannel, DNS/WINS Other updates, MSRT, Defender Definitions, Junk Mail Filter 3 Security Patches - 1 Critical,
PREVIOUS GNEWS. 4 Patches – 9 bugs addressed Affecting Windows, SQL, Exchange (OWA) Other updates, MSRT, Defender Definitions, Junk Mail Filter 8 Security.
PREVIOUS GNEWS. Oct - 8 Patches – 3 Critical - 24 CVEs MS Cumulative Security Update for Internet Explorer MS NET Framework, Remote Code.
Advanced Security Center Overview Northern Illinois University.
CMPTR1 CHAPTER 3 COMPUTER SOFTWARE Application Software – The programs/software/apps that we run to do things like word processing, web browsing, and games.
PREVIOUS GNEWS. Apr 4 Patches – 2 Critical – 11 CVEs MS Microsoft Word and Office Web Apps, Remote Code MS Cumulative Security Update.
PREVIOUS GNEWS. 4 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions,
PREVIOUS GNEWS. 11 Patches – bugs addressed Affecting Windows (all versions) Other updates, MSRT, Defender Definitions, Junk Mail Filter 11 Security Patches.
Kaseya Fundamentals Workshop Developed by Kaseya University Powered by IT Scholars Kaseya Version 6.5 Last updated March, 2014 DAY FOUR.
PREVIOUS GNEWS. 6 Patches – 1 Critical – 22 CVEs Affected – IE. Kernel, Print, Office MS Cumulative Security Update for Internet Explorer MS
PREVIOUS GNEWS. 7 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions,
PREVIOUS GNEWS. Patches – 1 Critical Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS DNS Server, DoS –MS Kernal Mode Driver,
Unit 5- Computer Software.  Identify how hardware & software interact  Explain how a software program works  Describe the difference between application.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
PREVIOUS GNEWS. 8 Patches – 10 bugs addressed Affecting Project, Visio, DNS, GDI, Scripting, Activex, IE, Windows Other updates, MSRT, Defender Definitions,
PREVIOUS GNEWS. 7 Patches – 3 Critical – 23 CVEs Affected – Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Microsoft Word, Remote.
PREVIOUS GNEWS. 7 Patches – 3 Critical – 20 CVEs Affected – IE, Kernel, Visio, Silverlight Sarepoint,….. Other updates, MSRT, Defender Definitions, Junk.
PREVIOUS GNEWS. 2 Patches / 3 Vulns – 1 Critical Affecting Windows XP, Vista, 7, 2003, 2008 Other updates, MSRT, Defender Definitions, Junk Mail Filter.
PREVIOUS GNEWS. 4 Patches – 12 bugs addressed Affecting Office, Visual Studio, BizTalk Other updates, MSRT, Defender Definitions, Junk Mail Filter 4 Security.
CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management Sebastien Dellabella, Rafal Otto Internet.
Previous Gnews. 13 Patches – 8 Critical, Affects pretty much everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS SMBv2.
PREVIOUS GNEWS. 7 Patches – 11 bugs addressed Affecting Windows, Windows Servers, Vista, Media Player, DirectX, Macrovision (DRM) Other updates, MSRT,
PREVIOUS GNEWS. July - 6 Patches – 2 Critical - 27 CVEs MS Cumulative Security Update for IE, Remote Code MS – Windows Journal, Remote Code.
PREVIOUS GNEWS. 8 Patches – 3 Critical – 19+ CVEs Affected – GDI, Hyper-V, Outlook, Office, IE, Activex, and more MS Cumulative Security Update.
PREVIOUS GNEWS. 7 Patches – 1 Critical Affecting server builds and powerpoint Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.
PREVIOUS GNEWS. 6 Patches – 4 Critical – 19 CVEs Affected – Kernel, SQL, Kerberos, Word, HTML, SharePoint Other updates, MSRT, Defender Definitions, Junk.
P  e  i  Gne . 6 Patches, 12 bugs – 3 Critical, Affects Windows, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS
PREVIOUS GNEWS. 6 Patches – 4 Critical – 11 CVEs Affected – SQL, Visual Basic, Visual Foxpro, more… Other updates, MSRT, Defender Definitions, Junk Mail.
PREVIOUS GNEWS. Oct - ? Patches – ? Critical - ? CVEs Come Back Next Week Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.
PREVIOUS GNEWS. 4 Patches – x bugs addressed Affecting Windows, SQL, Office, Visual Studio,.Net Other updates, MSRT, Defender Definitions, Junk Mail Filter.
. 6 Patches, 15 bug – 3 Critical, Affects 2000, XP, Srv 2003 / 8, Vista, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter.
PREVIOUS GNEWS. Advanced Notification on Thursday Patch Tuesday.
. Next Week Yo! Patch Tuesday Java Multiple advisories and updates Openssl DoS in ASN1_STRING_print_ex() cisco ios DoS in Cisco Tunneling.
PREVIOUS GNEWS. –MS Microsoft XML Core Services, Remote Execution –MS Cumulative Security Update for Internet Explorer –MS Microsoft.
PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS Microsoft XML Core Services, Info Disclosure MS
PREVIOUS GNEWS. 7 Patches – 6 Critical – 35 CVEs Affected –.NET, GDI+, IE, Defender, DirectShow MS NET Framework and Silverlight, Remote Code.
Microsoft Management Seminar Series SMS 2003 Change Management.
PREVIOUS GNEWS. try again next week Patch Tuesday.
PREVIOUS GNEWS. 16 Patches / 49 Vulns – 4 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Cumulative.
Previous Gnews. 5 Patches – x bugs addressed Other updates, MSRT, Defender Definitions, Junk Mail Filter 5 Security Patches - 5 Critical –MS – JScript.
PREVIOU S GNEWS. May 7 Patches – 2 Critical - 70 CVEs MS Remote Desktop, Allow Tampering MS TCP Protocol, DoS MS Microsoft Lync.
PREVIOUS GNEWS A Hacker is You!. 1 Patches – 1 bugs addressed Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk.
PREVIOUS GNEWS. 4 Patches / 5 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE, SharePoint,.net Other updates, MSRT, Defender Definitions,
PREVIOUS GNEWS. Aug - 4 Patches – 1 Critical - 42 CVEs MS – IE Cumulative Security Update, Remote Code MS –.NET Framework, DoS MS –
PREVIOUS GNEWS. 2 Patches – 2 Important Affecting Windows Movie Maker, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS –
PREVIOUS GNEWS. 2 Patches – 2 Critical Affecting VB and Mail Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS – Visual Basic for.
PREVIOUS GNEWS. 3 Patches – 4 Critical – 53+ CVEs Affected – Kernel, AD, SharePoint, Office, and more MS Microsoft SharePoint Server, Remote Code.
Previous Gnews. Patch Tuesday April – 8 Patches (5 high/critical), Windows, Excel, ISA, IE, HTTP Services MS thru MS May – 1 Patch (critical)
PREVIOUS GNEWS. 2 Patches – bugs addressed Affecting Windows (all versions) Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.
PREVIOU S GNEWS. May 9 Patches – 3 Critical - 1 out of band – 14 CVEs MS Security Update for Internet Explorer MS SharePoint Server, Remote.
Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter 10 Security Patches - 6 Critical, 3 Important, 1 Moderate –MS Active.
PREVIOUS GNEWS. Aug - 9 Patches – 1 Critical - 37 CVEs MS Windows Media Center, Remote Code MS – SQL Server, Privilege Escalation MS
PREVIOUSLY GNEWS. Patch Tuesday Aug - 13 Patches – 6 Critical - 57 CVEs MS Cumulative Security Update for IE (Aug Out of Band) MS Cumulative.
Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter Out of Band Patchs –MS – IE Cumulative Security Update / Activex –MS
Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.
PREVIOUS GNEWS. 8 Patches – 6 Critical – 19+ CVEs Affected – Kernel, AD, Exchange, Unicode, ICMP MS Security Update for Internet Explorer, Remote.
Macintosh & Linux Used to fill in pg 5 & 6 of “Operating Systems” Packet.
All images scavenged without permission
All images scavenged without permission
All images scavenged without permission
Java Programming Introduction
Presentation transcript:

PREVIOUS GNEWS

4 Patches – 2 bugs addressed Affecting Windows, Windows Servers, Other updates, MSRT, Defender Definitions, Junk Mail Filter, RootCert Vista USB Core rollup, Vista Reliability Patch Tuesday 2 Security Patches - 1 Critical, 1 Important –MS – Windows URI Handling (XP, 2003) - Remote Code Execution –MS – DNS Spoofing (2K server, 2003)

Holes / Patches Oracle Patch Release –51 patches, 40 remote, 13 with no auth –Local injections posted to milw0rm Oracle 0-day in XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure –Reported by idefense, code is available OpenBSD, DHCP DoS / possible code execution (patch available) OpenSS, DTLS DoS / possible code execution (patch available) RealPlayer, MPMedia.dll Code execution (patch available) AIX, Multiple local exploits (patch available) Lotus Notes, Multiple exploits (patch available, mostly) –Bug in wp6sr.dll not patched by ver. 8.0

DATA LOSS 25 + reported incidents Croucher Brewing Company in Rotorua, New Zealand –Beer for life (12-pack a day) for info leading to arrest on laptop theft

Holes / Patches (more) QuickTime, Multiple exploits (patch available) Apple, “First Trojan” –Fake codec download, requires user action Mozilla Firefox / SeaMonkey / Thunderbird, Multiple exploits (patch available) Opera, Multiple exploits (patch available) Firebird SQL, BO with overlong request, printf(), and process_packet() (patch available) Winamp, BO in FLAC processing (patch available) Kaspersky, Activex Scanner (patch available)

Hacking RNB –gets yet more publicity –system goes dark with domain registration withdrawl Pirate Bay buys ifpi.com –Legal battle quickly follows Elcomsoft files patent for using Video RAM for processing OSx86 Scene Forum release details on installing Leopard on a PC

Holes / Patches (again) SIP receiving increased attention –Multiple vulnerabilities, Vonage specifically named –SIP XSS SonicWall Activex, Multiple exploits (patch available) Symantec Anti-Virus for SMTP, Multiple exploits (patch available) Windows Mobile 5, Bug in SMS handler allows sender spoofing Update to iPone TIFF bug, exploit tool released Maxtor ships HDs with preinstalled trojans (Taiwan) Asterick SQL Injection in cdr_addon_mysql

Corp. Hell EA Games buys BioWare and Pandemic Encase buys Applied Watch McAfee buys ScanAlert (Hacker Safe) Symantec buys Vontu MS buys 1.6% stake of Facebook Govt. to step into 3Com / China deal Hushmail ponies up web-based logs to Feds –Full client version is still safe Apple announces iPhone SDK (Feb 2008) Verizon announces to share data / offers opt-out MS announces health record service / Google follows Google open phone coalition gets flamed from Symbian Viacom calls for copyright filtering standard

Film / Music Star Trek Prequel casting –Chris Pine – James T. Kirk –Eric Bana – Nero (villain) Viacom posts entire Daily Show archive (free) BluRay BD+ cracked Canada RCMP announce piracy for personal use is not their target. (must be this tall to ride...)

Papers DHS proposes ‘baseline’ for security skills MPAA Hacker tells all to Wired Magazine

Updates Mac OS X 10.5 Leopard Fedora 8 SIPVicious Kismet R1 Openssl 0.9.8g Netscape Gimp 2.4 Inguma (pentest toolkit) Honeytrap RFIDIOt 0.1q RFDump 1.5 Bunny 0.92 (fuzzer) Tor a Sqlmap 0.5 Maltego Java Framework (formerly evolution) OLPC opens “give one get one” program (ends Nov 26 th ) MS announce XP port for OLPC MS talks about Windows 7 at University of Illinois

Legal Bill calls for ID Theft Restitution Pirate Act reintroduced Govt. calls for free access to Judge rules RIAA “evidence” insufficient FISA Telecom bill placed on hold Schwarzenegger vetos PCI like bill Austria adopts use of fedware

CON Events Completed Cons –ToorCon 9, 19 – 21 Oct – San Diego CA –Phreaknic, Oct - Nashville TN –DayCon, 12 – 14 Oct – Dayton OH Future Cons –LISA, Nov Dallas TX –OWASP + WASC, Nov - San Jose CA –BreakPoint, Nov - Mexico –SecTor, 20 – 21 Nov – Toronto Canada –PacSec 2007, 29 – 30 Nov - Tokyo –Chaos Communication Congress, Dec Berlin

All images scavenged without permission