PREVIOUS GNEWS. 4 Patches – 12 bugs addressed Affecting Office, Visual Studio, BizTalk Other updates, MSRT, Defender Definitions, Junk Mail Filter 4 Security.

Slides:

Advertisements

Similar presentations

MP3 Critics Web-Based Music Downloading Services CSCI 110 Dr. Bowring Matt Lyons Jarrett Bouchette Brittany Bridges.

Advertisements

GHOST glibc gethostbyname() Vulnerability CVE Johannes B. Ullrich, Ph.D. SANS Technology Institute

PREVIOUS GNEWS. ? Patches – ? Critical – ? CVEs Affected – ? Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.

PREVIOUS GNEWS. 7 Patches – 3 Critical – 23 CVEs Affected – RDP, IE, Lync, Windows Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS

PREVIOUS GNEWS. 11 Patches – 5 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS IE, Remote Execution.

. 15 Patches / 32 Vulns – 9 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.

PREVIOUS GNEWS. 13 Patches – 5 Critical Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS

3 Patches – x bugs addressed Affecting Kernel, SChannel, DNS/WINS Other updates, MSRT, Defender Definitions, Junk Mail Filter 3 Security Patches - 1 Critical,

PREVIOUS GNEWS. 4 Patches – 9 bugs addressed Affecting Windows, SQL, Exchange (OWA) Other updates, MSRT, Defender Definitions, Junk Mail Filter 8 Security.

PREVIOUS GNEWS. Oct - 8 Patches – 3 Critical - 24 CVEs MS Cumulative Security Update for Internet Explorer MS NET Framework, Remote Code.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

PREVIOUS GNEWS "This is Gary Gnu... and the no gnews is good gnews show. The ONLY tv gnews show guar-an-TEED-- to contain NO gnews what-so-ever."

Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.

PREVIOUS GNEWS. Apr 4 Patches – 2 Critical – 11 CVEs MS Microsoft Word and Office Web Apps, Remote Code MS Cumulative Security Update.

Introduction to ITS SU. What we will cover ? Why it is important to you ? Netid account Printing SUmail Public Labs SURA/VPN AirOrangeX Getting.

PREVIOUS GNEWS. 4 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions,

PREVIOUS GNEWS. 11 Patches – bugs addressed Affecting Windows (all versions) Other updates, MSRT, Defender Definitions, Junk Mail Filter 11 Security Patches.

9 Patches – 2 Critical – 12 CVEs Affected – IE, Kernel, SharePoint, Remote Desktop, AD….. Other updates, MSRT, Defender Definitions, Junk Mail Filter.

PREVIOUS GNEWS. 6 Patches – 1 Critical – 22 CVEs Affected – IE. Kernel, Print, Office MS Cumulative Security Update for Internet Explorer MS

PREVIOUS GNEWS. 7 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions,

Security Overview for Microsoft Infrastructures Fred Baumhardt and James Noyce Infrastructure Solutions and Security Solutions Teams Microsoft Security.

PREVIOUS GNEWS. Patches – 1 Critical Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS DNS Server, DoS –MS Kernal Mode Driver,

PREVIOUS GNEWS. 8 Patches – 10 bugs addressed Affecting Project, Visio, DNS, GDI, Scripting, Activex, IE, Windows Other updates, MSRT, Defender Definitions,

PREVIOUS GNEWS. 7 Patches – 3 Critical – 23 CVEs Affected – Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Microsoft Word, Remote.

PREVIOUS GNEWS. 4 Patches – 2 bugs addressed Affecting Windows, Windows Servers, Other updates, MSRT, Defender Definitions, Junk Mail Filter, RootCert.

PREVIOUS GNEWS. 7 Patches – 3 Critical – 20 CVEs Affected – IE, Kernel, Visio, Silverlight Sarepoint,….. Other updates, MSRT, Defender Definitions, Junk.

PREVIOUS GNEWS. 2 Patches / 3 Vulns – 1 Critical Affecting Windows XP, Vista, 7, 2003, 2008 Other updates, MSRT, Defender Definitions, Junk Mail Filter.

Previous Gnews. 13 Patches – 8 Critical, Affects pretty much everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS SMBv2.

PREVIOUS GNEWS. 7 Patches – 11 bugs addressed Affecting Windows, Windows Servers, Vista, Media Player, DirectX, Macrovision (DRM) Other updates, MSRT,

PREVIOUS GNEWS. July - 6 Patches – 2 Critical - 27 CVEs MS Cumulative Security Update for IE, Remote Code MS – Windows Journal, Remote Code.

PREVIOUS GNEWS. 8 Patches – 3 Critical – 19+ CVEs Affected – GDI, Hyper-V, Outlook, Office, IE, Activex, and more MS Cumulative Security Update.

PREVIOUS GNEWS. 7 Patches – 1 Critical Affecting server builds and powerpoint Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.

PREVIOUS GNEWS. 6 Patches – 4 Critical – 19 CVEs Affected – Kernel, SQL, Kerberos, Word, HTML, SharePoint Other updates, MSRT, Defender Definitions, Junk.

P  e  i  Gne . 6 Patches, 12 bugs – 3 Critical, Affects Windows, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS

Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM

PREVIOUS GNEWS. 6 Patches – 4 Critical – 11 CVEs Affected – SQL, Visual Basic, Visual Foxpro, more… Other updates, MSRT, Defender Definitions, Junk Mail.

PREVIOUS GNEWS. Oct - ? Patches – ? Critical - ? CVEs Come Back Next Week Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.

PREVIOUS GNEWS. 4 Patches – x bugs addressed Affecting Windows, SQL, Office, Visual Studio,.Net Other updates, MSRT, Defender Definitions, Junk Mail Filter.

. 6 Patches, 15 bug – 3 Critical, Affects 2000, XP, Srv 2003 / 8, Vista, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter.

PREVIOUS GNEWS. Advanced Notification on Thursday Patch Tuesday.

. Next Week Yo! Patch Tuesday Java Multiple advisories and updates Openssl DoS in ASN1_STRING_print_ex() cisco ios DoS in Cisco Tunneling.

PREVIOUS GNEWS. –MS Microsoft XML Core Services, Remote Execution –MS Cumulative Security Update for Internet Explorer –MS Microsoft.

PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS Microsoft XML Core Services, Info Disclosure MS

PREVIOUS GNEWS. 7 Patches – 6 Critical – 35 CVEs Affected –.NET, GDI+, IE, Defender, DirectShow MS NET Framework and Silverlight, Remote Code.

PREVIOUS GNEWS. try again next week Patch Tuesday.

PREVIOUS GNEWS. 16 Patches / 49 Vulns – 4 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Cumulative.

Previous Gnews. 5 Patches – x bugs addressed Other updates, MSRT, Defender Definitions, Junk Mail Filter 5 Security Patches - 5 Critical –MS – JScript.

PREVIOU S GNEWS. May 7 Patches – 2 Critical - 70 CVEs MS Remote Desktop, Allow Tampering MS TCP Protocol, DoS MS Microsoft Lync.

PREVIOUS GNEWS A Hacker is You!. 1 Patches – 1 bugs addressed Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk.

PREVIOUS GNEWS. 4 Patches / 5 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE, SharePoint,.net Other updates, MSRT, Defender Definitions,

PREVIOUS GNEWS. Aug - 4 Patches – 1 Critical - 42 CVEs MS – IE Cumulative Security Update, Remote Code MS –.NET Framework, DoS MS –

PREVIOUS GNEWS. 2 Patches – 2 Important Affecting Windows Movie Maker, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS –

PREVIOUS GNEWS. 2 Patches – 2 Critical Affecting VB and Mail Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS – Visual Basic for.

PREVIOUS GNEWS. 3 Patches – 4 Critical – 53+ CVEs Affected – Kernel, AD, SharePoint, Office, and more MS Microsoft SharePoint Server, Remote Code.

Previous Gnews. Patch Tuesday April – 8 Patches (5 high/critical), Windows, Excel, ISA, IE, HTTP Services MS thru MS May – 1 Patch (critical)

PREVIOUS GNEWS. 2 Patches – bugs addressed Affecting Windows (all versions) Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.

PREVIOU S GNEWS. May 9 Patches – 3 Critical - 1 out of band – 14 CVEs MS Security Update for Internet Explorer MS SharePoint Server, Remote.

Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter 10 Security Patches - 6 Critical, 3 Important, 1 Moderate –MS Active.

PREVIOUS GNEWS. Aug - 9 Patches – 1 Critical - 37 CVEs MS Windows Media Center, Remote Code MS – SQL Server, Privilege Escalation MS

PREVIOUSLY GNEWS Patch Tuesday Nov - 12 Patches – 8 Critical – 60ish CVEs MS Cumulative Security Update for IE, Remote Code MS Cumulative.

PREVIOUSLY GNEWS. Patch Tuesday Aug - 13 Patches – 6 Critical - 57 CVEs MS Cumulative Security Update for IE (Aug Out of Band) MS Cumulative.

PREVIOUSLY GNEWS Patch Tuesday Jan – 10 (9) Patches – 6 Critical – 24ish CVEs MS Cumulative Security Update for IE, Remote Code MS Cumulative.

Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter Out of Band Patchs –MS – IE Cumulative Security Update / Activex –MS

Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.

PREVIOUS GNEWS. 8 Patches – 6 Critical – 19+ CVEs Affected – Kernel, AD, Exchange, Unicode, ICMP MS Security Update for Internet Explorer, Remote.

MICROSOFT OUTLOOK and Outlook service Provider

All images scavenged without permission

All images scavenged without permission

All images scavenged without permission

Java Programming Introduction

Presentation transcript:

PREVIOUS GNEWS

4 Patches – 12 bugs addressed Affecting Office, Visual Studio, BizTalk Other updates, MSRT, Defender Definitions, Junk Mail Filter 4 Security Patches - 4 Critical –MS – Excel - Remote Code Execution –MS – Outlook - Remote Code Execution –MS – Office - Remote Code Execution –MS – Office Web Components - Remote Code Execution Patch Tuesday

Holes / Patches Cisco ip phone, Multiple Vulns apache htpasswd predictable salt weakness openbsd dns cache poisoning opera version update Netscape 9 vulns BEA weblogic, Multiple Vulns Cold Boot RAM Hack Vista SP1 Delayed Mozilla info leak Apple ipv6 DoS

Hacking Chujwamwdupe not credited with vulnerability find by MS Rootkit.com off-line (relocation of server) cDc releases Goolag Google annonunces Summer of Code 2008 Gmail captcha cracked ‘Out of Office’ feature harnessed as spam engine Pantheon releases a true MS Vista activation crack Apps disable Vista ASLR feature (apple quicktime) Windows Firewire allows system access

Holes / Patches (more) Move networks streaming, Activex – Code Execution open bsd dos vmware esx mutli vuln LinkedIn used for spam Novell evolution, Code Execution old libs in google andriod Aurigma ActiveX, Buffer Overflow in photo uploader Cisco adopts regular patch cycle (only core and security) Real Player, Activex – Code Execution Java, Multiple Vulns (dos, code execution)

Corp. Hell SGI buys Linux Networx SCO goes private with 100 mil. financing 3COM bid on hold Verified Identity Pass offers 500 K for better airport security solution

Games Linux on Wii Gary Gygax, R.I.P.

Film / Music EU Proposes 95 year copyright for musical recordings Convert HD-DVD to Blu-Ray RIAA Training Video leaked to torrent University of San Francisco Law Clinic goes pro bono against RIAA

Follow-up to TSA laptop Searches, 5 things to know Protect America Act lapsed N-DEx Section 104 cut from PRO-IP Act RIAA ‘making available’ defense shot down in Connecticut Legal

Clam AV RSBAC OSSIM Windows 2008 sneak peek Aircrack-NG Free BSD 7 Open Office changes license to LGPLv3 Snort 2.8 something Updates

Pakistan DoS’ed YouTube Firefox developer uncovers Apple API thumb breakers WTF

CON Events Completed Cons –Ebay RedTeam, ? Feb / SanJose –Shmoocon, Feb / Washington DC –Black Hat DC, Feb / Washington DC –InfowarCon 2008, Mar / Bethesda MD –Infosec World, Mar / Orlando FL VOIP, GSM, RFID enabled CC

CON Events Future Cons –SOURCE Boston, Mar / Boston MA –Black Hat Europe, Mar / Amsterdam –CanSecWest 2008, Mar / Vancouver BC –CarolinaCon 4, Mar / Chapel Hill NC –Notacon 5, Apr / Cleveland OH –USENIX Usability, Psychology, and Security 2007, 14 Apr / San Francisco CA –Hack In The Box, Apr / Dubai –Infosecurity Europe 2008, 22 – 24 Apr / London

All images scavenged without permission