Previous Gnews. Patch Tuesday April – 8 Patches (5 high/critical), Windows, Excel, ISA, IE, HTTP Services MS09-009 thru MS09-016 May – 1 Patch (critical)

Slides:

Advertisements

Similar presentations

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Advertisements

PREVIOUS GNEWS. ? Patches – ? Critical – ? CVEs Affected – ? Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS NEXT WEEK FOOL Patch.

PREVIOUS GNEWS "This is Gary Gnu... and the no gnews is good gnews show. The ONLY tv gnews show guar-an-TEED-- to contain NO gnews what-so-ever."

7 Effective Habits when using the Internet Philip O’Kane 1.

PREVIOUS GNEWS. ? Patches – ? Critical – ? CVEs Affected – ? Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.

PREVIOUS GNEWS. 7 Patches – 3 Critical – 23 CVEs Affected – RDP, IE, Lync, Windows Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS

PREVIOUS GNEWS. 11 Patches – 5 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS IE, Remote Execution.

. 15 Patches / 32 Vulns – 9 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.

PREVIOUS GNEWS. 13 Patches – 5 Critical Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS

3 Patches – x bugs addressed Affecting Kernel, SChannel, DNS/WINS Other updates, MSRT, Defender Definitions, Junk Mail Filter 3 Security Patches - 1 Critical,

PREVIOUS GNEWS. 4 Patches – 9 bugs addressed Affecting Windows, SQL, Exchange (OWA) Other updates, MSRT, Defender Definitions, Junk Mail Filter 8 Security.

PREVIOUS GNEWS. Oct - 8 Patches – 3 Critical - 24 CVEs MS Cumulative Security Update for Internet Explorer MS NET Framework, Remote Code.

Advanced Security Center Overview Northern Illinois University.

PREVIOUS GNEWS. Apr 4 Patches – 2 Critical – 11 CVEs MS Microsoft Word and Office Web Apps, Remote Code MS Cumulative Security Update.

PREVIOUS GNEWS. 4 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions,

PREVIOUS GNEWS. 11 Patches – bugs addressed Affecting Windows (all versions) Other updates, MSRT, Defender Definitions, Junk Mail Filter 11 Security Patches.

9 Patches – 2 Critical – 12 CVEs Affected – IE, Kernel, SharePoint, Remote Desktop, AD….. Other updates, MSRT, Defender Definitions, Junk Mail Filter.

PREVIOUS GNEWS. 6 Patches – 1 Critical – 22 CVEs Affected – IE. Kernel, Print, Office MS Cumulative Security Update for Internet Explorer MS

PREVIOUS GNEWS. 7 Patches – x bugs addressed Affecting Word, Outlook, Publisher, Jet DB Engine, IE, Windows Other updates, MSRT, Defender Definitions,

PREVIOUS GNEWS. Patches – 1 Critical Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS DNS Server, DoS –MS Kernal Mode Driver,

PREVIOUS GNEWS. 8 Patches – 10 bugs addressed Affecting Project, Visio, DNS, GDI, Scripting, Activex, IE, Windows Other updates, MSRT, Defender Definitions,

PREVIOUS GNEWS. 7 Patches – 3 Critical – 23 CVEs Affected – Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Microsoft Word, Remote.

PREVIOUS GNEWS. 4 Patches – 2 bugs addressed Affecting Windows, Windows Servers, Other updates, MSRT, Defender Definitions, Junk Mail Filter, RootCert.

PREVIOUS GNEWS. 7 Patches – 3 Critical – 20 CVEs Affected – IE, Kernel, Visio, Silverlight Sarepoint,….. Other updates, MSRT, Defender Definitions, Junk.

PREVIOUS GNEWS. 2 Patches / 3 Vulns – 1 Critical Affecting Windows XP, Vista, 7, 2003, 2008 Other updates, MSRT, Defender Definitions, Junk Mail Filter.

PREVIOUS GNEWS. 4 Patches – 12 bugs addressed Affecting Office, Visual Studio, BizTalk Other updates, MSRT, Defender Definitions, Junk Mail Filter 4 Security.

Previous Gnews. 13 Patches – 8 Critical, Affects pretty much everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS SMBv2.

PREVIOUS GNEWS. 7 Patches – 11 bugs addressed Affecting Windows, Windows Servers, Vista, Media Player, DirectX, Macrovision (DRM) Other updates, MSRT,

PREVIOUS GNEWS. July - 6 Patches – 2 Critical - 27 CVEs MS Cumulative Security Update for IE, Remote Code MS – Windows Journal, Remote Code.

PREVIOUS GNEWS. 8 Patches – 3 Critical – 19+ CVEs Affected – GDI, Hyper-V, Outlook, Office, IE, Activex, and more MS Cumulative Security Update.

CSCD 303 Essential Computer Security Spring 2013 Lecture 8 - Desktop Security OS Security Compared Reading: See References.

PREVIOUS GNEWS. 7 Patches – 1 Critical Affecting server builds and powerpoint Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Windows.

PREVIOUS GNEWS. 6 Patches – 4 Critical – 19 CVEs Affected – Kernel, SQL, Kerberos, Word, HTML, SharePoint Other updates, MSRT, Defender Definitions, Junk.

P  e  i  Gne . 6 Patches, 12 bugs – 3 Critical, Affects Windows, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS

PREVIOUS GNEWS. 6 Patches – 4 Critical – 11 CVEs Affected – SQL, Visual Basic, Visual Foxpro, more… Other updates, MSRT, Defender Definitions, Junk Mail.

PREVIOUS GNEWS. Oct - ? Patches – ? Critical - ? CVEs Come Back Next Week Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.

PREVIOUS GNEWS. 4 Patches – x bugs addressed Affecting Windows, SQL, Office, Visual Studio,.Net Other updates, MSRT, Defender Definitions, Junk Mail Filter.

. 6 Patches, 15 bug – 3 Critical, Affects 2000, XP, Srv 2003 / 8, Vista, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter.

PREVIOUS GNEWS. Advanced Notification on Thursday Patch Tuesday.

. Next Week Yo! Patch Tuesday Java Multiple advisories and updates Openssl DoS in ASN1_STRING_print_ex() cisco ios DoS in Cisco Tunneling.

PREVIOUS GNEWS. –MS Microsoft XML Core Services, Remote Execution –MS Cumulative Security Update for Internet Explorer –MS Microsoft.

PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS Microsoft XML Core Services, Info Disclosure MS

PREVIOUS GNEWS. 7 Patches – 6 Critical – 35 CVEs Affected –.NET, GDI+, IE, Defender, DirectShow MS NET Framework and Silverlight, Remote Code.

Convenience product security Collin Busch. What is a convenience product? A convenience product is a device or application that makes your life easier.

PREVIOUS GNEWS. try again next week Patch Tuesday.

PREVIOUS GNEWS. 16 Patches / 49 Vulns – 4 Critical Affecting most everything Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS Cumulative.

Previous Gnews. 5 Patches – x bugs addressed Other updates, MSRT, Defender Definitions, Junk Mail Filter 5 Security Patches - 5 Critical –MS – JScript.

PREVIOU S GNEWS. May 7 Patches – 2 Critical - 70 CVEs MS Remote Desktop, Allow Tampering MS TCP Protocol, DoS MS Microsoft Lync.

PREVIOUS GNEWS A Hacker is You!. 1 Patches – 1 bugs addressed Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk.

PREVIOUS GNEWS. 4 Patches / 5 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE, SharePoint,.net Other updates, MSRT, Defender Definitions,

CNIT 124: Advanced Ethical Hacking Ch 10: Client-Side Exploitation.

PREVIOUS GNEWS. Aug - 4 Patches – 1 Critical - 42 CVEs MS – IE Cumulative Security Update, Remote Code MS –.NET Framework, DoS MS –

PREVIOUS GNEWS. 2 Patches – 2 Important Affecting Windows Movie Maker, Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS –

PREVIOUS GNEWS. 2 Patches – 2 Critical Affecting VB and Mail Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS – Visual Basic for.

PREVIOUS GNEWS. 3 Patches – 4 Critical – 53+ CVEs Affected – Kernel, AD, SharePoint, Office, and more MS Microsoft SharePoint Server, Remote Code.

PREVIOUS GNEWS. 2 Patches – bugs addressed Affecting Windows (all versions) Other updates, MSRT, Defender Definitions, Junk Mail Filter Patch Tuesday.

PREVIOU S GNEWS. May 9 Patches – 3 Critical - 1 out of band – 14 CVEs MS Security Update for Internet Explorer MS SharePoint Server, Remote.

Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter 10 Security Patches - 6 Critical, 3 Important, 1 Moderate –MS Active.

PREVIOUS GNEWS. Aug - 9 Patches – 1 Critical - 37 CVEs MS Windows Media Center, Remote Code MS – SQL Server, Privilege Escalation MS

PREVIOUSLY GNEWS. Patch Tuesday Aug - 13 Patches – 6 Critical - 57 CVEs MS Cumulative Security Update for IE (Aug Out of Band) MS Cumulative.

GNEWS, PREVIOUSLY Patch Tuesday Aug - 6 Patches – 3 Critical - 33 CVEs MS Cumulative Security Update for Internet Explorer MS Cumulative.

GNEWS PREVIOUS. Patch Tuesday jul - x Patches – x Critical - x CVEs Releases Next Week.

Previous Gnews. Other updates, MSRT, Defender Definitions, Junk Mail Filter Out of Band Patchs –MS – IE Cumulative Security Update / Activex –MS

Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.

PREVIOUS GNEWS. 8 Patches – 6 Critical – 19+ CVEs Affected – Kernel, AD, Exchange, Unicode, ICMP MS Security Update for Internet Explorer, Remote.

All images scavenged without permission

Nessus Vulnerability Scanning

All images scavenged without permission

All images scavenged without permission

All images scavenged without permission

Presentation transcript:

Previous Gnews

Patch Tuesday April – 8 Patches (5 high/critical), Windows, Excel, ISA, IE, HTTP Services MS thru MS May – 1 Patch (critical) Office Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS – MS Office PowerPoint, Remote Execution

Oracle Quarterly Release, 43 bugs patched Apple / OS X Safari / 4 Public Beta Firefox ….blah blah blah monthly update of web browsers sctp_houdini.c, remote kernal exploit Charles Miller, shellcode on iPhone Divx WebPlayer, allows code execution Windows changes AutoRun in wake of ConFicker Holes / Patches

Hacking MS PoC posted to Milw0rm Adobe exploits / PoC posted to Milw0rm PIN Block cracking Cell Phone Treasure, German made Nokia 1100 –Hi-jack one time passwords for bank transactions Dallas Cops get socialed –“Ryan Caskey” rides shotgun while armed Govt. Commissions secure XP configuration –Local policy template?? Mac based bot net, iServices trojan  iWork, Photoshop CS4 TippingPoint DVLabs calls out Black Security –GDI+EMF vulnerability (ms I think)

Books

Corp. Hell Oracle acquires Sun Symantec buys Mi5 DHS recruiting WhiteHats Secunia challlenges vendors for standard update API –"90 percent of vulnerabilities on Windows machines are in third-party applications.“ Yahoo drops Geocities Apple / Twitter love tirangle

WTF Pig Breeding Patented

Updates process hacker bind 10 dev begins curuncula - rootkit detection mobiusft forensics Fiddler Screenstamp Charles proxy

Interop, 27 Apr - 2 May / Las Vegas NV Layerone, 17 – 18 May / Pasadena CA MS BlueHat Spring 2008, May / Redmond WA Black Hat USA, 25 – 30 July / Las Vegas NV DefCon, 31 July – 2 Aug / Las Vegas NV

All images scavenged without permission