Thursday, February 23, 2017

New PHP Versions Released

PHP development team has released 7.1.2 and 7.0.16 versions of the PHP scripting language. All PHP users are recommended to upgrade their versions to the latest release of the correspondent branch.

Changelogs:
Version 7.1.2
Version 7.0.16

Wednesday, February 15, 2017

Vulnerabilities Fixed In Adobe Campaign

Adobe have released a new version of their Adobe Campaign v6.11. The new version fixes two moderate vulnerabilities. One of those is security bypass which could be exploited by an authenticated user with access to the client console. Successful exploitation could lead to read and write access to the system (CVE-2017-2968). The other vulnerability is related to input validation and could be used in cross-site scripting attacks (CVE-2017-2969).

Affected versions are Adobe Campaign v6.11 16.4 Build 8724 and earlier versions on Windows and Linux. Users of affected versions should update their versions to the latest one (currently 16.8 Build 8757).

More information (including download instructions for new version) can be read from Adobe security bulletin.

Vulnerabilities Fixed In Adobe Digital Editions

Adobe have released a new version of their ebook reader software Adobe Digital Editions. The new version fixes critical memory corruption vulnerabilities that may allow an attacker to execute arbitrary code in vulnerable system.

Affected versions are Adobe Digital Editions 4.5.3 and earlier versions on Windows, Macintosh and Android. Users of affected versions should update their versions to the latest one (currently 4.5.4).

More information (including download instructions for new version) can be read from Adobe security bulletin.

Adobe Flash Player Update Available

Adobe have released updated versions of their Flash Player. The new versions fix a critical vulnerability that could potentially allow an attacker to take control of the affected system.

Affected versions:
- Users of Adobe Flash Player 24.0.0.194 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 24.0.0.221

- Users of Adobe Flash Player 24.0.0.194 and earlier versions for Linux should update to Adobe Flash Player 24.0.0.221

- Flash Player integrated with Google Chrome will be updated by Google via Chrome update

- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update


More information can be read from Adobe's security bulletin.

Saturday, February 11, 2017

ESET Monthly Threat Report: January 2017

ESET have published a report of top ten threats in January 2017

TOP 10 threats list (previous ranking listed too):
1. Win32/TrojanDownloader.Wauchos (2.)
2. JS/ProxyChanger (-)
3. Win64/TrojanDownloader.Wauchos (5.)
4. LNK/Agent.DA (3.)
5. Win32/Bundpil (4.)
6. JS/Danger.ScriptAttachment (1.)
7. HTML/FakeAlert (6.)
8. Win32/Adware.ELEX (-)
9. HTML/Refresh (7.)
10. Win32/Agent.XWT (-)

Complete report (with a description about each of the above listed threats) can be viewed here.

Symantec Intelligence Report: January 2017

Symantec have published their Intelligence report that sums up the latest threat trends for January 2017.

The report can be viewed here.

Sunday, February 5, 2017

Google Chrome Updated

Google have released a version 56.0.2924.87 of their Chrome web browser. More information about changes in Google Chrome Releases blog.