Thursday, February 4, 2016

WordPress 4.4.2 Released

There has been released a new version of WordPress (blogging tool and content management system) which contains updates to two security vulnerabilities among a bunch of other bug fixes.

Affected versions:
WordPress versions earlier than 4.4.2

More information can be read from the WordPress blog.

Google Chrome Updated

Google have released version 48.0.2564.103 of their Chrome web browser. More information about the changes can be read in Google Chrome Releases blog.

Wednesday, January 27, 2016

Google Chrome Updated

Google have released version 48.0.2564.82 of their Chrome web browser. Among other fixes the new version contains 37 security vulnerability fixes. More information about changes in Google Chrome Releases blog.

Thursday, January 21, 2016

ESET Threat Radar Report for December 2015

ESET have published a report discussing global threats of December 2015.

TOP 10 threats list (previous ranking listed too):
1. Win32/Bundpil (1.)
2. JS/TrojanDownloader.Nemucod (-)
3. LNK/Agent.BZ (2.)
4. HTML/ScrInject (4.)
5. LNK/Agent.AV (5.)
6. LNK/Agent.BS (3.)
7. JS/TrojanDownloader.Iframe (6.)
8. Win32/Sality (7.)
9. Win32/Ramnit (8.)
10. INF/Autorun (10.)

Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Oracle Critical Patch Update For Q1 of 2016

Oracle have released updates for their products that fix 248 security issues (including 8 Java fixes) in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in April 2016.

Wednesday, January 13, 2016

Adobe Reader And Acrobat Security Updates

Adobe have released security updates to fix a bunch of vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat. The vulnerabilities could allow an attacker to take over the affected system.

Affected versions:
*Acrobat DC and Acrobat Reader DC, continuous track
version 15.009.20077 and earlier

*Acrobat DC and Acrobat Reader DC, classic track
version 15.006.30097 and earlier

*of series XI (11.x)
Adobe Reader 11.0.13 and earlier
Adobe Acrobat 11.0.13 and earlier

*of series X (10.x)
Adobe Reader 10.1.15 and earlier
Adobe Acrobat 10.1.15 and earlier

Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.

Note: Adobe Acrobat X and Adobe Reader X are no longer supported. Those should be replaced with supported version.

Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro

More information about fixed vulnerabilities can be read from Adobe's security bulletin.