Sunday, December 30, 2012

Unpatched Vulnerability In Internet Explorer

There has been found a vulnerability in Microsoft Internet Explorer that may allow an attacker to execute arbitrary code in vulnerable system. The vulnerability is currently actively exploited. Internet Explorer 9 and 10 are not known to be affected by this vulnerability.

At the moment, there is no patch released againts the vulnerability. About workarouds can be read here.

Update:
Microsoft have released  MS13-008 to fix this issue.

Saturday, December 22, 2012

ESET Global Threat Report for November 2012

ESET has released a report discussing global threats of November 2012.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. HTML/ScrInject.B (4.)
3. Win32/Conficker (3.)
4. HTML/Iframe.B (2.)
5. Win32/Qhost (7.)
6. Win32/Sirefef (5.)
7. Win32/Dorkbot (6.)
8. JS/TrojanDownloader.Iframe.NKE (8.)
9. JS/Exploit.Pdfka (16.)
10. Win32/Ramnit (10.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Thursday, December 20, 2012

Opera 12.12 Released

Opera Software has released an update for their Opera web browser. Version 12.12 contains fixes to three security vulnerabilities.

critical:
* Fixed an issue where malformed GIF images could allow execution of arbitrary code; advisory

high:
* Fixed an issue where private data could be disclosed to other computer users, or be modified by them (only Linux/Unix version affected); advisory

low:
* Fixed an issue where repeated attempts to access a target site could trigger address field spoofing; advisory


Opera users are strongly recommended to update to the latest version. New version can be downloaded here.

Sunday, December 16, 2012

Symantec Intelligence Report: November 2012

Symantec has published their Intelligence report that sums up the latest threat trends for November 2012.

Report highlights:
- Spam – 68.8 percent (an increase of 4.0 percentage points since October)
- Phishing – One in 445.1 emails identified as phishing (a decrease of 0.124 percentage points since October)
- Malware – One in 255.8 emails contained malware (an decrease of 0.05 percentage points since October)
- Malicious websites – 1,847 websites blocked per day (an increase of 97.9 percent since October)
- A look at identities lost in data breaches
- Spam as a holiday tradition



The report can be viewed here.

Friday, December 14, 2012

Security Fixes To Chrome

Google have released version 23.0.1271.97 of their Chrome web browser. New version contains updated version of Adobe Flash and fixes to six vulnerabilities:
- one critical (CVE-2012-5142)
- three high (CVE-2012-5139, CVE-2012-5140, CVE-2012-5144)
- two medium (CVE-2012-5141, CVE-2012-5143)

More information in Google Chrome Releases blog.

Adobe Flash Player and Adobe AIR Updates Available

Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
- Users of Adobe Flash Player 11.5.502.110 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 11.5.502.135
- Users of Adobe Flash Player 11.2.202.251 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.258
- Users of Adobe Flash Player 11.1.115.27 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.34 (applicable only for Flash Player installed before August 15, 2012)
- Users of Adobe Flash Player 11.1.111.24 and earlier versions for Android 3.x and 2.x versions should update to Flash Player 11.1.111.29 (applicable only for Flash Player installed before August 15, 2012)
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 will be updated via Windows Update
- Users of Adobe AIR 3.5.0.600 for Windows and Macintosh, SDK (including AIR for iOS) and Android should update to Adobe AIR 3.5.0.880 (Windows) or Adobe AIR 3.5.0.890 (Mac).

More information can be read from Adobe's security bulletin.

Tuesday, December 11, 2012

Microsoft Security Updates For December 2012

Microsoft have released security updates for December 2012. This month update contains seven security bulletins of which five critical and two important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Monday, December 10, 2012

Kaspersky Year 2012 Threat Analysis Report

Kaspersky Lab have published their annual threat analysis report covering the biggest issues faced by corporate and individual users alike as a result of malware, potentially harmful programs, crimeware, spam, phishing and other different types of hacker activity.

Kaspersky's Top 10 security incidents in 2012 is following:
1. Flashback hits Mac OS X
2. Flame and Gauss: nation-state cyber-espionage campaigns
3. The explosion of Android threats
4. The LinkedIn, Last.fm, Dropbox and Gamigo password leaks
5. The Adobe certificates theft and the omnipresent APT
6. The DNSChanger shutdown
7. The Ma(h)di incident
8. The Java 0-days
9. Shamoon
10. The DSL modems, Huawei banning and hardware hacks

About these and Kaspersky security forecast for 2013 can be read in the report here.

Tuesday, December 4, 2012

New Version of Chrome Released

Google have released version 23.0.1271.95 of their Chrome web browser. New version contains fixes to two vulnerabilities:
- two high (CVE-2012-5138, CVE-2012-5137)

More information in Google Chrome Releases blog.

Wednesday, November 28, 2012

Security Fixes To Chrome

Google have released version 23.0.1271.91 of their Chrome web browser. New version contains fixes to seven vulnerabilities:
- three high (CVE-2012-5131, CVE-2012-5133, CVE-2012-5134)
- three medium (CVE-2012-5130, CVE-2012-5135, CVE-2012-5136)
- one low (CVE-2012-5132)

More information in Google Chrome Releases blog.

Thursday, November 22, 2012

Opera 12.11 Released

Opera Software has released an update for their Opera web browser. Version 12.11 contains fixes to two security vulnerabilities.

high:
* Fixed an issue where HTTP response heap buffer overflow could allow execution of arbitrary code; advisory

low:
* Fixed an issue where error pages could be used to guess local file paths; advisory


Opera users are strongly recommended to update to the latest version. New version can be downloaded here.

Wednesday, November 21, 2012

Updates For Mozilla Products

Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which six categorized as critical, eight as high and one as moderate.

Affected products are:
- Mozilla Firefox earlier than 17.0
- Mozilla Firefox ESR earlier than 10.0.11
- Mozilla Thunderbird earlier than 17.0
- Mozilla Thunderbird ESR earlier than 10.0.11
- Mozilla SeaMonkey earlier than 2.14

Links to the security advisories with details about addressed security issues:
MFSA 2012-106 Use-after-free, buffer overflow, and memory corruption issues found using Address Sanitizer
MFSA 2012-105 Use-after-free and buffer overflow issues found using Address Sanitizer
MFSA 2012-104 CSS and HTML injection through Style Inspector
MFSA 2012-103 Frames can shadow top.location
MFSA 2012-102 Script entered into Developer Toolbar runs with chrome privileges
MFSA 2012-101 Improper character decoding in HZ-GB-2312 charset
MFSA 2012-100 Improper security filtering for cross-origin wrappers
MFSA 2012-99 XrayWrappers exposes chrome-only properties when not in chrome compartment
MFSA 2012-98 Firefox installer DLL hijacking
MFSA 2012-97 XMLHttpRequest inherits incorrect principal within sandbox
MFSA 2012-96 Memory corruption in str_unescape
MFSA 2012-95 Javascript: URLs run in privileged context on New Tab page
MFSA 2012-94 Crash when combining SVG text on path with CSS
MFSA 2012-93 evalInSanbox location context incorrectly applied
MFSA 2012-92 Buffer overflow while rendering GIF images
MFSA 2012-91 Miscellaneous memory safety hazards (rv:17.0/ rv:10.0.11)


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Tuesday, November 20, 2012

Symantec Intelligence Report: October 2012

Symantec has published their Intelligence report that sums up the latest threat trends for October 2012.

Report highlights:
- Spam – 64.8 percent (a decrease of 10.2 percentage points since September)
- Phishing – One in 286.9 emails identified as phishing (a decrease of 0.059 percentage points since September)
- Malware – One in 229.4 emails contained malware (a decrease of 0.04 percentage points since September)
- Malicious websites – 933 websites blocked per day (an increase of 19.7 percent since September)
- Scammers attempt to leverage Instagram
- Why global spam rates are down this month
- The evolution of Ransomware
- Other stories in the threat landscape this month



The report can be viewed here.

ESET Global Threat Report for October 2012

ESET has released a report discussing global threats of October 2012.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. HTML/Iframe.B (3.)
3. Win32/Conficker (4.)
4. HTML/ScrInject.B (2.)
5. Win32/Sirefef (5.)
6. Win32/Dorkbot (7.)
7. Win32/Qhost (8.)
8. JS/TrojanDownloader.Iframe.NKE (9.)
9. Win32/Sality (10.)
10. Win32/Ramnit (28.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Wednesday, November 14, 2012

Microsoft Security Updates For November 2012

Microsoft have released security updates for November 2012. This month update contains six security bulletins of which four critical, one important and one moderate.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Thursday, November 8, 2012

QuickTime 7.7.3 Released

Apple have released a new version of their QuickTime. Version 7.7.3 contains fixes for a bunch of vulnerabilities that could be exploited to run arbitrary code in target system.

QuickTime users with version older than 7.7.3 should update to the latest one available.

More information about security content of QuickTime 7.7.3 can be read here.

Chrome Update Available

Google have released version 23.0.1271.64 of their Chrome web browser. New version contains fixes to 14 vulnerabilities:
- six high (CVE-2012-5115 (Mac OS), CVE-2012-5116, CVE-2012-5118 (Mac OS), CVE-2012-5121, CVE-2012-5124, CVE-2012-5128)
- seven medium (CVE-2012-5127, CVE-2012-5120 (Linux 64-bit), CVE-2012-5119, CVE-2012-5122, CVE-2012-5123, CVE-2012-5125, CVE-2012-5126)
- one low (CVE-2012-5117)

More information in Google Chrome Releases blog.

Tuesday, November 6, 2012

New Opera Version Available

Opera Software has released an update for their Opera web browser. Among some new features version 12.10 contains fixes to six security vulnerabilities.

critical:
* Fixed an issue where specially crafted SVG images could allow execution of arbitrary code; advisory

high:
* Fixed an issue where CORS requests could incorrectly retrieve contents of cross origin pages; advisory
* Fixed an issue where data URIs could be used to facilitate Cross-Site Scripting; advisory
* Fixed a high severity issue, as reported by Gareth Heyes; details will be disclosed at a later date

moderate:
* Fixed an issue that could cause Opera not to correctly check for certificate revocation; advisory
* Fixed a moderate severity issue, as reported by the Google Security Group; details will be disclosed at a later date

Opera users are strongly recommended to update to the latest version. New version can be downloaded here.

Flash Player and AIR Update Available

Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
- Users of Adobe Flash Player 11.4.402.287 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 11.5.502.110
- Users of Adobe Flash Player 11.2.202.243 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.251
- Users of Adobe Flash Player 11.1.115.20 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.27 (applicable only for Flash Player installed before August 15, 2012)
- Users of Adobe Flash Player 11.1.111.19 and earlier versions for Android 3.x and 2.x versions should update to Flash Player 11.1.111.24 (applicable only for Flash Player installed before August 15, 2012)
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 will be updated via Windows Update
- Users of Adobe AIR 3.4.0.2710 for Windows and Macintosh, SDK (including AIR for iOS) and Android should update to Adobe AIR 3.5.0.600.

More information can be read from Adobe's security bulletin.

Monday, October 29, 2012

Critical Update To Mozilla Products

Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a critical vulnerability (MFSA 2012-90).

Affected products are:
- Mozilla Firefox earlier than 16.0.2
- Mozilla Firefox ESR earlier than 10.0.10
- Mozilla Thunderbird earlier than 16.0.2
- Mozilla Thunderbird ESR earlier than 10.0.10
- Mozilla SeaMonkey earlier than 2.13.2


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Friday, October 26, 2012

Adobe Shockwave Player Update Available

Adobe have released an updated version of their Shockwave Player. The new version fixes several security vulnerabilities. The update is categorized as critical with priority level as 2.

Users of Adobe Shockwave Player 11.6.7.637 and earlier should update to Adobe Shockwave Player 11.6.8.638.

More about fixed vulnerabilities and other information can be read from Adobe's security bulletin.

Wednesday, October 17, 2012

Java Security Updates From Oracle

Oracle have released update for Java JRE & JDK and JavaFX. The update fixes 30 vulnerabilities.

Affected versions are:
- Java 7 JRE and JDK update 7 and earlier
- Java 6 JRE and JDK update 35 and earlier
- Java 5.0 JRE and JDK update 36 and earlier
- Java 1.4.2 JRE and JDK update 38 and earlier
- JavaFX 2.2 and earlier

More information about the update can be read from Java critical patch update document.

Java users are recommended to update their versions to the latest one available as soon as possible.

Oracle Critical Patch Update For Q4 of 2012

Oracle have released updates for their products that fix 109 security issues in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in January 2013.

Tuesday, October 16, 2012

ESET Global Threat Report for September 2012

ESET has released a report discussing global threats of September 2012.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. HTML/ScrInject.B (2.)
3. HTML/Iframe.B (5.)
4. Win32/Conficker (3.)
5. Win32/Sirefef (4.)
6. JS/Iframe (6.)
7. Win32/Dorkbot (7.)
8. Win32/Qhost (8.)
9. JS/TrojanDownloader.Iframe.NKE (9.)
10. Win32/Sality (10.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Symantec Intelligence Report: September 2012

Symantec has published their Intelligence report that sums up the latest threat trends for September 2012.

Report highlights:
- Spam – 75.0 percent (an increase of 2.7 percentage points since August)
- Phishing – One in 245.4 emails identified as phishing (an increase of 0.088 percentage points since August)
- Malware – One in 211.0 emails contained malware (an increase of 0.04 percentage points since August)
- Malicious websites – 780 websites blocked per day (a decrease of 29.1 percent since August)
- A look at how attackers administer malicious Web servers
- An innovative Android app that’s too good to be true



The report can be viewed here.

Saturday, October 13, 2012

Mozilla Security Updates Available

Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which 13 categorized as critical and three as high.

Affected products are:
- Mozilla Firefox earlier than 16.0.1
- Mozilla Firefox ESR earlier than 10.0.9
- Mozilla Thunderbird earlier than 16.0.1
- Mozilla Thunderbird ESR earlier than 10.0.9
- Mozilla SeaMonkey earlier than 2.13.1

Links to the security advisories with details about addressed security issues:
MFSA 2012-89 defaultValue security checks not applied
MFSA 2012-88 Miscellaneous memory safety hazards (rv:16.0.1)
MFSA 2012-87 Use-after-free in the IME State Manager
MFSA 2012-86 Heap memory corruption issues found using Address Sanitizer
MFSA 2012-85 Use-after-free, buffer overflow, and out of bounds read issues found using Address Sanitizer
MFSA 2012-84 Spoofing and script injection through location.hash
MFSA 2012-83 Chrome Object Wrapper (COW) does not disallow acces to privileged functions or properties
MFSA 2012-82 top object and location property accessible by plugins
MFSA 2012-81 GetProperty function can bypass security checks
MFSA 2012-80 Crash with invalid cast when using instanceof operator
MFSA 2012-79 DOS and crash with full screen and history navigation
MFSA 2012-78 Reader Mode pages have chrome privileges
MFSA 2012-77 Some DOMWindowUtils methods bypass security checks
MFSA 2012-76 Continued access to initial origin after setting document.domain
MFSA 2012-75 select element persistance allows for attacks
MFSA 2012-74 Miscellaneous memory safety hazards (rv:16.0/ rv:10.0.8)


Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Thursday, October 11, 2012

Microsoft Security Intelligence Report Volume 13 Released

Microsoft have released volume 13 of their Security Intelligence Report (SIR)). The Security Intelligence Report (SIR) is an investigation of the current threat landscape. The report can be downloaded here.

Wednesday, October 10, 2012

Chrome Update Available

Google have released version 22.0.1229.92 of their Chrome web browser. New version contains fixes to five vulnerabilities:
- one critical (CVE-2012-5108)
- one high (CVE-2012-2900)
- two medium (CVE-2012-5109, CVE-2012-5110)
- one low (CVE-2012-5111)

More information in Google Chrome Releases blog.

Microsoft Security Updates For October 2012

Microsoft have released security updates for October 2012. This month update contains seven security bulletins of which one critical and six important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Tuesday, October 9, 2012

Flash Player and AIR Update Available

Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Affected versions: - Users of Adobe Flash Player 11.4.402.278 and earlier versions for Windows should update to Adobe Flash Player 11.4.402.287
- Users of Adobe Flash Player 11.4.402.265 and earlier versions for Macintosh should update to Adobe Flash Player 11.4.402.287
- Users of Adobe Flash Player 11.2.202.238 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.243
- Users of Adobe Flash Player 11.1.115.17 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.20 (applicable only for Flash Player installed before August 15, 2012)
- Users of Adobe Flash Player 11.1.111.16 and earlier versions for Android 3.x and 2.x versions should update to Flash Player 11.1.111.19 (applicable only for Flash Player installed before August 15, 2012)
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 will be updated via Windows Update
- Users of Adobe AIR 3.4.0.2540 for Windows and Macintosh should update to Adobe AIR 3.4.0.2710
- Users of the Adobe AIR 3.4.0.2540 SDK (includes AIR for iOS) should update to the Adobe AIR 3.4.0.2710 SDK
- Users of the Adobe AIR 3.4.0.2540 and earlier versions for Android should update to the Adobe AIR 3.4.0.2710

More information can be read from Adobe's security bulletin.

Monday, October 8, 2012

Regulators Close Down Global Phone Tech Support Scam

Regulators from five countries joined forces together in an operation to shut down a global criminal network that allegedly bilked tens of thousands of consumers by pretending to be tech support providers.

"The scam involved cold callers who claimed to work for major technology companies, such as Microsoft or Google, and who told consumers they had viruses on their PCs, according to regulators. The callers would attempt to dupe users into giving them remote access to their computers, locking the user out while attempting to "fix" the malware that the scammer claimed was on the machine."


CNET article can be read here.

Thursday, September 27, 2012

New Chrome Version Available

Google have released version 22.0.1229.79 of their Chrome web browser. New versions contain big bunch of vulnerability fixes:
- critical, outside of Chrome (CVE-2012-2897)
- 15 high (CVE-2012-2889, CVE-2012-2886, CVE-2012-2881, CVE-2012-2876, CVE-2012-2883, CVE-2012-2887, CVE-2012-2888, CVE-2012-2894, CVE-2012-2896 (Mac only), CVE-2012-2874, CVE-2012-2878, CVE-2012-2882, CVE-2012-2893, CVE-2012-2895, CVE-2012-2890)
- five medium (CVE-2012-2877, CVE-2012-2884, CVE-2012-2875, CVE-2012-2880, CVE-2012-2885)
- three low (CVE-2012-2879, CVE-2012-2891, CVE-2012-2892)

More information in Google Chrome Releases blog.

Saturday, September 22, 2012

Critical Vulnerability In Internet Explorer

There has been found a critical vulnerability affecting Internet Explorer versions 6 thru 9. By exploiting the vulnerability attacker may be able to execute arbitrary code in affected system. Microsoft have released a fix to address the vulnerability. More information about this in security bulletin MS12-063.

Thursday, September 20, 2012

Symantec Intelligence Report: August 2012

Symantec has published their Intelligence report that sums up the latest threat trends for August 2012.

Report highlights:
- Spam – 72.3 percent (an increase of 4.7 percentage points since July)
- Phishing – One in 312.9 emails identified as phishing (an increase of 0.109 percentage points since July)
- Malware – One in 233.1 emails contained malware (a decrease of 0.14 percentage points since July)
- Malicious Web sites – 1,099 websites blocked per day (a decrease of 49.8 percent since July)
- The state of data breaches to date in 2012
- A look at a malicious email scam that pretends to come from Symantec
- A new Java zero-day vulnerability appears in the wild
- An overview of the Elderwood Project



The report can be viewed here.

Thursday, September 13, 2012

ITunes 10.7 Released

Apple has released version 10.7 of their iTunes media player. New version fixes in total 163 security vulnerabilities including ones that could allow an attacker to execute arbitrary code in target system.

More information about the security content of iTunes 10.7 can be read from related security advisory.

Old version users should update to the latest one available.

Wednesday, September 12, 2012

RealPlayer Update

RealNetworks has released updated version of their RealPlayer. New version contains fixes to nine vulnerabilities.

Users of affected versions are advised to update their RealPlayer to the latest one available. More information can be read from related security advisory.

WordPress 3.4.2 Released

There's been released a new version of WordPress which contains updates to security vulnerabilities and also some security hardening. More information can be read from WordPress blog.

Microsoft Security Updates For September 2012

Microsoft has released security updates for September 2012. This month update contains two security bulletins of which both are categorized as important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Monday, September 10, 2012

ESET Global Threat Report for August 2012

ESET has released a report discussing global threats of August 2012.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. HTML/ScrInject.B (2.)
3. Win32/Conficker (3.)
4. Win32/Sirefef (4.)
5. HTML/Iframe.B (11.)
6. JS/Iframe (9.)
7. Win32/Dorkbot (5.)
8. Win32/Qhost (21.)
9. JS/TrojanDownloader.Iframe.NKE (7.)
10. Win32/Sality (6.)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Wednesday, September 5, 2012

Chrome Update Available

Google have released version 21.0.1180.89 of their Chrome web browser. New versions contain fixes to eight vulnerabilities:
- three high (CVE-2012-2866, CVE-2012-2869, CVE-2012-2871)
- three medium (CVE-2012-2865, CVE-2012-2868, CVE-2012-2872)
- two low (CVE-2012-2867, CVE-2012-2870)

More information in Google Chrome Releases blog.

Friday, August 31, 2012

Mozilla Security Updates

Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address 16 vulnerabilities of which seven categorized as critical, six as high and three as moderate.

Affected products are:
- Mozilla Firefox earlier than 15
- Mozilla Firefox ESR earlier than 10.0.7
- Mozilla Thunderbird earlier than 15
- Mozilla Thunderbird ESR earlier than 10.0.7
- Mozilla SeaMonkey earlier than 2.12

Links to the security advisories with details about addressed security issues:
MFSA 2012-72 Web console eval capable of executing chrome-privileged code
MFSA 2012-71 Insecure use of __android_log_print
MFSA 2012-70 Location object security checks bypassed by chrome code
MFSA 2012-69 Incorrect site SSL certificate data display
MFSA 2012-68 DOMParser loads linked resources in extensions when parsing text/html
MFSA 2012-67 Installer will launch incorrect executable following new installation
MFSA 2012-66 HTTPMonitor extension allows for remote debugging without explicit activation
MFSA 2012-65 Out-of-bounds read in format-number in XSLT
MFSA 2012-64 Graphite 2 memory corruption
MFSA 2012-63 SVG buffer overflow and use-after-free issues
MFSA 2012-62 WebGL use-after-free and memory corruption
MFSA 2012-61 Memory corruption with bitmap format images with negative height
MFSA 2012-60 Escalation of privilege through about:newtab
MFSA 2012-59 Location object can be shadowed using Object.defineProperty
MFSA 2012-58 Use-after-free issues found using Address Sanitizer
MFSA 2012-57 Miscellaneous memory safety hazards (rv:15.0/ rv:10.0.7)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Monday, August 27, 2012

Security Update For Adobe Flash Player And AIR

Adobe has released updated versions of Flash Player and AIR. The new versions fix critical memory handling related vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.


Affected versions:
- Adobe Flash Player 11.3.300.271 and earlier
- Adobe Flash Player 11.1.115.11 and earlier Android 4.x
- Adobe Flash Player 11.1.111.10 and earlier Android 3.x- and 2.x
- Adobe AIR 3.3.0.3670 and earlier
- Adobe AIR 3.3.0.3690 SDK and earlier
- Adobe AIR 3.3.0.3650 and earlier for Android

Recommended action:
- Adobe Flash Player 11.3.300.271 and earlier Windows and Macintosh versions: version 11.4.402.265 recommended
- Adobe Flash Player 11.2.202.236 and earlier for Linux: version 11.2.202.238 recommended
-Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Adobe Flash Player 11.1.115.11 and earlier for Android 4.x: version 11.1.115.17 recommended
- Adobe Flash Player 11.1.111.10 and earlier for Android 3.x and earlier: version 11.1.111.16 recommended
- Adobe AIR 3.3.0.3670 for Windows and Macintosh: version 3.4.0.2540 recommended
- Adobe AIR 3.3.0.3690 SDK: version 3.4.0.2540 SDK recommended
- Adobe AIR 3.3.0.3650 and earlier for Android: version 3.4.0.2540 recommended


More information can be read from Adobe's security bulletin.

Thursday, August 23, 2012

ESET Global Threat Report for July 2012

ESET has released a report discussing global threats of July 2012.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. HTML/ScrInject.B (3.)
3. Win32/Conficker (2.)
4. Win32/Sirefef (6.)
5. Win32/Dorkbot (9.)
6. Win32/Sality (8.)
7. JS/TrojanDownloader.Iframe.NKE (7.)
8. Win32/Ramnit (10.)
9. JS/Iframe (5.)
10. Win32/Spy.Ursnif (-)


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Friday, August 17, 2012

Adobe Shockwave Player Update Available

Adobe has released updated version of their Shockwave Player. The new version fixes several security vulnerabilities. The update is categorized as critical.

Users of Adobe Shockwave Player 11.6.5.635 and earlier should update to Adobe Shockwave Player 11.6.6.636.

More about fixed vulnerabilities and other information can be read from Adobe's security bulletin.

Security Update For Adobe Flash Player

Adobe has released an updated version of their Flash Player. The new version fixes a critical vulnerability (CVE-2012-1535) that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
-Users of Adobe Flash Player 11.3.300.270 and earlier are recommended to get update 11.3.300.271
-Flash Player integrated with Google Chrome will be updated by Google via Chrome update.

More information can be read from Adobe's security bulletin.

Adobe Reader And Acrobat Security Updates

Adobe has released security updates to fix a bunch of critical vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat.

Affected versions:
*of series X (10.x)
Adobe Reader 10.1.3 and earlier
Adobe Acrobat 10.1.3 and earlier

*of series 9.x
Adobe Reader 9.5.1 and earlier 9.x versions
Adobe Acrobat 9.5.1 and earlier 9.x versions


Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.

Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended


More information about fixed vulnerabilities can be read from Adobe's security bulletin.

Wednesday, August 15, 2012

Microsoft Security Updates For August 2012

Microsoft has released security updates for August 2012. This month update contains nine security bulletins of which five critical and four important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Vulnerability In OpenOffice And LibreOffice

There has been found a vulnerability in OpenOffice And LibreOffice. The vulnerability (CVE-2012-2665) may allow an attacker to execute arbitrary code in vulnerable system.

Affected versions:
-OpenOffice 3.4.0 and earlier versions
-LibreOffice prior version 3.5.5

Fresh version for LibreOffice is available here. OpenOffice fix is still pending and will be found here when available.

Sunday, August 12, 2012

F-Secure Mobile Threats Report Q2 2012

F-Secure has released a report about detected mobile threats of Q2 2012. "In May 2012, the first Android malware to use the drive-by download method was spotted in the wild."

About this and other mobile threats can be read from the report (in pdf format) downloadable here.

Wednesday, August 8, 2012

Symantec Intelligence Report: July 2012

Symantec has published their Intelligence report that sums up the latest threat trends for July 2012.

Report highlights:
- Spam – 67.6 percent (an increase of 0.8 percentage points since June)
- Phishing – One in 475.3 emails identified as phishing (a decrease of 0.003 percentage points since June)
- Malware – One in 340.9 emails contained malware (a decrease of 0.023 percentage points since June)
- Malicious Web sites – 2,189 Web sites blocked per day (an increase of 4.0 percent since June)
- Olympic related scams and threats to keep an eye on
- Web attack toolkit activity in the first six months of 2012
- A roundup of the best blogs of the last month

The report can be viewed here.

Saturday, August 4, 2012

Chrome Update Available

Google have released new versions, 21.0.1180.57 for Mac and Linux and 21.0.1180.60 for Windows and Chrome Frame, of their Chrome web browser. New versions contain fixes to 15 vulnerabilities of which two (critical CVE-2012-2859 and medium CVE-2012-2846) affect Linux only. In addition to those the following vulnerabilities were fixed:
- six high (CVE-2012-2851, CVE-2012-2852, CVE-2012-2855, CVE-2012-2856, CVE-2012-2857, CVE-2012-2858)
- four medium (CVE-2012-2848, CVE-2012-2850, CVE-2012-2853, CVE-2012-2860)
-three low (CVE-2012-2847, CVE-2012-2849, CVE-2012-2854)

More information in Google Chrome Releases blog.

Thursday, July 19, 2012

Mozilla Security Updates Available

Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address 15 vulnerabilities of which five categorized as critical, four as high and six as moderate.

Affected products are:
- Mozilla Firefox earlier than 14
- Mozilla Firefox ESR earlier than 10.0.6
- Mozilla Thunderbird earlier than 14
- Mozilla Thunderbird ESR earlier than 10.0.6
- Mozilla SeaMonkey earlier than 2.11

Links to the security advisories with details about addressed security issues:
MFSA 2012-56 Code execution through javascript: URLs
MFSA 2012-55 feed: URLs with an innerURI inherit security context of page
MFSA 2012-54 Clickjacking of certificate warning page
MFSA 2012-53 Content Security Policy 1.0 implementation errors cause data leakage
MFSA 2012-52 JSDependentString::undepend string conversion results in memory corruption
MFSA 2012-51 X-Frame-Options header ignored when duplicated
MFSA 2012-50 Out of bounds read in QCMS
MFSA 2012-49 Same-compartment Security Wrappers can be bypassed
MFSA 2012-48 use-after-free in nsGlobalWindow::PageHidden
MFSA 2012-47 Improper filtering of javascript in HTML feed-view
MFSA 2012-46 XSS through data: URLs
MFSA 2012-45 Spoofing issue with location
MFSA 2012-44 Gecko memory corruption
MFSA 2012-43 Incorrect URL displayed in addressbar through drag and drop
MFSA 2012-42 Miscellaneous memory safety hazards (rv:14.0/ rv:10.0.6)

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Wednesday, July 18, 2012

Oracle Critical Patch Update For Q3 of 2012

Oracle has released updates for their products that fix 87 security issues in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in October 2012.

Friday, July 13, 2012

Chrome Update Available

Google have released a new version of their Chrome web browser. Version 20.0.1132.57 contains fixes to three high catogorized vulnerabilities (CVE-2012-2842, CVE-2012-2843, CVE-2012-2844).

More information in Google Chrome Releases blog.

New Version Of VLC Player Available

VideoLAN project has released a new version of their VLC media player. Version 2.0.2 contains fixes to a big bunch of bugs including a buffer overflow vulnerability in OGG demuxer. By exploiting the vulnerability attacker may be able to execute arbitrary code in affected system.

Affected are VLC Player versions prior 2.0.2. Owners of those versions should update to the latest version.

ESET Global Threat Report for June 2012

ESET has released a report discussing global threats of June 2012.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (1.)
2. Win32/Conficker (4.)
3. HTML/ScrInject.B (3.)
4. HTML/Iframe.B (2.)
5. JS/Iframe.AS (5.)
6. Win32/Sirefef (6.)
7. JS/TrojanDownloader.Iframe.NKE (9.)
8. Win32/Sality (8.)
9. Win32/Dorkbot (7.)
10. Win32/Ramnit (10.)

Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Wednesday, July 11, 2012

Microsoft Security Updates For July 2012

Microsoft has released security updates for July 2012. This month update contains nine security bulletins of which three critical (MS12-043, MS12-044, MS12-045) and six important (MS12-046, MS12-047, MS12-048, MS12-049, MS12-050, MS12-051).

An updated version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Symantec Intelligence Report: June 2012

Symantec has published their Intelligence report that sums up the latest threat trends for June 2012.

Report highlights:
- Spam – 66.8 percent (a decrease of 1.0 percentage points since May)
- Phishing – One in 467.6 emails identified as phishing (an increase of 0.04 percentage points since May)
- Malware – One in 316.5 emails contained malware (an increase of 0.04 percentage points since May)
- Malicious Web sites – 2,106 Web sites blocked per day (a decrease of 51.7 percent since May)
- What we know about W32.Flamer that we didn’t last month
- A look at targeted attacks for the first six months of 2012
- In-depth look a recently attempted targeted attack

The report can be viewed here.

Tuesday, July 3, 2012

WordPress 3.4.1 Released

There's been released a new version of WordPress which contains updates to security vulnerabilities and also some security hardening. More information can be read from WordPress blog.

RealPlayer Update

RealNetworks has released updated version of their RealPlayer. New version contains a fix to one security vulnerability (CVE-2012-3235).

Users of affected versions are advised to update their RealPlayer to the latest one available. More information can be read from related security advisory.

Thursday, June 28, 2012

New Chrome Version Available

Google have released a new version of their Chrome web browser. Version 20.0.1132.43 contains fixes to 14 high, five medium and three low catogorized vulnerabilities.

More information in Google Chrome Releases blog.

Saturday, June 16, 2012

Security Updates From VMWare

VMware have released security update to patch two vulnerabilities in their virtualization applications.

Affected versions:
- Workstation 8.0.3 and earlier
- Workstation 7.1.5 and earlier
- Player 4.0.3 and earlier
- Player 3.1.5 and earlier
- Fusion 4.1.2 and earlier
- ESXi 5.0 without patch ESXi500-201206401-SG
- ESXi 4.1 without patch ESXi410-201206401-SG
- ESXi 4.0 without patch ESXi400-201206401-SG
- ESXi 3.5 without patch ESXe350-201206401-I-SG
- ESX 4.1 without patch ESX410-201206401-SG
- ESX 4.0 without patch ESX400-201206401-SG
- ESX 3.5 without patch ESX350-201206401-SG

Further information including updating instructions can be read from VMware's security advisory.

Symantec Intelligence Report: May 2012

Symantec has published their Intelligence report that sums up the latest threat trends for May 2012.

Report highlights:
- Spam – 67.8 percent (an increase of 3.3 percentage points since April)
- Phishing – One in 568.3 emails identified as phishing (a decrease of 0.03 percentage points since April)
- Malware – One in 365.1 emails contained malware (an increase of 0.03 percentage points since April)
- Malicious Web sites – 4,359 Web sites blocked per day (an increase of 48.7 percent since April)
- Targeted Attacks, Cyber Espionage and W32.Flamer
- London 2012 Olympic Games – Spammers Aiming for the Gold
- Flashback—The day of the Mac threat has arrived

The report can be viewed here.

Wednesday, June 13, 2012

Java Security Updates From Oracle

Oracle have released update for Java JRE & JDK and JavaFX (this affected only by CVE-2012-1713 vulnerability). The update fixes 14 vulnerabilities of which 12 can be exploited remotely without authentication.

Affected versions are:
- Java 7 JRE and JDK update 4 and earlier
- Java 6 JRE and JDK update 32 and earlier
- Java 5.0 JRE and JDK update 35 and earlier
- Java 1.4.2 JRE and JDK update 37 and earlier
- JavaFX 2.1 and earlier

More information about the update can be read from Java critical patch update document.

Java users are recommended to update their versions to the latest one available as soon as possible.

Tuesday, June 12, 2012

Microsoft Security Updates For June 2012

Microsoft has released security updates for June 2012. This month update contains seven security bulletins of which three critical and four important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

ITunes 10.6.3 Released

Apple has released version 10.6.3 of their iTunes media player. New version fixes two security issues (CVE-2012-0677 & CVE-2012-0672) that could allow arbitrary code execution or lead to an unexpected application termination. Latest version can be downloaded here.

More information about the update can be read from related security bulletin.

Monday, June 11, 2012

Flash Player Update Available

Adobe has released an updated version of their Flash Player. The new version fixes critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
- Users of Adobe Flash Player 11.2.202.235 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 11.3.300.257
- Users of Adobe Flash Player 11.2.202.235 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.236
- Users of Adobe Flash Player 11.1.115.8 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.9
- Users of Adobe Flash Player 11.1.111.9 and earlier versions for Android 3.x and earlier versions should update to Flash Player 11.1.111.10
- Users of Adobe AIR 3.2.0.2070 for Windows, Macintosh and Android should update to Adobe AIR 3.3.0.3610.
-Flash Player integrated with Google Chrome will be updated by Google via Chrome update.

More information can be read from Adobe's security bulletin.

Thursday, June 7, 2012

ESET Global Threat Report for May 2012

ESET has released a report discussing global threats of May 2012.

TOP 10 threats list (previous ranking listed too):

1. INF/Autorun (3.)
2. HTML/Iframe.B (2.)
3. HTML/ScrInject.B (1.)
4. Win32/Conficker (5.)
5. JS/Iframe.AS (4.)
6. Win32/Sirefef (6.)
7. Win32/Dorkbot (9.)
8. Win32/Sality (12.)
9. JS/TrojanDownloader.Iframe.NKE (7.)
10. Win32/Ramnit (13.)

Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Mozilla Updates

Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address seven vulnerabilities of which four categorized as critical, two as high and one as moderate.

Affected products are:
- Mozilla Thunderbird earlier than 13.0
- Mozilla Thunderbird ESR earlier than 10.0.5
- Mozilla SeaMonkey earlier than 2.10
- Mozilla Firefox earlier than 13.0
- Mozilla Firefox ESR earlier than 10.0.5

Links to the security advisories with details about addressed security issues:
MFSA 2012-40 Buffer overflow and use-after-free issues found using Address Sanitizer
MFSA 2012-39 NSS parsing errors with zero length items
MFSA 2012-38 Use-after-free while replacing/inserting a node in a document
MFSA 2012-37 Information disclosure though Windows file shares and shortcut files
MFSA 2012-36 Content Security Policy inline-script bypass
MFSA 2012-35 Privilege escalation through Mozilla Updater and Windows Updater Service
MFSA 2012-34 Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5)

Fresh versions can be obtained via inbuilt updater or by downloading from the product site: Firefox
Thunderbird
SeaMonkey

Wednesday, June 6, 2012

Security Patch Available To Adobe Photoshop

Adobe have released a new version of Adobe Photoshop. The new version contains fixes to three vulnerabilities that may allow an attacker to execute arbitrary code in affected system.

Affected versions:
Adobe Photoshop CS5.1 (12.1) and earlier versions

Instructions for updating are given in related security bulletin.

Millions Of LinkedIn Password Hashes Leaked

It has been reported that 6,5 million SHA-1 alogrithm encrypted LinkedIn passwords were posted online. LinkedIn users should change their password to new one. If the same password is used on other web sites then those should be changed too. Note: It's highly recommended to not use same password on different sites!

source

Tuesday, May 29, 2012

Highly Advanced Malicious Toolkit Revealed

Kaspersky Labs published yesterday a research about Flame (aka Skywiper), most complex malicious software found to date.
"It is a backdoor, a Trojan, and it has worm-like features, allowing it to replicate in a local network and on removable media if it is commanded so by its master." (source: Kaspersky Labs blog)


Here are some links about Flame malware:
- Kaspersky Labs blog post
- Iran National CERT (MAHER)
- Technical report by Laboratory of Cryptography and System Security (CrySyS Lab)

Thursday, May 17, 2012

QuickTime 7.7.2 Released

Apple has released a new version of their QuickTime. Version 7.7.2 contains fixes for a bunch of vulnerabilities that could be exploited to run arbitrary code in target system.

QuickTime users with version older than 7.7.2 should update to the latest one available.

More information about security content of QuickTime 7.7.2 can be read here.

Chrome 19 Available

Google have released a new version of their Chrome web browser. Chrome 19 contains some new features like tab sync (more about these here). Last but not least, new version contains fixes to seven high, six medium and four low catogorized vulnerabilities.

More information in Google Chrome Releases blog.

Tuesday, May 15, 2012

Update For Opera Available

Opera Software has released an update for their Opera web browser. Version 11.64 fixes a critical vulnerability. The vulnerability is related to URL constructs and by exploiting it attacker may be able to execute arbitrary code in affected system.

Related advisory can be viewed here.

Opera users are strongly recommended to update to the latest version. New version can be downloaded here.

Thursday, May 10, 2012

Safari Update Released

Apple has released a new version of their Safari web browsers. Version 5.1.7 contains fixes to four security vulnerabilities. Some of these may lead to an unexpected application termination or allow an attacker to execute arbitrary code in affected system.

Affected are Safari versions earlier than 5.1.7. Users of vulnerable Safari versions can get the latest version here.

More information of the security content of 5.1.7 can be read here.

Wednesday, May 9, 2012

Security Updates From Adobe

Adobe have released patched versions of Adobe Illustrator, Adobe Photoshop, Adobe Flash Professional and Adobe Shockwave Player products. Each of these updates contains fixes to vulnerabilties that may allow an attacker to take control of the affected system.

*Adobe Illustrator update related security bulletin

*Adobe Photoshop update related security bulletin

*Adobe Flash Professional update related security bulletin

*Adobe Shockwave Player update related security bulletin

Tuesday, May 8, 2012

Microsoft Security Updates For May 2012

Microsoft has released security updates for May 2012. This month update contains seven security bulletins of which three critical and four important. A new version of Windows Malicious Software Removal Tool (MSRT) was released too. More information can be read from the bulletin summary.

Saturday, May 5, 2012

ESET Global Threat Report for April 2012

ESET has released a report discussing global threats of April 2012.

TOP 10 threats list (previous ranking listed too):

1. HTML/ScrInject.B (1.)
2. HTML/Iframe.B (3.)
3. INF/Autorun (2.)
4. JS/Iframe.AS (6.)
5. Win32/Conficker (4.)
6. Win32/sirefef (7.)
7. JS/TrojanDownloader.Iframe.NKE (-)
8. JS/Agent (5.)
9. Win32/Dorkbot (9.)
10. JS/Redirector (10.)

Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Security Update For Adobe Flash Player

Adobe has released an updated version of their Flash Player. The new version fixes a critical vulnerability that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
-Users of Adobe Flash Player 11.2.202.233 and earlier are recommended to get update 11.2.202.235
-Users of Flash Player 11.1.115.7 and earlier for Android 4.x devices are recommended to get update Adobe Flash Player 11.1.115.8
-Users of Flash Player 11.1.111.8 and earlier for Android 3.x and 2.x devices are recommended to get update Adobe Flash Player 11.1.111.9
-Flash Player integrated with Google Chrome will be updated by Google via Chrome update.

More information can be read from Adobe's security bulletin.

Vulnerabilities In VMware Products

VMware have released new versions of their virtualizing software fixing security vulnerabilities. Some of these vulnerabilities may allow a guest user to potentially execute arbitrary code in host system.

Affected software versions are:
- Workstation 8.0.2 and earlier
- Player 4.0.2 and earlier
- Fusion 4.1.2 and earlier
- ESXi 5.0 prior update ESXi500-201205401-SG
- ESXi 4.1 prior updates ESXi410-201205401-SG, ESXi410-201110201-SG and ESXi410-201201401-SG
- ESXi 4.0 prior updates ESXi400-201105201-UG and ESXi400-201205401-SG
- ESXi 3.5 prior update ESXe350-201205401-I-SG
- ESX 4.1 prior update ESX410-201205401-SG, ESX410-201110201-SG and ESX410-201201401-SG
- ESX 4.0 prior updates ESX400-201105201-UG and ESX400-201205401-SG
- ESX 3.5 prior update ESX350-201205401-SG

Instructions for updating to a non-vulnerable version can be read from the related security advisory.

Wednesday, May 2, 2012

New Chrome Version Available

Google have released a new version of their Chrome web browser. 18.0.1025.168 contains fixes to three high and two medium catogorized vulnerabilities.

More information in Google Chrome Releases blog.

Monday, April 30, 2012

PHP Versions 5.3.11 and 5.4.1 Out

PHP development team has released 5.3.11 and 5.4.1 versions of PHP scripting language. New versions contain over 60 bug fixes. Some of these are security related. All PHP users are recommended to upgrade their versions to the latest release of the correspondent branch.

More details about 5.3.11 and 5.4.1 releases can be read from official release announcement.

Sunday, April 29, 2012

Microsoft Security Intelligence Report Volume 12 Released

Microsoft has released volume 12 of their Security Intelligence Report (SIR)). The Security Intelligence Report (SIR) is an investigation of the current threat landscape. The report can be downloaded here.

Saturday, April 28, 2012

Updates To Mozilla Products

Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address 14 vulnerabilities of which seven categorized as critical, four as high and three as moderate.
Affected products are:
- Mozilla Thunderbird earlier than 12.0
- Mozilla Thunderbird ESR earlier than 10.0.4
- Mozilla SeaMonkey earlier than 2.9
- Mozilla Firefox earlier than 12.0
- Mozilla Firefox ESR earlier than 10.0.4

Links to the security advisories with details about addressed security issues:
MFSA 2012-33 Potential site identity spoofing when loading RSS and Atom feeds
MFSA 2012-32 HTTP Redirections and remote content can be read by javascript errors
MFSA 2012-31 Off-by-one error in OpenType Sanitizer
MFSA 2012-30 Crash with WebGL content using textImage2D
MFSA 2012-29 Potential XSS through ISO-2022-KR/ISO-2022-CN decoding issues
MFSA 2012-28 Ambiguous IPv6 in Origin headers may bypass webserver access restrictions
MFSA 2012-27 Page load short-circuit can lead to XSS
MFSA 2012-26 WebGL.drawElements may read illegal video memory due to FindMaxUshortElement error
MFSA 2012-25 Potential memory corruption during font rendering using cairo-dwrite
MFSA 2012-24 Potential XSS via multibyte content processing errors
MFSA 2012-23 Invalid frees causes heap corruption in gfxImageSurface
MFSA 2012-22 use-after-free in IDBKeyRange
MFSA 2012-21 Multiple security flaws fixed in FreeType v2.4.9
MFSA 2012-20 Miscellaneous memory safety hazards (rv:12.0/ rv:10.0.4)

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Tuesday, April 24, 2012

WordPress 3.3.2 Released

There's been released a new version of WordPress which contains updates to security vulnerabilities.
More information can be read from WordPress blog.

Thursday, April 19, 2012

Oracle Critical Patch Update For Q2 of 2012

Oracle has released updates for their products that fix 88 security issues in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in July 2012.

Monday, April 16, 2012

Vulnerability In VMware Products

There has been found a vulnerability in VMware Tools component of VMware products. The vulnerability may lead to local privilege escalation on Windows-based Guest Operating Systems. Attacker can't exploit this vulnerability to break into the host machine itself.

Affected software versions are:
- Workstation 8.0.1 and earlier
- Player 4.0.1 and earlier
- Fusion 4.1.1 and earlier
- ESXi 5.0 prior update ESXi500-201203102-SG
- ESXi 4.1 prior update ESXi410-201201402-BG
- ESXi 4.0 prior update ESXi400-201203402-BG
- ESXi 3.5 prior update ESXe350-201203402-T-BG
- ESX 4.1 prior update ESX410-201201401-SG
- ESX 4.0 prior update ESX400-201203401-SG
- ESX 3.5 prior update ESX350-201203402-BG

Instructions for updating to a non-vulnerable version can be read from the related security advisory.

Wednesday, April 11, 2012

Adobe Reader And Acrobat Security Updates

Adobe has released security updates to fix a bunch of critical vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat.

Affected versions:
*of series X (10.x)
Adobe Reader 10.1.2 and earlier
Adobe Acrobat 10.1.2 and earlier

*of series 9.x
Adobe Reader 9.5 and earlier 9.x versions
Adobe Acrobat 9.5 and earlier 9.x versions


Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.

Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended


More information about fixed vulnerabilities can be read from Adobe's security bulletin.

Microsoft Security Updates For April 2012

Microsoft has released security updates for April 2012. This month update contains six security bulletins of which four critical and two important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Tuesday, April 10, 2012

Chrome Updates Released

Google has released a new version of their Chrome web browser. Version 18.0.1025.151 fixes 12 security vulnerabilities of which seven high, four medium and one low categorized.

More information in Google Chrome Releases blog.

After that version, Google released version 18.0.1025.152 that contains fixes to SSL issues (issue 118706) but may reintroduce issue 117371.

Thursday, April 5, 2012

ESET Global Threat Report for March 2012

ESET has released a report discussing global threats of March 2012.

TOP 10 threats list (previous ranking listed too):

1. HTML/ScrInject.B (1.)
2. INF/Autorun (2.)
3. HTML/Iframe.B (3.)
4. Win32/Conficker (4.)
5. JS/Agent (90.)
6. JS/Iframe.AS (66.)
7. Win32/sirefef (-)
8. Win32/Sality (8.)
9. Win32/Dorkbot (7.)
10. JS/Redirector (47.)

Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Sunday, April 1, 2012

New Chrome Version Available

Google have released a new version of their Chrome web browser. Chrome 18 contains some new features like faster graphics (more about these here). Last but not least, new version 18.0.1025.142 contains fixes to three high, five medium and one low catogorized vulnerabilities.

More information in Google Chrome Releases blog.

Wednesday, March 28, 2012

Flash Player Update Available

Adobe has released an updated version of their Flash Player. The new version fixes two critical, priority 2 vulnerabilities (CVE-2012-0772 & CVE-2012-0773) that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
-Users of Adobe Flash Player 11.1.102.63 and earlier are recommended to get update 11.2.202.228
-Users of Adobe AIR 3.1.0.4880 and earlier are recommended to get update 3.2.0.2070
-Flash Player integrated with Google Chrome will be updated by Google via Chrome update.

More information can be read from Adobe's security bulletin.

New Version Of Opera Released

Opera Software has released an update for their Opera web browser. Version 11.62 contains fixes to five security vulnerabilities.

high:
* Small windows can be used to trick users into executing downloads; advisory
* Overlapping content can trick users into executing downloads; advisory

low:
* History.state can leak the state data from cross domain pages; advisory
* Web page dialogs can be used to to display the wrong address in the address field; advisory
* Carefully timed reloads and redirects can spoof the address field; advisory


Opera users are strongly recommended to update to the latest version. New version can be downloaded here.

Tuesday, March 27, 2012

Version 17.0.963.83 For Chrome Available

Google has released a new version of their Chrome web browser. Version 17.0.963.83 fixes six high and two low categorized vulnerabilities and also some issues with Flash games.

More information in Google Chrome Releases blog.

Monday, March 19, 2012

Vulnerabilities In VMware View

There has been found four vulnerabilities in VMware View, software for workstation virtualizing. Three of them may lead to local privilege escalation on View virtual desktops. The fourth one is a cross-site scripting vulnerability. The vulnerability in View Manager Portal may allow a remote attacker to run scripts in the victim's browser.

Affected versions are VMware View 4.6 and earlier versions.

More information in related security advisory.

Wednesday, March 14, 2012

Updates To Mozilla Products

Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address eight vulnerabilities of which five categorized as critical and three as moderate.

Affected products are:
- Mozilla Thunderbird earlier than 11.0
- Mozilla Thunderbird ESR earlier than 10.0.3
- Mozilla Thunderbird 3.x.x earlier than 3.1.20
- Mozilla SeaMonkey earlier than 2.8
- Mozilla Firefox earlier than 11.0
- Mozilla Firefox ESR earlier than 10.0.3
- Mozilla Firefox 3.x.x earlier than 3.6.28

Links to the security advisories with details about addressed security issues:
MFSA 2012-19 Miscellaneous memory safety hazards (rv:11.0/ rv:10.0.3 / rv:1.9.2.28)
MFSA 2012-18 window.fullScreen writeable by untrusted content
MFSA 2012-17 Crash when accessing keyframe cssText after dynamic modification
MFSA 2012-16 Escalation of privilege with Javascript: URL as home page
MFSA 2012-15 XSS with multiple Content Security Policy headers
MFSA 2012-14 SVG issues found with Address Sanitizer
MFSA 2012-13 XSS with Drag and Drop and Javascript: URL
MFSA 2012-12 Use-after-free in shlwapi.dll

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Tuesday, March 13, 2012

Microsoft Security Updates For March 2012

Microsoft has released security updates for March 2012. This month update contains six security bulletins of which one critical, four important and one moderate.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

New Version Of Safari Released

Apple has released a new version of their Safari web browsers. The version contains fixes to a big bunch of security vulnerabilities. These vulnerabilities may lead to an unexpected application termination or allow an attacker to execute arbitrary code in affected system.

Affected are Safari versions earlier than 5.1.4. Users of vulnerable Safari versions can get the latest version here.

More information of the security content of 5.1.4 can be read here.

Monday, March 12, 2012

New Chrome Version Patches A Critical Vulnerability

Google has released a new version of their Chrome web browser. Version 17.0.963.79 fixes one critical vulnerability (CVE-2011-3047).

More information in Google Chrome Releases blog.

Thursday, March 8, 2012

ESET Global Threat Report for February 2012

ESET has released a report discussing global threats of February 2012.

TOP 10 threats list (previous ranking listed too):

1. HTML/ScrInject.B (1.)
2. INF/Autorun (2.)
3. HTML/Iframe.B (3.)
4. Win32/Conficker (4.)
5. HTML/Fraud.BG (-)
6. JS/Kryptik (35.)
7. Win32/Dorkbot (5.)
8. JS/TrojanDownloader.Iframe.NKE (7.)
9. Win32/Sality.NBA (8.)
10. Win32/Spy.Ursnif (10.)

Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Chrome Update Released

Google has released a new version of their Chrome web browser. Version 17.0.963.78 fixes issues with Flash games and videos and one critical vulnerability (CVE-2011-3046).

More information in Google Chrome Releases blog.

Tuesday, March 6, 2012

Security Update For Adobe Flash Player

Adobe has released an updated version of their Flash Player. The new version fixes two critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
-Users of Adobe Flash Player 11.1.102.62 and earlier are recommended to get update 11.1.102.63
-Users of Flash Player 11.1.115.6 and earlier for Android 4.x devices are recommended to get update Adobe Flash Player 11.1.115.7
-Users of Flash Player 11.1.111.6 and earlier for Android 3.x devices are recommended to get update Adobe Flash Player 11.1.111.7
-Flash Player integrated with Google Chrome will be updated by Google via Chrome update.

More information can be read from Adobe's security bulletin.

Friday, March 2, 2012

Symantec Intelligence Report: February 2012

Symantec has published their Intelligence report that sums up the latest threat trends for February 2012.

Report highlights:
- Spam – 68.0 percent (a decrease of 1.0 percentage points since January)
- Phishing – One in 358. 1 emails identified as phishing (an increase of 0.01 percentage points since January)
- Malware – One in 274.0 emails contained malware (an increase of 0.03 percentage points since January)
- Malicious Web sites – 2,305 Web sites blocked per day (an increase of 9.7 percent since January)
- New wave of cyber-attacks designed to impersonate the Better Business Bureau
- Blogs review
- Best Practices for Enterprises and Users


The report can be viewed here.

Friday, February 17, 2012

Chrome Gets Another Update

Google has released a new version of their Chrome web browser. Among other things version 17.0.963.56 contains fixes to 13 vulnerabilities of which seven categorized as high, five as medium and one as low. New version of Flash component is included too.

More information in Google Chrome Releases blog.

Thursday, February 16, 2012

Security Update For Adobe Flash Player

Adobe has released an updated version of their Flash Player. The new version fixes critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.

Affected versions:
-Users of Adobe Flash Player 11.1.102.55 and earlier are recommended to get update 11.1.102.62
-Users of Flash Player 11.1.112.61 and earlier for Android 4.x devices are recommended to get update Adobe Flash Player 11.1.115.6
-Users of Flash Player 11.1.111.5 and earlier for Android 3.x devices are recommended to get update Adobe Flash Player 11.1.111.6
-Flash Player integrated with Google Chrome will be updated by Google via Chrome update.

More information can be read from Adobe's security bulletin.

Wednesday, February 15, 2012

Java Updates From Oracle

Oracle has released update for Java JRE and JDK. The update fixes 14 vulnerabilities of which nine can be exploited to execute arbitrary code in affected system.

Affected versions are:
- Java 7 JRE and JDK earlier than update 2
- Java 6 JRE and JDK earlier than update 30
- Java 5.0 JRE and JDK earlier than update 33
- Java 1.4.2 JRE and JDK earlier than update 35
- JavaFX 2.0.2 and earlier

More information about the update can be read from Java critical patch update document.

Java users are recommended to update their versions to the latest one available as soon as possible.

Adobe Shockwave Player Update Available

Adobe has released updated version of their Shockwave Player. The new version fixes several security vulnerabilities. The update is categorized as critical.

Users of Adobe Shockwave Player 11.6.3.633 and earlier should update to Adobe Shockwave Player 11.6.4.634.

More about fixed vulnerabilities and other information can be read from Adobe's security bulletin.

Microsoft Security Updates For February 2012

Microsoft has released security updates for February 2012. This month update contains nine security bulletins of which four critical and five important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

Tuesday, February 14, 2012

Patched Versions To Mozilla Products Available

Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a vulnerability categorized as critical.

Affected products are:
- Mozilla Thunderbird earlier than 10.0.1
- Mozilla SeaMonkey earlier than 2.7.1
- Mozilla Firefox 10.x older than 10.0.1 (version 9 and earlier are not affected by this vulnerability)

Link to the security advisory with details about addressed security issue:
MFSA 2012-10 use after free in nsXBLDocumentInfo::ReadPrototypeBindings

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Friday, February 10, 2012

Security Update To RealPlayer

RealNetworks has released updated version of their RealPlayer. New version contains fixes to seven vulnerabilities. Each of them may allow an attacker to execute arbitrary code in target system.

Users of affected versions are advised to update their RealPlayer to the latest one available. More information can be read from related security advisory.

Thursday, February 9, 2012

New Version Of Chrome Released

Google has released a new version of their Chrome web browser. Among other things version 17.0.963.46 contains fixes to 20 vulnerabilities of which one categorized as critical, eight as high, five as medium and six as low.

More information in Google Chrome Releases blog.

Tuesday, February 7, 2012

ESET Global Threat Report for January 2012

ESET has released a report discussing global threats of January 2012.

TOP 10 threats list (previous ranking listed too):

1. HTML/ScrInject.B (1.)
2. INF/Autorun (2.)
3. HTML/Iframe.B (3.)
4. Win32/Conficker (4.)
5. Win32/Dorkbot (5.)
6. Win32/Autoit (6.)
7. JS/TrojanDownloader.Iframe.NKE (8.)
8. Win32/Sality (7.)
9. JS/Iframe.AS (12.)
10. Win32/Spy.Ursnif (10.)

Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Thursday, February 2, 2012

Symantec Intelligence Report: January 2012

Symantec has published their Intelligence report that sums up the latest threat trends for January 2012.

Report highlights:
- Spam – 69.0 percent (an increase of 1.3 percentage points since December 2011)
- Phishing – One in 370.0 emails identified as phishing (an increase of 0.06 percentage points since December 2011)
- Malware – One in 295.0 emails contained malware (a decrease of 0.02 percentage points since December 2011)
- Malicious Web sites – 2,102 Web sites blocked per day (a decrease of 77.4 percent since December 2011)
- Spammers continue to take advantage of holidays and events
- Best Practices for Enterprises and Users


The report can be viewed here.

Security Updates To Mozilla Products

Mozilla has released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which several categorized as critical.

Affected products are:
- Mozilla Thunderbird earlier than 10.0
- Mozilla Thunderbird 3.x.x versions earlier than 3.1.18
- Mozilla SeaMonkey earlier than 2.7
- Mozilla Firefox earlier than 9.0
- Mozilla Firefox 3.x.x versions earlier than 3.6.26

Links to the security advisories with details about addressed security issues:
MFSA 2012-09 Firefox Recovery Key.html is saved with unsafe permission
MFSA 2012-08 Crash with malformed embedded XSLT stylesheets
MFSA 2012-07 Potential Memory Corruption When Decoding Ogg Vorbis files
MFSA 2012-06 Uninitialized memory appended when encoding icon images may cause information disclosure
MFSA 2012-05 Frame scripts calling into untrusted objects bypass security checks
MFSA 2012-04 Child nodes from nsDOMAttribute still accessible after removal of nodes
MFSA 2012-03 < iframe > element exposed across domains via name attribute
MFSA 2012-02 Overly permissive IPv6 literal syntax
MFSA 2012-01 Miscellaneous memory safety hazards (rv:10.0/ rv:1.9.2.26)

Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey

Saturday, January 28, 2012

MS12-004 Vulnerability Exploiting Malware Found

Trend Micro warns in their blog about malware that exploits MIDI remote code execution vulnerability. Exploiting happens when Windows Multimedia Library in Windows Media Player (WMP) fails to handle a specially crafted MIDI file. According to the blog post infection vector is a malicious HTML exploiting the vulnerability by using two components that are also hosted on the same domain. The two files are: a MIDI file and a JavaScript code file.

The exploited vulnerability was already addressed with an update (MS12-004) in Microsoft's last patch Tuesday. To protect against the threat users of affected systems should get this update installed as soon as possible.

More details about the malware in Trend Micro blog.

Tuesday, January 24, 2012

Chrome Updated

Google has released a new version of their Chrome web browser. Version 16.0.912.77 contains fixes to five vulnerabilities of which one is categorized as critical and four as high.

More information in Google Chrome Releases blog.

Thursday, January 19, 2012

Oracle Critical Patch Update For Q1 of 2012

Oracle has released updates for their products that fix 78 security issues in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).

Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.

Next Oracle CPU is planned to be released in April 2012.

Saturday, January 14, 2012

ESET Global Threat Report for December 2011

ESET has released a report discussing global threats of December 2011.

TOP 10 threats of 2011 list:

1. INF/Autorun
2. Win32/Conficker
3. Win32/Sality
4. Win32/PSW.OnLineGames
5. HTML/Iframe.B
6. HTML/ScrInject.B
7. Win32/Autoit
8. Win32/Bflient
9. Win32/Tifaut
10. Win32/Spy.Ursnif.A


Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).

Wednesday, January 11, 2012

Vulnerabilities In Wireshark

There has been found three vulnerabilities in Wireshark, free open source program for analyzing network protocols. By exploiting the vulnerabilities an attacker may be able to make Wireshark crash, hang, or execute arbitrary code by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.

Vulnerable versions are all versions prior 1.4.11 or 1.6.5.

Non vulnerable version of Wireshark can be downloaded here.

More information can be read from these advisories:
- http://www.wireshark.org/security/wnpa-sec-2012-01.html
- http://www.wireshark.org/security/wnpa-sec-2012-02.html
- http://www.wireshark.org/security/wnpa-sec-2012-03.html

Tuesday, January 10, 2012

Adobe Reader And Acrobat Security Updates

Adobe has released security updates to fix a bunch of critical vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat.

Affected versions:
*of series X (10.x)
Adobe Reader 10.1.1 and earlier
Adobe Acrobat 10.1.1 and earlier

*of series 9.x
Adobe Reader 9.4.7 and earlier
Adobe Acrobat 9.4.7 and earlier


Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.

Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended


More information about fixed vulnerabilities can be read from Adobe's security bulletin.

Microsoft Security Updates For January 2012

Microsoft has released security updates for January 2012. This month update contains seven security bulletins of which one critical and six important.

A new version of Windows Malicious Software Removal Tool (MSRT) was released too.

More information can be read from the bulletin summary.

For consumer the easist way to get the update is to use Microsoft Update service.

Monday, January 9, 2012

Fix For WordPress Available

There has been fixed an XSS (cross site scripting) vulnerability in WordPress. The vulnerability could allow an attacker to put malicious content on affected site. Affected are WordPress versions earlier than 3.3.1.

More information can be read from WordPress blog.

Saturday, January 7, 2012

Update For Chrome Available

Google has released a new version of their Chrome web browser. Version 16.0.912.75 contains fixes to three vulnerabilities of which all of them being categorized as high.

More information in Google Chrome Releases blog.