Google have released version 24.0.1312.56 of their Chrome web browser. New version contains fixes to five vulnerabilities:
-three high (CVE-2013-0839, CVE-2013-0841, CVE-2013-0843)
-two medium (CVE-2013-0840, CVE-2013-0842)
More information in Google Chrome Releases blog.
Sunday, January 27, 2013
Monday, January 21, 2013
ESET Global Threat Report for December 2012
ESET have published a report discussing global threats of December 2012.
TOP 10 threats list:
1. INF/Autorun
2. HTML/ScrInject.B
3. HTML/Iframe.B
4. Win32/Conficker
5. Win32/Sality
6. Win32/Dorkbot
7. JS/TrojanDownloader.Iframe.NKE
8. Win32/Sirefef
9. Win32/Ramnit
10. Win32/Spy.Ursnif
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list:
1. INF/Autorun
2. HTML/ScrInject.B
3. HTML/Iframe.B
4. Win32/Conficker
5. Win32/Sality
6. Win32/Dorkbot
7. JS/TrojanDownloader.Iframe.NKE
8. Win32/Sirefef
9. Win32/Ramnit
10. Win32/Spy.Ursnif
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Sunday, January 20, 2013
Symantec Intelligence Report: December 2012
Symantec have published their Intelligence report that sums up the latest threat trends for December 2012.
Report highlights:
- Spam – 70.6 percent (an increase of 1.8 percentage points since November)
- Phishing – One in 377.4 emails identified as phishing (an increase of 0.225 percentage points since November)
- Malware – One in 277.8 emails contained malware (a decrease of 0.03 percentage points since November)
- Malicious websites – 762 websites blocked per day (a decrease of 58.7 percent since November)
The report can be viewed here.
Report highlights:
- Spam – 70.6 percent (an increase of 1.8 percentage points since November)
- Phishing – One in 377.4 emails identified as phishing (an increase of 0.225 percentage points since November)
- Malware – One in 277.8 emails contained malware (a decrease of 0.03 percentage points since November)
- Malicious websites – 762 websites blocked per day (a decrease of 58.7 percent since November)
The report can be viewed here.
Friday, January 18, 2013
Oracle Critical Patch Update For Q1 of 2013
Oracle have released updates for their products that fix 86 security issues in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in April 2013.
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in April 2013.
Monday, January 14, 2013
A Vulnerability Affecting Java 7
There has been found a vulnerability (CVE-2013-0422) in Oracle Java. The vulnerability may allow an attacker to run arbitrary code in a vulnerable system. Affected are Java JDK and JRE 7 update 10 and earlier versions in series 7 (JDK and JRE 6, 5.0 and 1.4.2, and Java SE Embedded JRE releases are not affected).
Users of affected versions are recommended to get update 11 here. New version has also default security level setting changed from medium to high:
If Java is not needed in a web browser then in addition to getting it updated it's recommended to disable Java in browsers. Instructions for doing that can be read here.
Users of affected versions are recommended to get update 11 here. New version has also default security level setting changed from medium to high:
"The default security level for Java applets and web start applications has been increased from "Medium" to "High". This affects the conditions under which unsigned (sandboxed) Java web applications can run. Previously, as long as you had the latest secure Java release installed applets and web start applications would continue to run as always. With the "High" setting the user is always warned before any unsigned application is run to prevent silent exploitation."
If Java is not needed in a web browser then in addition to getting it updated it's recommended to disable Java in browsers. Instructions for doing that can be read here.
Update For Google Chrome Released
Google have released version 24.0.1312.52 of their Chrome web browser. New version contains fixes to 24 vulnerabilities:
-11 high (CVE-2012-5145, CVE-2012-5146, CVE-2012-5147, CVE-2012-5149, CVE-2012-5150, CVE-2012-5151, CVE-2012-5153, CVE-2012-5156, CVE-2013-0828, CVE-2013-0829, CVE-2013-0836)
-eight medium (CVE-2012-5148, CVE-2012-5152, CVE-2012-5155 (Mac only), CVE-2012-5157, CVE-2013-0832, CVE-2013-0833, CVE-2013-0834, CVE-2013-0837)
-five low (CVE-2012-5154 (Windows only), CVE-2013-0830 (Windows only), CVE-2013-0831, CVE-2013-0835, CVE-2013-0838 (Linux only))
New version contains also an update to Flash.
More information in Google Chrome Releases blog.
-11 high (CVE-2012-5145, CVE-2012-5146, CVE-2012-5147, CVE-2012-5149, CVE-2012-5150, CVE-2012-5151, CVE-2012-5153, CVE-2012-5156, CVE-2013-0828, CVE-2013-0829, CVE-2013-0836)
-eight medium (CVE-2012-5148, CVE-2012-5152, CVE-2012-5155 (Mac only), CVE-2012-5157, CVE-2013-0832, CVE-2013-0833, CVE-2013-0834, CVE-2013-0837)
-five low (CVE-2012-5154 (Windows only), CVE-2013-0830 (Windows only), CVE-2013-0831, CVE-2013-0835, CVE-2013-0838 (Linux only))
New version contains also an update to Flash.
More information in Google Chrome Releases blog.
Thursday, January 10, 2013
Mozilla Security Updates Available
Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which 12 categorized as critical, seven as high and one as moderate.
Affected products are:
- Mozilla Firefox earlier than 18.0
- Mozilla Firefox ESR earlier than 10.0.12
- Mozilla Firefox ESR earlier than 7.0.2
- Mozilla Thunderbird earlier than 17.0.2
- Mozilla Thunderbird ESR earlier than 10.0.12
- Mozilla Thunderbird ESR earlier than 17.0.2
- Mozilla SeaMonkey earlier than 2.15
Links to the security advisories with details about addressed security issues:
MFSA 2013-20 Mis-issued TURKTRUST certificates
MFSA 2013-19 Use-after-free in Javascript Proxy objects
MFSA 2013-18 Use-after-free in Vibrate
MFSA 2013-17 Use-after-free in ListenerManager
MFSA 2013-16 Use-after-free in serializeToStream
MFSA 2013-15 Privilege escalation through plugin objects
MFSA 2013-14 Chrome Object Wrapper (COW) bypass through changing prototype
MFSA 2013-13 Memory corruption in XBL with XML bindings containing SVG
MFSA 2013-12 Buffer overflow in Javascript string concatenation
MFSA 2013-11 Address space layout leaked in XBL objects
MFSA 2013-10 Event manipulation in plugin handler to bypass same-origin policy
MFSA 2013-09 Compartment mismatch with quickstubs returned values
MFSA 2013-08 AutoWrapperChanger fails to keep objects alive during garbage collection
MFSA 2013-07 Crash due to handling of SSL on threads
MFSA 2013-06 Touch events are shared across iframes
MFSA 2013-05 Use-after-free when displaying table with many columns and column groups
MFSA 2013-04 URL spoofing in addressbar during page loads
MFSA 2013-03 Buffer Overflow in Canvas
MFSA 2013-02 Use-after-free and buffer overflow issues found using Address Sanitizer
MFSA 2013-01 Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Affected products are:
- Mozilla Firefox earlier than 18.0
- Mozilla Firefox ESR earlier than 10.0.12
- Mozilla Firefox ESR earlier than 7.0.2
- Mozilla Thunderbird earlier than 17.0.2
- Mozilla Thunderbird ESR earlier than 10.0.12
- Mozilla Thunderbird ESR earlier than 17.0.2
- Mozilla SeaMonkey earlier than 2.15
Links to the security advisories with details about addressed security issues:
MFSA 2013-20 Mis-issued TURKTRUST certificates
MFSA 2013-19 Use-after-free in Javascript Proxy objects
MFSA 2013-18 Use-after-free in Vibrate
MFSA 2013-17 Use-after-free in ListenerManager
MFSA 2013-16 Use-after-free in serializeToStream
MFSA 2013-15 Privilege escalation through plugin objects
MFSA 2013-14 Chrome Object Wrapper (COW) bypass through changing prototype
MFSA 2013-13 Memory corruption in XBL with XML bindings containing SVG
MFSA 2013-12 Buffer overflow in Javascript string concatenation
MFSA 2013-11 Address space layout leaked in XBL objects
MFSA 2013-10 Event manipulation in plugin handler to bypass same-origin policy
MFSA 2013-09 Compartment mismatch with quickstubs returned values
MFSA 2013-08 AutoWrapperChanger fails to keep objects alive during garbage collection
MFSA 2013-07 Crash due to handling of SSL on threads
MFSA 2013-06 Touch events are shared across iframes
MFSA 2013-05 Use-after-free when displaying table with many columns and column groups
MFSA 2013-04 URL spoofing in addressbar during page loads
MFSA 2013-03 Buffer Overflow in Canvas
MFSA 2013-02 Use-after-free and buffer overflow issues found using Address Sanitizer
MFSA 2013-01 Miscellaneous memory safety hazards (rv:18.0/ rv:10.0.12 / rv:17.0.2)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Wednesday, January 9, 2013
Adobe Reader And Acrobat Security Updates
Adobe have released security updates to fix a bunch of critical vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.0 and earlier
Adobe Acrobat 11.0.0 and earlier
*of series X (10.x)
Adobe Reader 10.1.4 and earlier
Adobe Acrobat 10.1.4 and earlier
*of series 9.x
Adobe Reader 9.5.2 and earlier 9.x versions
Adobe Acrobat 9.5.2 and earlier 9.x versions
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.0 and earlier
Adobe Acrobat 11.0.0 and earlier
*of series X (10.x)
Adobe Reader 10.1.4 and earlier
Adobe Acrobat 10.1.4 and earlier
*of series 9.x
Adobe Reader 9.5.2 and earlier 9.x versions
Adobe Acrobat 9.5.2 and earlier 9.x versions
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Adobe Flash Player and Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 11.5.502.135 and earlier versions for Windows should update to Adobe Flash Player 11.5.502.146
- Users of Adobe Flash Player 11.5.502.136 and earlier versions for Macintosh should update to Adobe Flash Player 11.5.502.146
- Users of Adobe Flash Player 11.2.202.258 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.261
- Users of Adobe Flash Player 11.1.115.34 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.36 (applicable only for Flash Player installed before August 15, 2012)
- Users of Adobe Flash Player 11.1.111.29 and earlier versions for Android 3.x and 2.x versions should update to Flash Player 11.1.111.31 (applicable only for Flash Player installed before August 15, 2012)
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 will be updated via Windows Update
- Users of Adobe AIR 3.5.0.880 and earlier versions for Windows should update to Adobe AIR 3.5.0.1060
- Users of Adobe AIR 3.5.0.890 and earlier versions for Macintosh should update to Adobe AIR 3.5.0.1060
- Users of the Adobe AIR SDK (includes AIR for iOS) should update to the Adobe AIR 3.5.0.1060 SDK
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 11.5.502.135 and earlier versions for Windows should update to Adobe Flash Player 11.5.502.146
- Users of Adobe Flash Player 11.5.502.136 and earlier versions for Macintosh should update to Adobe Flash Player 11.5.502.146
- Users of Adobe Flash Player 11.2.202.258 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.261
- Users of Adobe Flash Player 11.1.115.34 and earlier versions on Android 4.x devices should update to Adobe Flash Player 11.1.115.36 (applicable only for Flash Player installed before August 15, 2012)
- Users of Adobe Flash Player 11.1.111.29 and earlier versions for Android 3.x and 2.x versions should update to Flash Player 11.1.111.31 (applicable only for Flash Player installed before August 15, 2012)
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 will be updated via Windows Update
- Users of Adobe AIR 3.5.0.880 and earlier versions for Windows should update to Adobe AIR 3.5.0.1060
- Users of Adobe AIR 3.5.0.890 and earlier versions for Macintosh should update to Adobe AIR 3.5.0.1060
- Users of the Adobe AIR SDK (includes AIR for iOS) should update to the Adobe AIR 3.5.0.1060 SDK
More information can be read from Adobe's security bulletin.
Microsoft Security Updates For January 2013
Microsoft have released security updates for January 2013. This month update contains seven security bulletins of which two critical and five important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Sunday, January 6, 2013
2013 Forecast From ESET: Malware, Scams Security And Privacy Concerns
Stephen Cobb, ESET Security Evangelist has made a summary of predictions for 2013 from thoughts of his fellow bloggers at ESET. Summary contains the following predictions among others:
- targeted attacks
- out of band patching issues
- attacks on Windows 8
- data mining
- the tide of scams
- domain registration scams
Stephen's blog post can be viewed here.
- targeted attacks
- out of band patching issues
- attacks on Windows 8
- data mining
- the tide of scams
- domain registration scams
Stephen's blog post can be viewed here.
Microsoft Security Advisory Regarding Fraudulent Digital Certificates
Microsoft have released a security advisory regarding fraudulent digital certificate issued by TURKTRUST Inc. Please see the advisory to get some information how to protect Windows systems against this threat.
More information about TURKTRUST Inc certificate issue can be read for example from these two blog posts:
- http://www.securelist.com/en/blog/208194063/TURKTRUST_CA_Problems
- http://nakedsecurity.sophos.com/2013/01/04/turkish-certificate-authority-screwup-leads-to-attempted-google-impersonation/
More information about TURKTRUST Inc certificate issue can be read for example from these two blog posts:
- http://www.securelist.com/en/blog/208194063/TURKTRUST_CA_Problems
- http://nakedsecurity.sophos.com/2013/01/04/turkish-certificate-authority-screwup-leads-to-attempted-google-impersonation/
Subscribe to:
Posts (Atom)
