The UnZip is an open source tool used for extracting zip format archives. There has been found a buffer overflow vulnerability which can be exploited to execute arbitrary code in target system. The vulnerability can be triggered by using -t parameter (unzip -t) while extracting a specially crafted .zip file.
Affected are UnZip 6.0 and earlier versions. At the moment there is no patch available. While waiting for a fresh version of UnZip to be available it's recommended to extract zip files without using -t parameter.
More information can be read here.
Sunday, December 28, 2014
Monday, December 15, 2014
Symantec Intelligence Report: November 2014
Symantec have published their Intelligence report that sums up the latest threat trends for November 2014.
Report highlights:
- Over 41 percent of email-borne malware contained a link to a malicious or compromised website. URL malware had been present in 3 to 16 percent of malicious emails each month, until this recent surge.
- Kelihos and Gamut are the top two most active botnets in November, comprising 19.2 and 18.8 percent respectively.
- Crypto- ransomware made up 38 percent of all ransomware seen in the month of November.
The report (in PDF format) can be viewed here.
Report highlights:
- Over 41 percent of email-borne malware contained a link to a malicious or compromised website. URL malware had been present in 3 to 16 percent of malicious emails each month, until this recent surge.
- Kelihos and Gamut are the top two most active botnets in November, comprising 19.2 and 18.8 percent respectively.
- Crypto- ransomware made up 38 percent of all ransomware seen in the month of November.
The report (in PDF format) can be viewed here.
ESET Global Threat Report for November 2014
ESET have published a report discussing global threats of November 2014.
TOP 10 threats list (previous ranking listed too):
1. HTML/Refresh (1.)
2. WIN32/Bundpil (2.)
3. Win32/Adware.MultiPlug (5.)
4. Win32/TrojanDownloader.Wauchos (-)
5. Win32/Sality (8.)
6. LNK/Agent.AK (7.)
7. JS/Kryptik.I (3.)
8. INF/Autorun (10.)
9. Win32/Ramnit (-)
10. HTML/ScrInject (6.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. HTML/Refresh (1.)
2. WIN32/Bundpil (2.)
3. Win32/Adware.MultiPlug (5.)
4. Win32/TrojanDownloader.Wauchos (-)
5. Win32/Sality (8.)
6. LNK/Agent.AK (7.)
7. JS/Kryptik.I (3.)
8. INF/Autorun (10.)
9. Win32/Ramnit (-)
10. HTML/ScrInject (6.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Friday, December 12, 2014
Adobe ColdFusion Hotfixes Available
Adobe have released updated versions of ColdFusion web application development platform. These hotfixes address a resource consumption issue that could potentially result in a denial of service (CVE-2014-9166).
Affected versions:
- ColdFusion 11 and 10
More information can be read from Adobe's security bulletin.
Affected versions:
- ColdFusion 11 and 10
More information can be read from Adobe's security bulletin.
Labels:
adobe,
coldfusion,
security,
update,
vulnerability
Adobe Reader And Acrobat Security Updates
Adobe have released security updates to fix some vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat. The vulnerabilities could allow an attacker to take over the affected system.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.09 and earlier
Adobe Acrobat 11.0.09 and earlier
*of series X (10.x)
Adobe Reader 10.1.12 and earlier
Adobe Acrobat 10.1.12 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.09 and earlier
Adobe Acrobat 11.0.09 and earlier
*of series X (10.x)
Adobe Reader 10.1.12 and earlier
Adobe Acrobat 10.1.12 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Labels:
adobe,
pdf reader,
security,
update,
vulnerability
Wednesday, December 10, 2014
Adobe Flash Player Updates Available
Adobe have released updated versions of their Flash Player. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 15.0.0.239 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 16.0.0.235
- Users of Adobe Flash Player 11.2.202.424 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.425
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 15.0.0.239 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 16.0.0.235
- Users of Adobe Flash Player 11.2.202.424 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.425
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
ESET Global Threat Report for October 2014
ESET have published a report discussing global threats of October 2014.
TOP 10 threats list (previous ranking listed too):
1. HTML/Refresh (1.)
2. WIN32/Bundpil (2.)
3. JS/Kryptik.I (3.)
4. Win32/RiskWare.NetFilter (5.)
5. Win32/Adware.MultiPlug (4.)
6. HTML/ScrInject (-)
7. LNK/Agent.AK (6.)
8. Win32/Sality (7.)
9. HTML/Iframe (8.)
10. INF/Autorun (10.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. HTML/Refresh (1.)
2. WIN32/Bundpil (2.)
3. JS/Kryptik.I (3.)
4. Win32/RiskWare.NetFilter (5.)
5. Win32/Adware.MultiPlug (4.)
6. HTML/ScrInject (-)
7. LNK/Agent.AK (6.)
8. Win32/Sality (7.)
9. HTML/Iframe (8.)
10. INF/Autorun (10.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Microsoft Security Updates For December 2014
Microsoft have released security updates for December 2014. This month update contains seven security bulletins of which three categorized as critical and four as important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Thursday, December 4, 2014
Mozilla Product Updates Released
Mozilla have released updates to Firefox browser and Thunderbird email client to address a bunch of vulnerabilities of which three categorized as critical, three as high and three as moderate.
Affected products are:
- Mozilla Firefox earlier than 34
- Mozilla Firefox ESR earlier than 31.3
- Mozilla Thunderbird earlier than 31.3
Links to the security advisories with details about addressed security issues:
MSFA-2014-91 Privileged access to security wrapped protected objects
MSFA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory
MSFA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer
MSFA-2014-88 Buffer overflow while parsing media content
MSFA-2014-87 Use-after-free during HTML5 parsing
MSFA-2014-86 CSP leaks redirect data via violation reports
MSFA-2014-85 XMLHttpRequest crashes with some input streams
MSFA-2014-84 XBL bindings accessible via improper CSS declarations
MSFA-2014-83 Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Affected products are:
- Mozilla Firefox earlier than 34
- Mozilla Firefox ESR earlier than 31.3
- Mozilla Thunderbird earlier than 31.3
Links to the security advisories with details about addressed security issues:
MSFA-2014-91 Privileged access to security wrapped protected objects
MSFA-2014-90 Apple CoreGraphics framework on OS X 10.10 logging input data to /tmp directory
MSFA-2014-89 Bad casting from the BasicThebesLayer to BasicContainerLayer
MSFA-2014-88 Buffer overflow while parsing media content
MSFA-2014-87 Use-after-free during HTML5 parsing
MSFA-2014-86 CSP leaks redirect data via violation reports
MSFA-2014-85 XMLHttpRequest crashes with some input streams
MSFA-2014-84 XBL bindings accessible via improper CSS declarations
MSFA-2014-83 Miscellaneous memory safety hazards (rv:34.0 / rv:31.3)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Labels:
Firefox,
Mozilla,
security,
thunderbird,
update,
vulnerability
Thursday, November 27, 2014
Google Chrome Updated
Google have released version 39.0.2171.71 of their Chrome web browser. New version contains an update for Adobe Flash and some other fixes.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Wednesday, November 26, 2014
Adobe Flash Player Update Available
Adobe have released updated versions of their Flash Player. The new version adds extra hardening against the vulnerability CVE-2014-8439 (a vulnerability in the handling of a dereferenced memory pointer that could lead to code execution) which was mitigated in the October release.
Affected versions:
- Users of Adobe Flash Player 15.0.0.223 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.239
- Users of Adobe Flash Player 11.2.202.418 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.424
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 15.0.0.223 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.239
- Users of Adobe Flash Player 11.2.202.418 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.424
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Sunday, November 23, 2014
WordPress 4.0.1 Released
There have been released new versions of WordPress (blogging tool and content management system) which contains updates to critical security vulnerabilities.
Affected versions:
3.9.2, 3.8.4, 3.7.4 and their earlier versions
More information can be read from the WordPress blog.
Affected versions:
3.9.2, 3.8.4, 3.7.4 and their earlier versions
More information can be read from the WordPress blog.
Wednesday, November 19, 2014
Google Chrome Updated
Google have released version 39.0.2171.65 of their Chrome web browser. New version contains fixes to 42 security issues.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Symantec Intelligence Report: October 2014
Symantec have published their Intelligence report that sums up the latest threat trends for October 2014.
Report highlights:
- Of the industries attacked through spear phishing, the category of Finance, Insurance, and Real Estate received 28 percent of all attempts in the month of October.
- The largest data breach in October had previously been reported; however, we learned this month that the breach resulted in the exposure of identities within 76 million households.
- OSX.Okaz was the most frequently encountered OSX risk seen on OSX endpoints, making up 28.8 percent of OSX risks.
- Crypto-style ransomware made up 55 percent of all ransomware seen in the month of October.
The report (in PDF format) can be viewed here.
Report highlights:
- Of the industries attacked through spear phishing, the category of Finance, Insurance, and Real Estate received 28 percent of all attempts in the month of October.
- The largest data breach in October had previously been reported; however, we learned this month that the breach resulted in the exposure of identities within 76 million households.
- OSX.Okaz was the most frequently encountered OSX risk seen on OSX endpoints, making up 28.8 percent of OSX risks.
- Crypto-style ransomware made up 55 percent of all ransomware seen in the month of October.
The report (in PDF format) can be viewed here.
Monday, November 17, 2014
Microsoft Security Intelligence Report Volume 17 Released
Microsoft have released volume 17 of their Security Intelligence Report (SIR)). The Security Intelligence Report (SIR) is an investigation of the current threat landscape. The report can be downloaded here.
Wednesday, November 12, 2014
Google Chrome Updated
Google have released version 38.0.2125.122 of their Chrome web browser. Among other fixes (log) the new version contains an update for Adobe Flash.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 15.0.0.189 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.223
- Users of Adobe Flash Player 11.2.202.411 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.418
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
- Users of the Adobe AIR 15.0.0.302 SDK and earlier versions should update to the Adobe AIR 15.0.0.356 SDK.
- Users of the Adobe AIR 15.0.0.302 SDK & Compiler and earlier versions should update to the Adobe AIR 15.0.0.356 SDK & Compiler.
- Users of Adobe AIR 15.0.0.293 and earlier versions for Android should update to Adobe AIR 15.0.0.356.
- Users of Adobe AIR 15.0.0.293 and earlier versions for Windows and Macintosh should update to Adobe 15.0.0.356.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 15.0.0.189 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.223
- Users of Adobe Flash Player 11.2.202.411 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.418
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
- Users of the Adobe AIR 15.0.0.302 SDK and earlier versions should update to the Adobe AIR 15.0.0.356 SDK.
- Users of the Adobe AIR 15.0.0.302 SDK & Compiler and earlier versions should update to the Adobe AIR 15.0.0.356 SDK & Compiler.
- Users of Adobe AIR 15.0.0.293 and earlier versions for Android should update to Adobe AIR 15.0.0.356.
- Users of Adobe AIR 15.0.0.293 and earlier versions for Windows and Macintosh should update to Adobe 15.0.0.356.
More information can be read from Adobe's security bulletin.
Microsoft Security Updates For November 2014
Microsoft have released security updates for November 2014. This month update contains fourteen security bulletins of which four categorized as critical, eight as important and two as moderate.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Monday, November 10, 2014
Google Study About Manual Hijacking
Account hijacking is a thing that happens a lot. There are different types of hijacking of which one of the most common is mass hijacking. In this case, an automated process uses compromised systems to send out spam messages, malware and phishing campaigns to get even more accounts hijacked. This kind of attacks are usually targeting political institutions, universities, governments and corporations.
Another type of hijacking is so called manual hijacking. This type of attacks are targeting normal users and are done by individuals instead of automated botnets.
Google have published a study they made about manual hijacking. This study can be viewed here (as a pdf document)
Another type of hijacking is so called manual hijacking. This type of attacks are targeting normal users and are done by individuals instead of automated botnets.
Google have published a study they made about manual hijacking. This study can be viewed here (as a pdf document)
Friday, November 7, 2014
Also 53 Million Email Addresses Taken In Home Depot Data Breach
Some time ago Home Depot was in headlines with a data breach where 56 million credit card account details were compromised. During the investigation of that data breach Home Depot found out that the payment data was not the only thing stolen but that 53 million email addresses were taken too.
More information in Home Depot press release.
More information in Home Depot press release.
Sunday, October 19, 2014
Mozilla Product Updates Released
Mozilla have released updates to Firefox browser and Thunderbird email client to address a bunch of vulnerabilities of which three categorized as critical, four as high and two as moderate.
Affected products are:
- Mozilla Firefox earlier than 33
- Mozilla Firefox ESR earlier than 31.2
- Mozilla Thunderbird earlier than 31.2
Links to the security advisories with details about addressed security issues:
MFSA 2014-82 Accessing cross-origin objects via the Alarms API
MFSA 2014-81 Inconsistent video sharing within iframe
MFSA 2014-80 Key pinning bypasses
MFSA 2014-79 Use-after-free interacting with text directionality
MFSA 2014-78 Further uninitialized memory use during GIF
MFSA 2014-77 Out-of-bounds write with WebM video
MFSA 2014-76 Web Audio memory corruption issues with custom waveforms
MFSA 2014-75 Buffer overflow during CSS manipulation
MFSA 2014-74 Miscellaneous memory safety hazards (rv:33.0 / rv:31.2)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Affected products are:
- Mozilla Firefox earlier than 33
- Mozilla Firefox ESR earlier than 31.2
- Mozilla Thunderbird earlier than 31.2
Links to the security advisories with details about addressed security issues:
MFSA 2014-82 Accessing cross-origin objects via the Alarms API
MFSA 2014-81 Inconsistent video sharing within iframe
MFSA 2014-80 Key pinning bypasses
MFSA 2014-79 Use-after-free interacting with text directionality
MFSA 2014-78 Further uninitialized memory use during GIF
MFSA 2014-77 Out-of-bounds write with WebM video
MFSA 2014-76 Web Audio memory corruption issues with custom waveforms
MFSA 2014-75 Buffer overflow during CSS manipulation
MFSA 2014-74 Miscellaneous memory safety hazards (rv:33.0 / rv:31.2)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Labels:
Firefox,
Mozilla,
security,
thunderbird,
update,
vulnerability
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 15.0.0.167 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.189
- Users of Adobe Flash Player 11.2.202.406 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.411
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
- Users of the Adobe AIR 15.0.0.249 SDK and earlier versions should update to the Adobe AIR 15.0.0.302 SDK.
- Users of the Adobe AIR 14.0.0.249 SDK & Compiler and earlier versions should update to the Adobe AIR 15.0.0.302 SDK & Compiler.
- Users of Adobe AIR 15.0.0.252 and earlier versions for Android should update to Adobe AIR 15.0.0.293.
- Users of Adobe AIR 15.0.0.249 and earlier versions for Windows and Macintosh should update to Adobe 15.0.0.293.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 15.0.0.167 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.189
- Users of Adobe Flash Player 11.2.202.406 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.411
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.x) will be updated via Windows Update
- Users of the Adobe AIR 15.0.0.249 SDK and earlier versions should update to the Adobe AIR 15.0.0.302 SDK.
- Users of the Adobe AIR 14.0.0.249 SDK & Compiler and earlier versions should update to the Adobe AIR 15.0.0.302 SDK & Compiler.
- Users of Adobe AIR 15.0.0.252 and earlier versions for Android should update to Adobe AIR 15.0.0.293.
- Users of Adobe AIR 15.0.0.249 and earlier versions for Windows and Macintosh should update to Adobe 15.0.0.293.
More information can be read from Adobe's security bulletin.
Friday, October 17, 2014
Adobe ColdFusion Hotfixes Available
Adobe have released updated versions of ColdFusion web application development platform. These hotfixes address a security permissions issue (CVE-2014-0572) that could be exploited by an unauthenticated local user to bypass IP address access control restrictions applied to the ColdFusion Administrator. Cross-site scripting and cross-site request forgery vulnerabilities (CVE-2014-0570, CVE-2014-0571) are also addressed in the hotfixes.
Affected versions:
- ColdFusion 11, 10, 9.0.2, 9.0.1 and 9.0 for all platforms
More information can be read from Adobe's security bulletin.
Affected versions:
- ColdFusion 11, 10, 9.0.2, 9.0.1 and 9.0 for all platforms
More information can be read from Adobe's security bulletin.
Labels:
adobe,
coldfusion,
security,
update,
vulnerability
Oracle Critical Patch Update For Q4 of 2014
Oracle have released updates for their products that fix 154 security issues (including 25 Java fixes) in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in January 2015.
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in January 2015.
Wednesday, October 15, 2014
Symantec Intelligence Report: September 2014
Symantec have published their Intelligence report that sums up the latest threat trends for September 2014.
Report highlights:
- The .doc file type was the most common attachment type used in spear-phishing attacks, making up more than 52.9 percent of all attachments in September.
- The largest data breach reported in September actually took place in April, and resulted in the exposure of 56 million identities.
- There were 600 vulnerabilities disclosed in the month of September, the highest number so far in 2014 and second-highest in the last 12 months.
The report (in PDF format) can be viewed here.
Report highlights:
- The .doc file type was the most common attachment type used in spear-phishing attacks, making up more than 52.9 percent of all attachments in September.
- The largest data breach reported in September actually took place in April, and resulted in the exposure of 56 million identities.
- There were 600 vulnerabilities disclosed in the month of September, the highest number so far in 2014 and second-highest in the last 12 months.
The report (in PDF format) can be viewed here.
Microsoft Security Updates For October 2014
Microsoft have released security updates for October 2014. This month update contains eight security bulletins of which three categorized as critical and five as important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Monday, October 13, 2014
Google Chrome Updated
Google have released version 38.0.2125.101 of their Chrome web browser. New version contains fixes to 159 security issues.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Thursday, October 9, 2014
Cash Dispersal Enabling ATM Malware Discovered
There has been detected a backdoor program allowing cash dispersal on automated teller machines (ATMs) in multiple countries although mostly in Russia. Security company Kaspersky reports that the program, designated Backdoor.MSIL.Tyupkin, requires physical access to the ATM system and booting it off of a CD to install the malware.
The analysis of the malware can be read in Kaspersky blog.
The analysis of the malware can be read in Kaspersky blog.
Monday, October 6, 2014
ESET Global Threat Report for September 2014
ESET have published a report discussing global threats of September 2014.
TOP 10 threats list (previous ranking listed too):
1. HTML/Refresh (-)
2. WIN32/Bundpil (1.)
3. JS/Kryptik.I (2.)
4. Win32/Adware.MultiPlug (3.)
5. Win32/RiskWare.NetFilter (4.)
6. LNK/Agent.AK (5.)
7. Win32/Sality (6.)
8. HTML/Iframe (-)
9. Win32/Danger.DoubleExtension (-)
10. INF/Autorun (7.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. HTML/Refresh (-)
2. WIN32/Bundpil (1.)
3. JS/Kryptik.I (2.)
4. Win32/Adware.MultiPlug (3.)
5. Win32/RiskWare.NetFilter (4.)
6. LNK/Agent.AK (5.)
7. Win32/Sality (6.)
8. HTML/Iframe (-)
9. Win32/Danger.DoubleExtension (-)
10. INF/Autorun (7.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Monday, September 29, 2014
Google Chrome Updated
Google have released version 37.0.2062.124 of their Chrome web browser. New version contains fixes to one security issue (CVE-2014-1568).
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Friday, September 26, 2014
Mozilla Product Updates Released
Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a critical vulnerability.
Affected products are:
- Mozilla Firefox earlier than 32.0.3
- Mozilla Firefox ESR earlier than 24.8.1 and 31.1.1
- Mozilla Thunderbird earlier than 31.1.2
- Mozilla Thunderbird earlier than 24.8.1
- SeaMonkey 2.29.1
Link to the security advisory with details about addressed security issue:
MFSA 2014-73 RSA Signature Forgery in NSS
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Seamonkey
Affected products are:
- Mozilla Firefox earlier than 32.0.3
- Mozilla Firefox ESR earlier than 24.8.1 and 31.1.1
- Mozilla Thunderbird earlier than 31.1.2
- Mozilla Thunderbird earlier than 24.8.1
- SeaMonkey 2.29.1
Link to the security advisory with details about addressed security issue:
MFSA 2014-73 RSA Signature Forgery in NSS
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Seamonkey
Labels:
Firefox,
Mozilla,
seamonkey,
security,
thunderbird,
update,
vulnerability
Tuesday, September 23, 2014
Symantec Intelligence Report: August 2014
Symantec have published their Intelligence report that sums up the latest threat trends for August 2014.
Report highlights:
- While there has been a general decline in ransomware threats since March 2014, the overall volume of crypto-style ransomware has increased over 700 percent since January.
- The largest data breach reported in August resulted in the exposure of 27 million identities. For the month, 31 million identities were exposed.
- The average number of spear-phishing attacks dropped to 20 per day in August, the lowest seen in the last twelve months.
The report (in PDF format) can be viewed here.
Report highlights:
- While there has been a general decline in ransomware threats since March 2014, the overall volume of crypto-style ransomware has increased over 700 percent since January.
- The largest data breach reported in August resulted in the exposure of 27 million identities. For the month, 31 million identities were exposed.
- The average number of spear-phishing attacks dropped to 20 per day in August, the lowest seen in the last twelve months.
The report (in PDF format) can be viewed here.
Tuesday, September 16, 2014
Adobe Reader And Acrobat Security Updates
Adobe have released security updates to fix some vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat. The vulnerabilities could allow an attacker to take over the affected system.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.08 and earlier
Adobe Acrobat 11.0.08 and earlier
*of series X (10.x)
Adobe Reader 10.1.11 and earlier
Adobe Acrobat 10.1.11 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.08 and earlier
Adobe Acrobat 11.0.08 and earlier
*of series X (10.x)
Adobe Reader 10.1.11 and earlier
Adobe Acrobat 10.1.11 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Labels:
acrobat,
adobe,
pdf reader,
security,
update,
vulnerability
Google Chrome Updated
Google have released version 37.0.2062.120 of their Chrome web browser. New version contains fixes to four security issues. Also, Adobe Flash has been updated.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Wednesday, September 10, 2014
ESET Global Threat Report for August 2014
ESET have published a report discussing global threats of August 2014.
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. JS/Kryptik.I (2.)
3. Win32/Adware.MultiPlug (7.)
4. Win32/RiskWare.NetFilter (3.)
5. LNK/Agent.AK (4.)
6. Win32/Sality (5.)
7. INF/Autorun (8.)
8. HTML/ScrInject (6.)
9. Win32/Ramnit (-)
10. Win32/Conficker (9.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. JS/Kryptik.I (2.)
3. Win32/Adware.MultiPlug (7.)
4. Win32/RiskWare.NetFilter (3.)
5. LNK/Agent.AK (4.)
6. Win32/Sality (5.)
7. INF/Autorun (8.)
8. HTML/ScrInject (6.)
9. Win32/Ramnit (-)
10. Win32/Conficker (9.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 14.0.0.179 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.152
- Users of Adobe Flash Player 11.2.202.400 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.406
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of the Adobe AIR 14.0.0.178 SDK and earlier versions should update to the Adobe AIR 15.0.0.249 SDK.
- Users of the Adobe AIR 14.0.0.178 SDK & Compiler and earlier versions should update to the Adobe AIR 15.0.0.249 SDK & Compiler.
- Users of Adobe AIR 14.0.0.179 and earlier versions for Android should update to Adobe AIR 15.0.0.252.
- Users of Adobe AIR 14.0.0.178 and earlier versions for Windows and Macintosh should update to Adobe 15.0.0.249.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 14.0.0.179 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 15.0.0.152
- Users of Adobe Flash Player 11.2.202.400 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.406
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of the Adobe AIR 14.0.0.178 SDK and earlier versions should update to the Adobe AIR 15.0.0.249 SDK.
- Users of the Adobe AIR 14.0.0.178 SDK & Compiler and earlier versions should update to the Adobe AIR 15.0.0.249 SDK & Compiler.
- Users of Adobe AIR 14.0.0.179 and earlier versions for Android should update to Adobe AIR 15.0.0.252.
- Users of Adobe AIR 14.0.0.178 and earlier versions for Windows and Macintosh should update to Adobe 15.0.0.249.
More information can be read from Adobe's security bulletin.
Microsoft Security Updates For September 2014
Microsoft have released security updates for September 2014. This month update contains four security bulletins of which one categorized as critical and three as important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Monday, September 8, 2014
ESET Global Threat Report for July 2014
ESET have published a report discussing global threats of July 2014.
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. JS/Kryptik.I (2.)
3. Win32/RiskWare.NetFilter (-)
4. LNK/Agent.AK (3.)
5. Win32/Sality (4.)
6. HTML/ScrInject (8.)
7. Win32/Adware.MultiPlug (-)
8. INF/Autorun (5.)
9. Win32/Conficker (6.)
10. Win32/TrojanDownloader.Zurgop (-)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. JS/Kryptik.I (2.)
3. Win32/RiskWare.NetFilter (-)
4. LNK/Agent.AK (3.)
5. Win32/Sality (4.)
6. HTML/ScrInject (8.)
7. Win32/Adware.MultiPlug (-)
8. INF/Autorun (5.)
9. Win32/Conficker (6.)
10. Win32/TrojanDownloader.Zurgop (-)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Friday, September 5, 2014
Mozilla Product Updates Released
Mozilla have released updates to Firefox browser and Thunderbird email client to address a bunch of vulnerabilities of which three categorized as critical, two as high and one as moderate.
Affected products are:
- Mozilla Firefox earlier than 32
- Mozilla Firefox ESR earlier than 24.8 and 31.1
- Mozilla Thunderbird earlier than 31.1
- Mozilla Thunderbird earlier than 24.8
Links to the security advisories with details about addressed security issues:
MFSA 2014-72 Use-after-free setting text directionality
MFSA 2014-71 Profile directory file access through file: protocol
MFSA 2014-70 Out-of-bounds read in Web Audio audio timeline
MFSA 2014-69 Uninitialized memory use during GIF rendering
MFSA 2014-68 Use-after-free during DOM interactions with SVG
MFSA 2014-67 Miscellaneous memory safety hazards (rv:32.0 / rv:31.1 / rv:24.8)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Affected products are:
- Mozilla Firefox earlier than 32
- Mozilla Firefox ESR earlier than 24.8 and 31.1
- Mozilla Thunderbird earlier than 31.1
- Mozilla Thunderbird earlier than 24.8
Links to the security advisories with details about addressed security issues:
MFSA 2014-72 Use-after-free setting text directionality
MFSA 2014-71 Profile directory file access through file: protocol
MFSA 2014-70 Out-of-bounds read in Web Audio audio timeline
MFSA 2014-69 Uninitialized memory use during GIF rendering
MFSA 2014-68 Use-after-free during DOM interactions with SVG
MFSA 2014-67 Miscellaneous memory safety hazards (rv:32.0 / rv:31.1 / rv:24.8)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Labels:
Firefox,
Mozilla,
security,
thunderbird,
update,
vulnerability
Sunday, August 31, 2014
How to improve your Twitter security and privacy
If you are a Twitter user you may be interested in knowing how to make your Twitter use more secure. Louisa Hardwick from Sophos has wrapped up a nice blog post writing about how to make Twitter use more secure by adjusting Twitter security and privacy settings. The blog post can be viewed here:
http://nakedsecurity.sophos.com/2014/08/26/how-to-improve-your-twitter-security-and-privacy/
http://nakedsecurity.sophos.com/2014/08/26/how-to-improve-your-twitter-security-and-privacy/
Thursday, August 28, 2014
Google Chrome Updated
Google have released version 37.0.2062.94 of their Chrome web browser. New version contains fixes to 50 security issues among other fixed issues.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Saturday, August 16, 2014
Symantec Intelligence Report: July 2014
Symantec have published their Intelligence report that sums up the latest threat trends for July 2014.
Report highlights:
- The .doc file type continues to be the most common attachment type used in spear-phishing attacks, followed by .exe files.
- The largest data breach reported in July resulted in the exposure of 900,000 identities.
- Of the mobile threats discovered in the last 12 months, 24 percent steal information from the device and 22 percent track the device’s user.
The report (in PDF format) can be viewed here.
Report highlights:
- The .doc file type continues to be the most common attachment type used in spear-phishing attacks, followed by .exe files.
- The largest data breach reported in July resulted in the exposure of 900,000 identities.
- Of the mobile threats discovered in the last 12 months, 24 percent steal information from the device and 22 percent track the device’s user.
The report (in PDF format) can be viewed here.
Wednesday, August 13, 2014
Adobe Reader And Acrobat Security Updates
Adobe have released security updates to fix a vulnerability in their PDF products, Adobe Reader and Adobe Acrobat. The vulnerability (CVE-2014-0546) could allow an attacker to circumvent sandbox protection on the Windows platform.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.07 and earlier
Adobe Acrobat 11.0.07 and earlier
*of series X (10.x)
Adobe Reader 10.1.10 and earlier
Adobe Acrobat 10.1.10 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.07 and earlier
Adobe Acrobat 11.0.07 and earlier
*of series X (10.x)
Adobe Reader 10.1.10 and earlier
Adobe Acrobat 10.1.10 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Labels:
acrobat,
adobe,
pdf reader,
security,
update,
vulnerability
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 14.0.0.145 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 14.0.0.176 (Windows NPAPI plugin for Firefox version is 14.0.0.179)
- Users of Adobe Flash Player 11.2.202.394 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.400
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of the Adobe AIR 14.0.0.137 SDK and earlier versions should update to the Adobe AIR 14.0.0.178 SDK.
- Users of the Adobe AIR 14.0.0.137 SDK & Compiler and earlier versions should update to the Adobe AIR 14.0.0.178 SDK & Compiler.
- Users of Adobe AIR 14.0.0.137 and earlier versions for Android should update to Adobe AIR 14.0.0.179.
- Users of Adobe AIR 14.0.0.137 and earlier versions for Windows and Macintosh should update to Adobe 14.0.0.178.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 14.0.0.145 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 14.0.0.176 (Windows NPAPI plugin for Firefox version is 14.0.0.179)
- Users of Adobe Flash Player 11.2.202.394 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.400
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of the Adobe AIR 14.0.0.137 SDK and earlier versions should update to the Adobe AIR 14.0.0.178 SDK.
- Users of the Adobe AIR 14.0.0.137 SDK & Compiler and earlier versions should update to the Adobe AIR 14.0.0.178 SDK & Compiler.
- Users of Adobe AIR 14.0.0.137 and earlier versions for Android should update to Adobe AIR 14.0.0.179.
- Users of Adobe AIR 14.0.0.137 and earlier versions for Windows and Macintosh should update to Adobe 14.0.0.178.
More information can be read from Adobe's security bulletin.
Microsoft Security Updates For August 2014
Microsoft have released security updates for August 2014. This month update contains nine security bulletins of which two categorized as critical and seven as important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Tuesday, August 12, 2014
Critical Vulnerability In WordPress Plugin
Sunday, August 10, 2014
Internet Explorer To Block Outdated ActiveX Controls
Starting August 12th Microsoft is going to release an update for Internet Explorer that will start blocking out-of-date ActiveX controls. "ActiveX controls are small apps that let Web sites provide content, like videos and games, and let you interact with content like toolbars. Unfortunately, because many ActiveX controls aren’t automatically updated, they can become outdated as new versions are released. It’s very important that you keep your ActiveX controls up-to-date because malicious or compromised Web pages can target security flaws in outdated controls to collect information, install dangerous software, or by let someone else control your computer remotely."
More information about the upcoming feature can be read from the related blog post.
More information about the upcoming feature can be read from the related blog post.
Tuesday, August 5, 2014
Vulnerability In Wireshark
There has been found a vulnerability in Wireshark, free open source program for analyzing network protocols. By exploiting the vulnerability an attacker may be able to make Wireshark crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file. Vulnerable dissector components are: Catapult DCT2000, IrDA, RLC, ASN.1 BER. GTP- and GSM Management.
Vulnerable versions are: 1.10.0 - 1.10.8
Non vulnerable version of Wireshark 1.10.x series can be downloaded here. The latest stable version, Wireshark 1.12.0 can be downloaded here.
More information can be read from the related advisories:
- wnpa-sec-2014-08
- wnpa-sec-2014-09
- wnpa-sec-2014-10
- wnpa-sec-2014-11
Vulnerable versions are: 1.10.0 - 1.10.8
Non vulnerable version of Wireshark 1.10.x series can be downloaded here. The latest stable version, Wireshark 1.12.0 can be downloaded here.
More information can be read from the related advisories:
- wnpa-sec-2014-08
- wnpa-sec-2014-09
- wnpa-sec-2014-10
- wnpa-sec-2014-11
Tuesday, July 29, 2014
Onion Ransomware Under Closer Inspection
Ransomware has become one of the biggest type of malicious software. As its name says it asks affected user for a ransom. Fedor Sinitsyn from Kaspersky Lab writes about the latest one, Onion (aka Critoni), in his blog post.
The blog post can be read here.
The blog post can be read here.
Saturday, July 26, 2014
Google Chrome Updated
Google have released version 36.0.1985.125 of their Chrome web browser. Among 26 security fixes and other bug fixes the new version contains some new improvements.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Mozilla Product Updates Released
Mozilla have released updates to Firefox browser and Thunderbird email client to address a bunch of vulnerabilities of which three categorized as critical, five as high, two as moderate and one as low.
Affected products are:
- Mozilla Firefox earlier than 31
- Mozilla Firefox ESR 24.x earlier than 24.7
- Mozilla Thunderbird earlier than 31
- Mozilla Thunderbird earlier than 24.7
Links to the security advisories with details about addressed security issues:
MFSA 2014-66 IFRAME sandbox same-origin access through redirect
MFSA 2014-65 Certificate parsing broken by non-standard character encoding
MFSA 2014-64 Crash in Skia library when scaling high quality images
MFSA 2014-63 Use-after-free while when manipulating certificates in the trusted cache
MFSA 2014-62 Exploitable WebGL crash with Cesium JavaScript library
MFSA 2014-61 Use-after-free with FireOnStateChange event
MFSA 2014-60 Toolbar dialog customization event spoofing
MFSA 2014-59 Use-after-free in DirectWrite font handling
MFSA 2014-58 Use-after-free in Web Audio due to incorrect control message ordering
MFSA 2014-57 Buffer overflow during Web Audio buffering for playback
MFSA 2014-56 Miscellaneous memory safety hazards (rv:31.0 / rv:24.7)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Affected products are:
- Mozilla Firefox earlier than 31
- Mozilla Firefox ESR 24.x earlier than 24.7
- Mozilla Thunderbird earlier than 31
- Mozilla Thunderbird earlier than 24.7
Links to the security advisories with details about addressed security issues:
MFSA 2014-66 IFRAME sandbox same-origin access through redirect
MFSA 2014-65 Certificate parsing broken by non-standard character encoding
MFSA 2014-64 Crash in Skia library when scaling high quality images
MFSA 2014-63 Use-after-free while when manipulating certificates in the trusted cache
MFSA 2014-62 Exploitable WebGL crash with Cesium JavaScript library
MFSA 2014-61 Use-after-free with FireOnStateChange event
MFSA 2014-60 Toolbar dialog customization event spoofing
MFSA 2014-59 Use-after-free in DirectWrite font handling
MFSA 2014-58 Use-after-free in Web Audio due to incorrect control message ordering
MFSA 2014-57 Buffer overflow during Web Audio buffering for playback
MFSA 2014-56 Miscellaneous memory safety hazards (rv:31.0 / rv:24.7)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Labels:
Firefox,
Mozilla,
security,
thunderbird,
update,
vulnerability
Monday, July 21, 2014
Oracle Critical Patch Update For Q3 of 2014
Oracle have released updates for their products that fix 113 security issues (including 20 Java fixes) in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in October 2014.
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in October 2014.
Friday, July 18, 2014
Symantec Intelligence Report: June 2014
Symantec have published their Intelligence report that sums up the latest threat trends for June 2014.
Report highlights:
- There was an average of 88 spear-phishing attacks per day in June.
- The number of Android variants per family reached the lowest levels seen in the last twelve months, at 18 variants per family.
- The largest data breach reported in June took place in May, and resulted in the exposure of 1.3 million identities.
The report (in PDF format) can be viewed here.
Report highlights:
- There was an average of 88 spear-phishing attacks per day in June.
- The number of Android variants per family reached the lowest levels seen in the last twelve months, at 18 variants per family.
- The largest data breach reported in June took place in May, and resulted in the exposure of 1.3 million identities.
The report (in PDF format) can be viewed here.
Friday, July 11, 2014
ESET Global Threat Report for June 2014
ESET have published a report discussing global threats of June 2014.
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. JS/Kryptik.I (-)
3. LNK/Agent.AK (2.)
4. Win32/Sality (3.)
5. INF/Autorun (5.)
6. Win32/Conficker (7.)
7. Win32/Ramnit (8.)
8. HTML/ScrInject (4.)
9. HTML/Iframe (-)
10. Win32/Dorkbot (10.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. JS/Kryptik.I (-)
3. LNK/Agent.AK (2.)
4. Win32/Sality (3.)
5. INF/Autorun (5.)
6. Win32/Conficker (7.)
7. Win32/Ramnit (8.)
8. HTML/ScrInject (4.)
9. HTML/Iframe (-)
10. Win32/Dorkbot (10.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Thursday, July 10, 2014
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 14.0.0.125 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 14.0.0.145
- Users of Adobe Flash Player 11.2.202.378 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.394
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of the Adobe AIR 14.0.0.110 SDK and earlier versions should update to the Adobe AIR 14.0.0.137 SDK.
- Users of the Adobe AIR 14.0.0.110 SDK & Compiler and earlier versions should update to the Adobe AIR 14.0.0.137 SDK & Compiler.
- Users of Adobe AIR 14.0.0.110 and earlier versions for Android should update to Adobe AIR 14.0.0.137.
- Users of Adobe AIR 14.0.0.110 and earlier versions for Windows and Macintosh should update to Adobe 14.0.0.137.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 14.0.0.125 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 14.0.0.145
- Users of Adobe Flash Player 11.2.202.378 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.394
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of the Adobe AIR 14.0.0.110 SDK and earlier versions should update to the Adobe AIR 14.0.0.137 SDK.
- Users of the Adobe AIR 14.0.0.110 SDK & Compiler and earlier versions should update to the Adobe AIR 14.0.0.137 SDK & Compiler.
- Users of Adobe AIR 14.0.0.110 and earlier versions for Android should update to Adobe AIR 14.0.0.137.
- Users of Adobe AIR 14.0.0.110 and earlier versions for Windows and Macintosh should update to Adobe 14.0.0.137.
More information can be read from Adobe's security bulletin.
Microsoft Security Updates For July 2014
Microsoft have released security updates for July 2014. This month update contains six security bulletins of which three categorized as critical, two as important and one as moderate.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Saturday, July 5, 2014
PHP Versions 5.5.14 and 5.4.30 Released
PHP development team has released 5.5.14 and 5.4.30 versions of the PHP scripting language. New versions contain several bug fixes to vulnerabilities which may allow an attacker to execute arbitrary code in affected system. All PHP users are recommended to upgrade their versions to the latest release of the correspondent branch.
Changelogs can be viewed here.
Changelogs can be viewed here.
Monday, June 30, 2014
RealPlayer Update
RealNetworks has released updated version of their RealPlayer. New version contains a fix to a buffer overflow vulnerability (CVE-2014-3113).
Users of affected versions are advised to update their RealPlayer to the latest one available. More information can be read from related security advisory.
Users of affected versions are advised to update their RealPlayer to the latest one available. More information can be read from related security advisory.
Tuesday, June 24, 2014
Symantec Intelligence Report: May 2014
Symantec have published their Intelligence report that sums up the latest threat trends for May 2014.
Report highlights:
- A large data breach occurred in May, resulting in the potential exposure of over 145 million identities. Over 577 million identities have been exposed in the last 12 months.
- Ransomware continues to decline as the year progresses, down to 17 percent of the peak levels seen back in November 2013.
- Spam, phishing, and virus rates are up in May, after having each dropped in April.
The report (in PDF format) can be viewed here.
Report highlights:
- A large data breach occurred in May, resulting in the potential exposure of over 145 million identities. Over 577 million identities have been exposed in the last 12 months.
- Ransomware continues to decline as the year progresses, down to 17 percent of the peak levels seen back in November 2013.
- Spam, phishing, and virus rates are up in May, after having each dropped in April.
The report (in PDF format) can be viewed here.
Friday, June 13, 2014
Google Chrome Updated
Google have released version 35.0.1916.153 of their Chrome web browser. Among four security fixes and other bug fixes the new version contains a new version of Flash Player.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Mozilla Product Updates Released
Mozilla have released updates to Firefox browser and Thunderbird email client to address a bunch of vulnerabilities of which six categorized as critical and two as high.
Affected products are:
- Mozilla Firefox earlier than 30
- Mozilla Firefox ESR 24.x earlier than 24.6
- Mozilla Thunderbird earlier than 24.6
Links to the security advisories with details about addressed security issues:
MFSA 2014-55 Out of bounds write in NSPR
MFSA 2014-54 Buffer overflow in Gamepad API
MFSA 2014-53 Buffer overflow in Web Audio Speex resampler
MFSA 2014-52 Use-after-free with SMIL Animation Controller
MFSA 2014-51 Use-after-free in Event Listener Manager
MFSA 2014-50 Clickjacking through cursor invisability after Flash interaction
MFSA 2014-49 Use-after-free and out of bounds issues found using Address Sanitizer
MFSA 2014-48 Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Affected products are:
- Mozilla Firefox earlier than 30
- Mozilla Firefox ESR 24.x earlier than 24.6
- Mozilla Thunderbird earlier than 24.6
Links to the security advisories with details about addressed security issues:
MFSA 2014-55 Out of bounds write in NSPR
MFSA 2014-54 Buffer overflow in Gamepad API
MFSA 2014-53 Buffer overflow in Web Audio Speex resampler
MFSA 2014-52 Use-after-free with SMIL Animation Controller
MFSA 2014-51 Use-after-free in Event Listener Manager
MFSA 2014-50 Clickjacking through cursor invisability after Flash interaction
MFSA 2014-49 Use-after-free and out of bounds issues found using Address Sanitizer
MFSA 2014-48 Miscellaneous memory safety hazards (rv:30.0 / rv:24.6)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
Labels:
Firefox,
Mozilla,
security,
thunderbird,
update,
vulnerability
Wednesday, June 11, 2014
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 13.0.0.214 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 14.0.0.125
- Users of Adobe Flash Player 11.2.202.359 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.378
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of the Adobe AIR 13.0.0.111 SDK and earlier versions should update to the Adobe AIR 14.0.0.110 SDK.
- Users of the Adobe AIR 13.0.0.111 SDK & Compiler and earlier versions should update to the Adobe AIR 14.0.0.110 SDK & Compiler.
- Users of Adobe AIR 13.0.0.111 and earlier versions for Android should update to Adobe AIR 14.0.0.110.
- Users of Adobe AIR 13.0.0.111 and earlier versions for Windows and Macintosh should update to Adobe 14.0.0.110.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 13.0.0.214 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 14.0.0.125
- Users of Adobe Flash Player 11.2.202.359 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.378
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of the Adobe AIR 13.0.0.111 SDK and earlier versions should update to the Adobe AIR 14.0.0.110 SDK.
- Users of the Adobe AIR 13.0.0.111 SDK & Compiler and earlier versions should update to the Adobe AIR 14.0.0.110 SDK & Compiler.
- Users of Adobe AIR 13.0.0.111 and earlier versions for Android should update to Adobe AIR 14.0.0.110.
- Users of Adobe AIR 13.0.0.111 and earlier versions for Windows and Macintosh should update to Adobe 14.0.0.110.
More information can be read from Adobe's security bulletin.
Microsoft Security Updates For June 2014
Microsoft have released security updates for June 2014. This month update contains seven security bulletins of which two categorized as critical and five as important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Is Your Computer Infected By GameOver ZeuS?
Last week the GameOver ZeuS (GOZ) botnet was disrupted by international law enforcement together with industry partners (more information here). While the botnet was disrupted it's not dismantled. There are still over one million computers infected by GOZ. Security company F-Secure has put available a website that can be used to check if your system is affected. The site is: http://www.f-secure.com/gameoverzeus
Technical details about the check are given in the related post in F-Secure blog.
Technical details about the check are given in the related post in F-Secure blog.
Monday, June 9, 2014
Java Updated
Oracle has released an update to Java 7. Latest release is Java 7 Update 60. More information about the release here.
Friday, June 6, 2014
ESET Global Threat Report for May 2014
ESET have published a report discussing global threats of May 2014.
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. LNK/Agent.AK (2.)
3. Win32/Sality (3.)
4. HTML/ScrInject (4.)
5. INF/Autorun (5.)
6. Win32/Qhost (6.)
7. Win32/Conficker (7.)
8. Win32/Ramnit (8.)
9. Win32/TrojanDownloader.Waski (9.)
10. Win32/Dorkbot (10.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. LNK/Agent.AK (2.)
3. Win32/Sality (3.)
4. HTML/ScrInject (4.)
5. INF/Autorun (5.)
6. Win32/Qhost (6.)
7. Win32/Conficker (7.)
8. Win32/Ramnit (8.)
9. Win32/TrojanDownloader.Waski (9.)
10. Win32/Dorkbot (10.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Tuesday, May 27, 2014
Google Chrome Updated
Google have released version 35.0.1916.114 of their Chrome web browser. Among 23 security fixes and other bug fixes the new version contains some improvements.
More information about these in Google Chrome Releases blog.
More information about these in Google Chrome Releases blog.
Wednesday, May 21, 2014
ESET Global Threat Report for April 2014
ESET have published a report discussing global threats of April 2014.
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. LNK/Agent.AK (2.)
3. Win32/Sality (3.)
4. HTML/ScrInject (6.)
5. INF/Autorun (4.)
6. Win32/Qhost (5.)
7. Win32/Conficker (7.)
8. Win32/Ramnit (8.)
9. Win32/TrojanDownloader.Waski (-)
10. Win32/Dorkbot (9.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. LNK/Agent.AK (2.)
3. Win32/Sality (3.)
4. HTML/ScrInject (6.)
5. INF/Autorun (4.)
6. Win32/Qhost (5.)
7. Win32/Conficker (7.)
8. Win32/Ramnit (8.)
9. Win32/TrojanDownloader.Waski (-)
10. Win32/Dorkbot (9.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Thursday, May 15, 2014
Adobe Reader And Acrobat Security Updates
Adobe have released security updates to fix a bunch of vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.06 and earlier
Adobe Acrobat 11.0.06 and earlier
*of series X (10.x)
Adobe Reader 10.1.9 and earlier
Adobe Acrobat 10.1.9 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.06 and earlier
Adobe Acrobat 11.0.06 and earlier
*of series X (10.x)
Adobe Reader 10.1.9 and earlier
Adobe Acrobat 10.1.9 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard and Pro
Acrobat Pro Extended
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Labels:
acrobat,
adobe,
pdf reader,
security,
update,
vulnerability
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 13.0.0.206 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 13.0.0.214
- Users of Adobe Flash Player 11.2.202.356 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.359
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of the Adobe AIR 13.0.0.83 SDK and earlier versions should update to the Adobe AIR 13.0.0.111 SDK.
- Users of the Adobe AIR 13.0.0.83 SDK & Compiler and earlier versions should update to the Adobe AIR 13.0.0.111 SDK & Compiler.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 13.0.0.206 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 13.0.0.214
- Users of Adobe Flash Player 11.2.202.356 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.359
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of the Adobe AIR 13.0.0.83 SDK and earlier versions should update to the Adobe AIR 13.0.0.111 SDK.
- Users of the Adobe AIR 13.0.0.83 SDK & Compiler and earlier versions should update to the Adobe AIR 13.0.0.111 SDK & Compiler.
More information can be read from Adobe's security bulletin.
Security Fix For Adobe Illustrator Available
Adobe has released a security hotfix for Adobe Illustrator (CS6). New version fixes a critical vulnerability (CVE-2014-0513). By exploiting the vulnerability an attacker may be able to execute arbitrary code in affected system.
More information in related security bulletin.
More information in related security bulletin.
Labels:
adobe,
illustrator,
security,
update,
vulnerability
Google Chrome Updated
Google have released version 34.0.1847.137 of their Chrome web browser. Among three high categorized security fixes and other bug fixes the new version contains a new version (13.0.0.214) of Flash Player.
More information in Google Chrome Releases blog.
More information in Google Chrome Releases blog.
Tuesday, May 13, 2014
Microsoft Security Updates For May 2014
Microsoft have released security updates for May 2014. This month update contains nine security bulletins of which three categorized as critical and six as important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Friday, May 9, 2014
Microsoft Security Intelligence Report Volume 16 Released
Microsoft have released volume 16 of their Security Intelligence Report (SIR). The Security Intelligence Report (SIR) is an investigation of the current threat landscape. The report can be downloaded here.
Friday, May 2, 2014
Mozilla Product Updates Released
Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which five categorized as critical, six as high and three as moderate.
Affected products are:
- Mozilla Firefox earlier than 29
- Mozilla Firefox ESR 24.x earlier than 24.5
- Mozilla Thunderbird earlier than 24.5
- Mozilla SeaMonkey earlier than 2.26
Links to the security advisories with details about addressed security issues:
MFSA 2014-47 Debugger can bypass XrayWrappers with JavaScript
MFSA 2014-46 Use-after-free in nsHostResolve
MFSA 2014-45 Incorrect IDNA domain name matching for wildcard certificates
MFSA 2014-44 Use-after-free in imgLoader while resizing images
MFSA 2014-43 Cross-site scripting (XSS) using history navigations
MFSA 2014-42 Privilege escalation through Web Notification API
MFSA 2014-41 Out-of-bounds write in Cairo
MFSA 2014-40 Firefox for Android addressbar suppression
MFSA 2014-39 Use-after-free in the Text Track Manager for HTML video
MFSA 2014-38 Buffer overflow when using non-XBL object as XBL
MFSA 2014-37 Out of bounds read while decoding JPG images
MFSA 2014-36 Web Audio memory corruption issues
MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service Installer
MFSA 2014-34 Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Affected products are:
- Mozilla Firefox earlier than 29
- Mozilla Firefox ESR 24.x earlier than 24.5
- Mozilla Thunderbird earlier than 24.5
- Mozilla SeaMonkey earlier than 2.26
Links to the security advisories with details about addressed security issues:
MFSA 2014-47 Debugger can bypass XrayWrappers with JavaScript
MFSA 2014-46 Use-after-free in nsHostResolve
MFSA 2014-45 Incorrect IDNA domain name matching for wildcard certificates
MFSA 2014-44 Use-after-free in imgLoader while resizing images
MFSA 2014-43 Cross-site scripting (XSS) using history navigations
MFSA 2014-42 Privilege escalation through Web Notification API
MFSA 2014-41 Out-of-bounds write in Cairo
MFSA 2014-40 Firefox for Android addressbar suppression
MFSA 2014-39 Use-after-free in the Text Track Manager for HTML video
MFSA 2014-38 Buffer overflow when using non-XBL object as XBL
MFSA 2014-37 Out of bounds read while decoding JPG images
MFSA 2014-36 Web Audio memory corruption issues
MFSA 2014-35 Privilege escalation through Mozilla Maintenance Service Installer
MFSA 2014-34 Miscellaneous memory safety hazards (rv:29.0 / rv:24.5)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Labels:
Firefox,
Mozilla,
seamonkey,
security,
thunderbird,
update,
vulnerability
Tuesday, April 29, 2014
Adobe Flash Player Updates Available
Adobe have released updated versions of their Flash Player. The new versions fix critical categorized vulnerability (CVE-2014-0515).
Affected versions:
- Users of Adobe Flash Player 13.0.0.182 and earlier versions for Windows Internet Explorer should update to Adobe Flash Player 13.0.0.206.
- Users of Adobe Flash Player 13.0.0.201 and earlier versions for Macintosh should update to Adobe Flash Player 13.0.0.206.
- Users of Adobe Flash Player 11.2.202.350 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.356.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 13.0.0.182 and earlier versions for Windows Internet Explorer should update to Adobe Flash Player 13.0.0.206.
- Users of Adobe Flash Player 13.0.0.201 and earlier versions for Macintosh should update to Adobe Flash Player 13.0.0.206.
- Users of Adobe Flash Player 11.2.202.350 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.356.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Vulnerability In Internet Explorer
Microsoft is aware of a vulnerability affecting Internet Explorer web browser 6-11 versions. The vulnerability (CVE-2014-1776) could allow remote code execution if a user opens a specially crafted website using an affected version of Internet Explorer.
At the moment there is no patch for the vulnerability available. For a workaround and more information please see the related security advisory.
At the moment there is no patch for the vulnerability available. For a workaround and more information please see the related security advisory.
Labels:
internet explorer,
Microsoft,
security,
vulnerability
Friday, April 25, 2014
Google Chrome Updated
Google have released version 34.0.1847.131 of their Chrome web browser. Among other bug fixes the new version contains a new version (13.0.0.206) of Flash Player.
More information in Google Chrome Releases blog.
More information in Google Chrome Releases blog.
Monday, April 21, 2014
Oracle Critical Patch Update For Q2 of 2014
Oracle have released updates for their products that fix 104 security issues (including 37 Java fixes) in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in July 2014.
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in July 2014.
Friday, April 18, 2014
Vulnerability In Wireshark
There has been found a vulnerability in Wireshark, free open source program for analyzing network protocols. By exploiting the vulnerability an attacker may be able to make Wireshark crash, hang, or execute code by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file.
Vulnerable versions are: 1.10.0 - 1.10.3
Non vulnerable version of Wireshark can be downloaded here.
More information can be read from the related advisory.
Vulnerable versions are: 1.10.0 - 1.10.3
Non vulnerable version of Wireshark can be downloaded here.
More information can be read from the related advisory.
Tuesday, April 15, 2014
ESET Global Threat Report for March 2014
ESET have published a report discussing global threats of March 2014.
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. LNK/Agent.AK (2.)
3. Win32/Sality (3.)
4. INF/Autorun (4.)
5. Win32/Qhost (5.)
6. HTML/ScrInject (6.)
7. Win32/Conficker (8.)
8. Win32/Ramnit (7.)
9. Win32/Dorkbot (9.)
10. JS/Fbook (-)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. LNK/Agent.AK (2.)
3. Win32/Sality (3.)
4. INF/Autorun (4.)
5. Win32/Qhost (5.)
6. HTML/ScrInject (6.)
7. Win32/Conficker (8.)
8. Win32/Ramnit (7.)
9. Win32/Dorkbot (9.)
10. JS/Fbook (-)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Friday, April 11, 2014
Google Chrome Updated
Google have released version 34.0.1847.116 of their Chrome web browser. Among other bug fixes the new version contains fixes to 31 security issues and also a new version (13.0.0.182) of Flash Player.
More information in Google Chrome Releases blog.
More information in Google Chrome Releases blog.
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 12.0.0.77 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 13.0.0.182
- Users of Adobe Flash Player 11.2.202.346 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.350
- For users of Flash Player 11.7.700.272 and earlier versions for Windows and Macintosh, who cannot update to Flash Player 13.0.0.182, Adobe has made available the update Flash Player 11.7.700.275, which can be downloaded here. Beginning May 13, 2014, Adobe Flash Player 13 for Mac and Windows will replace version 11.7 as the extended support version. Adobe recommends users upgrade to version 13 to continue to receive security updates. See this blog post for further details.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of Adobe AIR 4.0.0.1628 and earlier versions for Android should update to Adobe AIR 13.0.0.83.
- Users of the Adobe AIR 4.0.0.1628 SDK and earlier versions should update to the Adobe AIR 13.0.0.83 SDK.
- Users of the Adobe AIR 4.0.0.1628 SDK & Compiler and earlier versions should update to the Adobe AIR 13.0.0.83 SDK & Compiler.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 12.0.0.77 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 13.0.0.182
- Users of Adobe Flash Player 11.2.202.346 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.350
- For users of Flash Player 11.7.700.272 and earlier versions for Windows and Macintosh, who cannot update to Flash Player 13.0.0.182, Adobe has made available the update Flash Player 11.7.700.275, which can be downloaded here. Beginning May 13, 2014, Adobe Flash Player 13 for Mac and Windows will replace version 11.7 as the extended support version. Adobe recommends users upgrade to version 13 to continue to receive security updates. See this blog post for further details.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of Adobe AIR 4.0.0.1628 and earlier versions for Android should update to Adobe AIR 13.0.0.83.
- Users of the Adobe AIR 4.0.0.1628 SDK and earlier versions should update to the Adobe AIR 13.0.0.83 SDK.
- Users of the Adobe AIR 4.0.0.1628 SDK & Compiler and earlier versions should update to the Adobe AIR 13.0.0.83 SDK & Compiler.
More information can be read from Adobe's security bulletin.
Wednesday, April 9, 2014
Microsoft Security Updates For April 2014
Microsoft have released security updates for April 2014. This month update contains four security bulletins of which two categorized as critical and two as important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Monday, April 7, 2014
What To Do With Computers Equipped With Windows XP?
Support for Windows XP is ending on April 8 2014. That means no new security patches for Windows XP will be released after that date. What to do if upgrading to a new operating system is not possible of a reason or another?
Here are some links about the subject:
http://betanews.com/2014/03/12/forced-to-use-windows-xp-past-april-10-ways-to-make-the-best-of-a-bad-situation/
http://www.technibble.com/windows-xp-support-ends-in-april-2014-what-technicians-need-to-know/
http://www.pcworld.com/article/2102606/how-to-keep-your-pc-secure-when-microsoft-ends-windows-xp-support.html
Here are some links about the subject:
http://betanews.com/2014/03/12/forced-to-use-windows-xp-past-april-10-ways-to-make-the-best-of-a-bad-situation/
http://www.technibble.com/windows-xp-support-ends-in-april-2014-what-technicians-need-to-know/
http://www.pcworld.com/article/2102606/how-to-keep-your-pc-secure-when-microsoft-ends-windows-xp-support.html
Sunday, March 30, 2014
Vulnerability In Microsoft Word
Microsoft is aware of a vulnerability affecting supported versions of Microsoft Word. The vulnerability (CVE-2014-1761) could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer. By exploiting the vulnerability successfully an attacker may be able to execute arbitrary code in affected system.
Affected are:
Microsoft Word 2003 Service Pack 3
Microsoft Word 2007 Service Pack 3
Microsoft Word 2010 Service Pack 1 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 1 (64-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2013 (32-bit editions)
Microsoft Word 2013 (64-bit editions)
Microsoft Word 2013 RT
Microsoft Word Viewer
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Office for Mac 2011
Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 1
Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
Word Automation Services on Microsoft SharePoint Server 2013
Microsoft Office Web Apps 2010 Service Pack 1
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps Server 2013
At the moment there is no patch for the vulnerability available. For a workaround and more information please see the related security advisory.
Affected are:
Microsoft Word 2003 Service Pack 3
Microsoft Word 2007 Service Pack 3
Microsoft Word 2010 Service Pack 1 (32-bit editions)
Microsoft Word 2010 Service Pack 2 (32-bit editions)
Microsoft Word 2010 Service Pack 1 (64-bit editions)
Microsoft Word 2010 Service Pack 2 (64-bit editions)
Microsoft Word 2013 (32-bit editions)
Microsoft Word 2013 (64-bit editions)
Microsoft Word 2013 RT
Microsoft Word Viewer
Microsoft Office Compatibility Pack Service Pack 3
Microsoft Office for Mac 2011
Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 1
Word Automation Services on Microsoft SharePoint Server 2010 Service Pack 2
Word Automation Services on Microsoft SharePoint Server 2013
Microsoft Office Web Apps 2010 Service Pack 1
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps Server 2013
At the moment there is no patch for the vulnerability available. For a workaround and more information please see the related security advisory.
Friday, March 28, 2014
ESET Global Threat Report for February 2014
ESET have published a report discussing global threats of February 2014.
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. LNK/Agent.AK (5.)
3. Win32/Sality (2.)
4. INF/Autorun (4.)
5. Win32/Qhost (9.)
6. HTML/ScrInject (3.)
7. Win32/Ramnit (6.)
8. Win32/Conficker (7.)
9. Win32/Dorkbot (10.)
10. Win32/TrojanDownloader.Waski (-)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. LNK/Agent.AK (5.)
3. Win32/Sality (2.)
4. INF/Autorun (4.)
5. Win32/Qhost (9.)
6. HTML/ScrInject (3.)
7. Win32/Ramnit (6.)
8. Win32/Conficker (7.)
9. Win32/Dorkbot (10.)
10. Win32/TrojanDownloader.Waski (-)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Thursday, March 20, 2014
Mozilla Product Updates Released
Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which five categorized as critical, three as high, seven as moderate and three as low.
Affected products are:
- Mozilla Firefox earlier than 28
- Mozilla Firefox ESR 24.x earlier than 24.4
- Mozilla Thunderbird earlier than 24.4
- Mozilla SeaMonkey earlier than 2.25
Links to the security advisories with details about addressed security issues:
MFSA 2014-32 Out-of-bounds write through TypedArrayObject after neutering
MFSA 2014-31 Out-of-bounds read/write through neutering ArrayBuffer objects
MFSA 2014-30 Use-after-free in TypeObject
MFSA 2014-29 Privilege escalation using WebIDL-implemented APIs
MFSA 2014-28 SVG filters information disclosure through feDisplacementMap
MFSA 2014-27 Memory corruption in Cairo during PDF font rendering
MFSA 2014-26 Information disclosure through polygon rendering in MathML
MFSA 2014-25 Firefox OS DeviceStorageFile object vulnerable to relative path escape
MFSA 2014-24 Android Crash Reporter open to manipulation
MFSA 2014-23 Content Security Policy for data: documents not preserved by session restore
MFSA 2014-22 WebGL content injection from one domain to rendering in another
MFSA 2014-21 Local file access via Open Link in new tab
MFSA 2014-20 onbeforeunload and Javascript navigation DOS
MFSA 2014-19 Spoofing attack on WebRTC permission prompt
MFSA 2014-18 crypto.generateCRMFRequest does not validate type of key
MFSA 2014-17 Out of bounds read during WAV file decoding
MFSA 2014-16 Files extracted during updates are not always read only
MFSA 2014-15 Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Affected products are:
- Mozilla Firefox earlier than 28
- Mozilla Firefox ESR 24.x earlier than 24.4
- Mozilla Thunderbird earlier than 24.4
- Mozilla SeaMonkey earlier than 2.25
Links to the security advisories with details about addressed security issues:
MFSA 2014-32 Out-of-bounds write through TypedArrayObject after neutering
MFSA 2014-31 Out-of-bounds read/write through neutering ArrayBuffer objects
MFSA 2014-30 Use-after-free in TypeObject
MFSA 2014-29 Privilege escalation using WebIDL-implemented APIs
MFSA 2014-28 SVG filters information disclosure through feDisplacementMap
MFSA 2014-27 Memory corruption in Cairo during PDF font rendering
MFSA 2014-26 Information disclosure through polygon rendering in MathML
MFSA 2014-25 Firefox OS DeviceStorageFile object vulnerable to relative path escape
MFSA 2014-24 Android Crash Reporter open to manipulation
MFSA 2014-23 Content Security Policy for data: documents not preserved by session restore
MFSA 2014-22 WebGL content injection from one domain to rendering in another
MFSA 2014-21 Local file access via Open Link in new tab
MFSA 2014-20 onbeforeunload and Javascript navigation DOS
MFSA 2014-19 Spoofing attack on WebRTC permission prompt
MFSA 2014-18 crypto.generateCRMFRequest does not validate type of key
MFSA 2014-17 Out of bounds read during WAV file decoding
MFSA 2014-16 Files extracted during updates are not always read only
MFSA 2014-15 Miscellaneous memory safety hazards (rv:28.0 / rv:24.4)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Labels:
Firefox,
Mozilla,
seamonkey,
security,
thunderbird,
update,
vulnerability
Friday, March 14, 2014
Google Chrome Updated
Google have released version 33.0.1750.149 of their Chrome web browser. Among other bug fixes the new version contains fixes to seven security issues and also a new version (12.0.0.77) of Flash Player.
More information in Google Chrome Releases blog.
More information in Google Chrome Releases blog.
Shockwave Player Update Available
Adobe have released an updated version of their Shockwave Player. The new version fixes security vulnerability that may allow an attacker to run arbitrary code on the affected system. The update is categorized as critical with priority level as 2.
Users of Adobe Shockwave Player 12.0.9.149 and earlier should update to Adobe Shockwave Player 12.1.0.150.
More about fixed vulnerabilities and other information can be read from Adobe's security bulletin.
Users of Adobe Shockwave Player 12.0.9.149 and earlier should update to Adobe Shockwave Player 12.1.0.150.
More about fixed vulnerabilities and other information can be read from Adobe's security bulletin.
Labels:
adobe,
security,
shockwave player,
update,
vulnerability
Adobe Flash Player Updates Available
Adobe have released updated versions of their Flash Player. The new versions fix important categorized vulnerabilities.
Affected versions:
- Users of Adobe Flash Player 12.0.0.70 and earlier versions for Windows Internet Explorer should update to Adobe Flash Player 12.0.0.77.
- Users of Adobe Flash Player 12.0.0.70 and earlier versions for Macintosh should update to Adobe Flash Player 12.0.0.77.
- Users of Adobe Flash Player 11.2.202.341 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.346.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 12.0.0.70 and earlier versions for Windows Internet Explorer should update to Adobe Flash Player 12.0.0.77.
- Users of Adobe Flash Player 12.0.0.70 and earlier versions for Macintosh should update to Adobe Flash Player 12.0.0.77.
- Users of Adobe Flash Player 11.2.202.341 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.346.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Wednesday, March 12, 2014
Microsoft Security Updates For March 2014
Microsoft have released security updates for March 2014. This month update contains five security bulletins of which two categorized as critical and three as important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Monday, March 10, 2014
PHP Versions 5.5.10 and 5.4.26 Released
PHP development team has released 5.5.10 and 5.4.26 versions of the PHP scripting language. New versions contain 11 bug fixes. All PHP users are recommended to upgrade their versions to the latest release of the correspondent branch.
Version 5.5.10 Changelog
Version 5.4.26 Changelog
Version 5.5.10 Changelog
Version 5.4.26 Changelog
Tuesday, March 4, 2014
Symantec Intelligence Report: January 2014
Symantec have published their Intelligence report that sums up the latest threat trends for January 2014.
Report highlights:
- The number of identities exposed in the last 12 months has passed 500 million. This is largely due to two large breaches, that each reported over 100 million identities exposed.
- Targeted attacks are up to their highest level since August of last year, after what appears to be average-to-low attack numbers over the last four months.
- In other news, spam and phishing rates are down slightly in January, while email virus rates are at their lowest levels since October of last year.
The report (in PDF format) can be viewed here.
Report highlights:
- The number of identities exposed in the last 12 months has passed 500 million. This is largely due to two large breaches, that each reported over 100 million identities exposed.
- Targeted attacks are up to their highest level since August of last year, after what appears to be average-to-low attack numbers over the last four months.
- In other news, spam and phishing rates are down slightly in January, while email virus rates are at their lowest levels since October of last year.
The report (in PDF format) can be viewed here.
ESET Global Threat Report for January 2014
ESET have published a report discussing global threats of January 2014.
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. Win32/Sality (3.)
3. HTML/ScrInject (5.)
4. INF/Autorun (4.)
5. LNK/Agent.AK (2.)
6. Win32/Ramnit (8.)
7. Win32/Conficker (6.)
8. JS/Fbook (-)
9. Win32/Qhost (-)
10. Win32/Dorkbot (7.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. Win32/Sality (3.)
3. HTML/ScrInject (5.)
4. INF/Autorun (4.)
5. LNK/Agent.AK (2.)
6. Win32/Ramnit (8.)
7. Win32/Conficker (6.)
8. JS/Fbook (-)
9. Win32/Qhost (-)
10. Win32/Dorkbot (7.)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Friday, February 28, 2014
QuickTime 7.7.5 Released
Apple have released a new version of their QuickTime. Version 7.7.5 contains fixes for a bunch of vulnerabilities that could be exploited to run arbitrary code in target system.
QuickTime users with version older than 7.7.5 should update to the latest one available.
More information about security content of QuickTime 7.7.5 can be read here.
QuickTime users with version older than 7.7.5 should update to the latest one available.
More information about security content of QuickTime 7.7.5 can be read here.
Tuesday, February 25, 2014
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 12.0.0.70
- Users of Adobe Flash Player 11.2.202.336 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.341.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of Adobe AIR 4.0.0.1390 and earlier versions for Android should update to Adobe AIR 4.0.0.1628.
- Users of the Adobe AIR 4.0.0.1390 SDK and earlier versions should update to the Adobe AIR 4.0.0.1628 SDK.
- Users of the Adobe AIR 4.0.0.1390 SDK & Compiler and earlier versions should update to the Adobe AIR 4.0.0.1628 SDK & Compiler.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh should update to Adobe Flash Player 12.0.0.70
- Users of Adobe Flash Player 11.2.202.336 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.341.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of Adobe AIR 4.0.0.1390 and earlier versions for Android should update to Adobe AIR 4.0.0.1628.
- Users of the Adobe AIR 4.0.0.1390 SDK and earlier versions should update to the Adobe AIR 4.0.0.1628 SDK.
- Users of the Adobe AIR 4.0.0.1390 SDK & Compiler and earlier versions should update to the Adobe AIR 4.0.0.1628 SDK & Compiler.
More information can be read from Adobe's security bulletin.
Saturday, February 22, 2014
Google Chrome Updated
Google have released version 33.0.1750.117 of their Chrome web browser. Among other bug fixes the new version contains fixes to 28 security issues.
More information in Google Chrome Releases blog.
More information in Google Chrome Releases blog.
Vulnerability In Internet Explorer
Microsoft is aware of limited, targeted attacks attempting exploit a vulnerability in Internet Explorer. By exploiting the vulnerability successfully an attacker may be able to execute arbitrary code in affected system.
Affected are:
Internet Explorer 9 and 10 versions
At the moment there is no patch for the vulnerability available. For a workaround and more information please see the related security advisory.
Affected are:
Internet Explorer 9 and 10 versions
At the moment there is no patch for the vulnerability available. For a workaround and more information please see the related security advisory.
Labels:
internet explorer,
Microsoft,
security,
vulnerability
Monday, February 17, 2014
PHP Versions 5.5.9 and 5.4.25 Released
PHP development team has released 5.5.9 and 5.4.25 versions of the PHP scripting language. New versions contain 17 bug fixes, including one fixing a heap overflow vulnerability in imagecrop() (CVE-2013-7226). All PHP users are recommended to upgrade their versions to the latest release of the correspondent branch.
Version 5.5.9 Changelog
Version 5.4.25 Changelog
Version 5.5.9 Changelog
Version 5.4.25 Changelog
Thursday, February 13, 2014
Shockwave Player Update Available
Adobe have released an updated version of their Shockwave Player. The new version fixes security vulnerabilities that may allow an attacker to run arbitrary code on the affected system. The update is categorized as critical with priority level as 1.
Users of Adobe Shockwave Player 12.0.7.148 and earlier should update to Adobe Shockwave Player 12.0.9.149.
More about fixed vulnerabilities and other information can be read from Adobe's security bulletin.
Users of Adobe Shockwave Player 12.0.7.148 and earlier should update to Adobe Shockwave Player 12.0.9.149.
More about fixed vulnerabilities and other information can be read from Adobe's security bulletin.
Microsoft Security Updates For February 2014
Microsoft have released security updates for February 2014. This month update contains seven security bulletins of which four categorized as critical and three as important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Wednesday, February 5, 2014
Adobe Flash Player Updates Available
Adobe have released updated versions of their Flash Player. The new versions fix critical vulnerability that could potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 12.0.0.43 and earlier versions for Windows Internet Explorer should update to Adobe Flash Player 12.0.0.44.
- Users of Adobe Flash Player 12.0.0.43 and earlier versions for Macintosh should update to Adobe Flash Player 12.0.0.44.
- Users of Adobe Flash Player 11.2.202.335 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.336.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 12.0.0.43 and earlier versions for Windows Internet Explorer should update to Adobe Flash Player 12.0.0.44.
- Users of Adobe Flash Player 12.0.0.43 and earlier versions for Macintosh should update to Adobe Flash Player 12.0.0.44.
- Users of Adobe Flash Player 11.2.202.335 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.336.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Mozilla Product Updates Released
Mozilla have released updates to Firefox and Seamonkey browsers and Thunderbird email client to address a bunch of vulnerabilities of which four categorized as critical, four as high, four as moderate and one as low.
Affected products are:
- Mozilla Firefox earlier than 27
- Mozilla Firefox ESR 24.x earlier than 24.3
- Mozilla Thunderbird earlier than 24.3
- Mozilla SeaMonkey earlier than 2.24
Links to the security advisories with details about addressed security issues:
MFSA 2014-13 Inconsistent JavaScript handling of access to Window objects
MFSA 2014-12 NSS ticket handling issues
MFSA 2014-11 Crash when using web workers with asm.js
MFSA 2014-10 Firefox default start page UI content invokable by script
MFSA 2014-09 Cross-origin information leak through web workers
MFSA 2014-08 Use-after-free with imgRequestProxy and image proccessing
MFSA 2014-07 XSLT stylesheets treated as styles in Content Security Policy
MFSA 2014-06 Profile path leaks to Android system log
MFSA 2014-05 Information disclosure with *FromPoint on iframes
MFSA 2014-04 Incorrect use of discarded images by RasterImage
MFSA 2014-03 UI selection timeout missing on download prompts
MFSA 2014-02 Clone protected content with XBL scopes
MFSA 2014-01 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Affected products are:
- Mozilla Firefox earlier than 27
- Mozilla Firefox ESR 24.x earlier than 24.3
- Mozilla Thunderbird earlier than 24.3
- Mozilla SeaMonkey earlier than 2.24
Links to the security advisories with details about addressed security issues:
MFSA 2014-13 Inconsistent JavaScript handling of access to Window objects
MFSA 2014-12 NSS ticket handling issues
MFSA 2014-11 Crash when using web workers with asm.js
MFSA 2014-10 Firefox default start page UI content invokable by script
MFSA 2014-09 Cross-origin information leak through web workers
MFSA 2014-08 Use-after-free with imgRequestProxy and image proccessing
MFSA 2014-07 XSLT stylesheets treated as styles in Content Security Policy
MFSA 2014-06 Profile path leaks to Android system log
MFSA 2014-05 Information disclosure with *FromPoint on iframes
MFSA 2014-04 Incorrect use of discarded images by RasterImage
MFSA 2014-03 UI selection timeout missing on download prompts
MFSA 2014-02 Clone protected content with XBL scopes
MFSA 2014-01 Miscellaneous memory safety hazards (rv:27.0 / rv:24.3)
Fresh versions can be obtained via inbuilt updater or by downloading from the product site:
Firefox
Thunderbird
SeaMonkey
Labels:
Firefox,
Mozilla,
seamonkey,
security,
thunderbird,
update,
vulnerability
Saturday, February 1, 2014
Google Chrome Updated
Google have released version 32.0.1700.102 of their Chrome web browser. Among other bug fixes the new version contains fixes to 14 security issues.
More information in Google Chrome Releases blog.
More information in Google Chrome Releases blog.
Monday, January 27, 2014
ITunes 11.1.4 Released
Apple have released version 11.1.4 of their iTunes media player. New version fixes a bunch of security vulnerabilities.
More information about the security content of iTunes 11.1.4 can be read from related security advisory.
Old version users should update to the latest one available.
More information about the security content of iTunes 11.1.4 can be read from related security advisory.
Old version users should update to the latest one available.
Sunday, January 26, 2014
Symantec Intelligence Report: December 2013
Symantec have published their Intelligence report that sums up the latest threat trends for December 2013.
Report highlights:
- The email virus rate increased for the second month in a row, reaching an annual high of one in 164 emails.
- Two out of every five targeted attacks occurred in Service industry categories during December.
- The overall number of data breaches reported is up, though many of those reported in December occurred in previous months.
The report (in PDF format) can be viewed here.
Report highlights:
- The email virus rate increased for the second month in a row, reaching an annual high of one in 164 emails.
- Two out of every five targeted attacks occurred in Service industry categories during December.
- The overall number of data breaches reported is up, though many of those reported in December occurred in previous months.
The report (in PDF format) can be viewed here.
Tuesday, January 21, 2014
VMWare Updates Available
VMware has released security update to patch a bunch of vulnerabilities in their virtualization applications.
Affected versions:
- VMware Workstation 9.x prior to version 9.0
- VMware Player 5.x prior to version 5.0
- VMware Fusion 5.x prior to version 5.0
- VMware ESXi 5.1 without patch ESXi510-201401101
- VMware ESXi 5.0 without patch ESXi500-201310101
- VMware ESXi 4.1 without patch ESXi410-201312401
- VMware ESXi 4.0 without patch ESXi400-201310401
- VMware ESX 4.1 without patch ESX410-201312401
- VMware ESX 4.0 without patch ESX400-201310401
- vCloud Director 5.1.x prior to version 5.1.3
Further information including updating instructions can be read from VMware's security advisory.
Affected versions:
- VMware Workstation 9.x prior to version 9.0
- VMware Player 5.x prior to version 5.0
- VMware Fusion 5.x prior to version 5.0
- VMware ESXi 5.1 without patch ESXi510-201401101
- VMware ESXi 5.0 without patch ESXi500-201310101
- VMware ESXi 4.1 without patch ESXi410-201312401
- VMware ESXi 4.0 without patch ESXi400-201310401
- VMware ESX 4.1 without patch ESX410-201312401
- VMware ESX 4.0 without patch ESX400-201310401
- vCloud Director 5.1.x prior to version 5.1.3
Further information including updating instructions can be read from VMware's security advisory.
Friday, January 17, 2014
Adobe Flash Player And Adobe AIR Updates Available
Adobe have released updated versions of their Flash Player and AIR. The new versions fix critical vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system.
Affected versions:
- Users of Adobe Flash Player 11.9.900.170 and earlier versions for Windows Internet Explorer should update to Adobe Flash Player 12.0.0.38.
- Users of Adobe Flash Player 11.9.900.170 and earlier versions for NPAPI plugin-based browsers on Windows should update to Adobe Flash Player 12.0.0.43
- Users of Adobe Flash Player 11.9.900.170 and earlier versions for Macintosh should update to Adobe Flash Player 12.0.0.38.
- Users of Adobe Flash Player 11.2.202.332 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.335.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of Adobe AIR 3.9.0.1380 and earlier versions for Windows and Macintosh should update to Adobe AIR 4.0.0.1390.
- Users of Adobe AIR 3.9.0.1380 and earlier versions for Android should update to Adobe AIR 4.0.0.1390.
- Users of the Adobe AIR 3.9.0.1380 SDK and earlier versions should update to the Adobe AIR 4.0.0.1390 SDK.
- Users of the Adobe AIR 3.9.0.1380 SDK & Compiler and earlier versions should update to the Adobe AIR 4.0.0.1390 SDK & Compiler.
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 11.9.900.170 and earlier versions for Windows Internet Explorer should update to Adobe Flash Player 12.0.0.38.
- Users of Adobe Flash Player 11.9.900.170 and earlier versions for NPAPI plugin-based browsers on Windows should update to Adobe Flash Player 12.0.0.43
- Users of Adobe Flash Player 11.9.900.170 and earlier versions for Macintosh should update to Adobe Flash Player 12.0.0.38.
- Users of Adobe Flash Player 11.2.202.332 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.335.
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 10 and 11 (on Windows 8.0 and Windows 8.1) will be updated via Windows Update
- Users of Adobe AIR 3.9.0.1380 and earlier versions for Windows and Macintosh should update to Adobe AIR 4.0.0.1390.
- Users of Adobe AIR 3.9.0.1380 and earlier versions for Android should update to Adobe AIR 4.0.0.1390.
- Users of the Adobe AIR 3.9.0.1380 SDK and earlier versions should update to the Adobe AIR 4.0.0.1390 SDK.
- Users of the Adobe AIR 3.9.0.1380 SDK & Compiler and earlier versions should update to the Adobe AIR 4.0.0.1390 SDK & Compiler.
More information can be read from Adobe's security bulletin.
Adobe Reader And Acrobat Security Updates
Adobe have released security updates to fix a bunch of vulnerabilities in their PDF products, Adobe Reader and Adobe Acrobat.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.05 and earlier
Adobe Acrobat 11.0.05 and earlier
*of series X (10.x)
Adobe Reader 10.1.8 and earlier
Adobe Acrobat 10.1.8 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard, Pro and Extended
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Affected versions:
*of series XI (11.x)
Adobe Reader 11.0.05 and earlier
Adobe Acrobat 11.0.05 and earlier
*of series X (10.x)
Adobe Reader 10.1.8 and earlier
Adobe Acrobat 10.1.8 and earlier
Users of vulnerable versions are instructed to update their versions either by using automatic update functionality or by downloading fresh version manually. The default installation configuration runs automatic updates on a regular schedule and can be manually activated by choosing Help > Check for Updates.
Those who want to upgrade manually, can download the latest versions of the links below:
Adobe Reader
Acrobat Standard, Pro and Extended
More information about fixed vulnerabilities can be read from Adobe's security bulletin.
Labels:
acrobat,
adobe,
pdf reader,
security,
update,
vulnerability
Wednesday, January 15, 2014
Oracle Critical Patch Update For Q1 of 2014
Oracle have released updates for their products that fix 144 security issues (including 36 Java fixes) in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in April 2014.
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in April 2014.
Microsoft Security Updates For January 2014
Microsoft have released security updates for January 2014. This month update contains four security bulletins of which all categorized as important.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
A new version of Windows Malicious Software Removal Tool (MSRT) was released too.
More information can be read from the bulletin summary.
Tuesday, January 14, 2014
Google Chrome Updated
Google have released version 32.0.1700.76 of their Chrome web browser. Among other bug fixes the new version contains fixes to 21 security issues. Flash Player in Chrome is updated too.
More information in Google Chrome Releases blog.
More information in Google Chrome Releases blog.
Thursday, January 9, 2014
ESET Global Threat Report for December 2013
ESET have published a report discussing global threats of December 2013.
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. LNK/Agent.AK (2.)
3. Win32/Sality (3.)
4. INF/Autorun (4.)
5. HTML/ScrInject (5.)
6. Win32/Conficker (7.)
7. Win32/Dorkbot (6.)
8. Win32/Ramnit (9.)
9. Win32/TrojanDownloader.Wauchos (-)
10. Win32/Virut (-)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
TOP 10 threats list (previous ranking listed too):
1. WIN32/Bundpil (1.)
2. LNK/Agent.AK (2.)
3. Win32/Sality (3.)
4. INF/Autorun (4.)
5. HTML/ScrInject (5.)
6. Win32/Conficker (7.)
7. Win32/Dorkbot (6.)
8. Win32/Ramnit (9.)
9. Win32/TrojanDownloader.Wauchos (-)
10. Win32/Virut (-)
Complete report (with a description about each of the above listed threats) can be downloaded here (in PDF format).
Drive-by Download Attacks: Examining the Web Server Platforms Attackers Use Most Often
Drive-by download attacks is one of the most common ways to infect affected system with malware. Tim Rains, the Director of Trustworthy Computing at Microsoft, have written interesting blog post titled as "Drive-by Download Attacks: Examining the Web Server Platforms Attackers Use Most Often". It can be read here.
Saturday, January 4, 2014
CryptoLocker Malware Spreading Via Removable Drives
Ransoms asking malware, named as CryptoLocker, raised its head first time on fall. Security company Trend Micro write in their blog about a new CryptoLocker variant that is able to spread via removable drives. The blog post can be read here.
Trend Micro have collected an info guide about defending against CryptoLocker.
Trend Micro have collected an info guide about defending against CryptoLocker.
Subscribe to:
Posts (Atom)