Mozilla have released an updated version of their Thunderbird email client containing fixes to security vulnerabilities. Some of the fixed vulnerabilities are categorized as critical.
Affected versions:
Mozilla Thunderbird versions earlier than 52.6
Fresh version can be obtained via inbuilt updater or by downloading from the product site.
Friday, January 26, 2018
Google Chrome Updated
Google have released a version 64.0.3282.119 of their Chrome web browser. New version contains 53 security fixes. More information about changes in Google Chrome Releases blog.
ITunes 12.7.3 Released
Apple have released version 12.7.3 of their iTunes media player. New version fixes security vulnerabilities.
More information about the security content of iTunes 12.7.3 can be read from related security advisory.
Users of old versions should update to the latest one available.
More information about the security content of iTunes 12.7.3 can be read from related security advisory.
Users of old versions should update to the latest one available.
New Version Of iCloud For Windows Released
Apple have released version 7.3 of their iCloud client for Windows. New version fixes security vulnerabilities.
More information about the security content of iCloud for Windows 7.3 can be read from related security advisory.
Users of old versions should update to the latest one available here.
More information about the security content of iCloud for Windows 7.3 can be read from related security advisory.
Users of old versions should update to the latest one available here.
Tuesday, January 23, 2018
Mozilla Firefox Updated
Friday, January 19, 2018
Oracle Critical Patch Update For Q1 of 2018
Oracle have released updates for their products that fix 238 security issues (including 21 Java fixes) in total. The updates are a part of Oracle's quarterly released critical patch update (CPU).
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in April 2018.
Detailed list of vulnerabilities with patching instructions can be read from Oracle CPU Advisory.
Next Oracle CPU is planned to be released in April 2018.
WordPress 4.9.2 Released
There has been released a new version of WordPress (blogging tool and content management system) which contains updates to security vulnerabilities. It's also recommended to check if there are any updates available for WordPress extensions in use. Also, it's recommended to disable those extensions that are not needed.
Affected versions:
WordPress versions earlier than 4.9.2
More information can be read from the WordPress blog.
Affected versions:
WordPress versions earlier than 4.9.2
More information can be read from the WordPress blog.
Saturday, January 13, 2018
VMware Updates Available
VMware has released security updates to patch use-after-free and integer-overflow vulnerabilities in their virtualization applications.
Affected versions:
- VMware Workstation Pro / Player 14.x versions earlier than 14.1.1
- VMware Workstation Pro / Player 12.x versions earlier than 12.5.9
- VMware Fusion Pro / Fusion 10.x versions earlier than 10.1.1
- VMware Fusion Pro / Fusion 8.x versions earlier than 8.5.10
Further information including updating instructions can be read from VMware's security advisory.
Affected versions:
- VMware Workstation Pro / Player 14.x versions earlier than 14.1.1
- VMware Workstation Pro / Player 12.x versions earlier than 12.5.9
- VMware Fusion Pro / Fusion 10.x versions earlier than 10.1.1
- VMware Fusion Pro / Fusion 8.x versions earlier than 8.5.10
Further information including updating instructions can be read from VMware's security advisory.
Adobe Flash Player Updated
Adobe have released updated versions of their Flash Player. The new versions fix an important out-of-bounds vulnerability that could lead to information exposure.
Affected versions:
- Users of Adobe Flash Player 28.0.0.126 and earlier versions for Windows should update to Adobe Flash Player 28.0.0.137
- Users of Adobe Flash Player 28.0.0.126 and earlier versions for Macintosh should update to Adobe Flash Player 28.0.0.137
- Users of Adobe Flash Player 28.0.0.126 and earlier versions for Linux should update to Adobe Flash Player 28.0.0.137
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Affected versions:
- Users of Adobe Flash Player 28.0.0.126 and earlier versions for Windows should update to Adobe Flash Player 28.0.0.137
- Users of Adobe Flash Player 28.0.0.126 and earlier versions for Macintosh should update to Adobe Flash Player 28.0.0.137
- Users of Adobe Flash Player 28.0.0.126 and earlier versions for Linux should update to Adobe Flash Player 28.0.0.137
- Flash Player integrated with Google Chrome will be updated by Google via Chrome update
- Flash Player integrated with Internet Explorer 11 (on Windows 8.1 and Windows 10) and Microsoft Edge (Windows 10) will be updated via Windows Update
More information can be read from Adobe's security bulletin.
Sunday, January 7, 2018
Symantec Intelligence Report: December 2017
Symantec have published their Intelligence report that sums up the latest threat trends for December 2017.
The report can be viewed here.
The report can be viewed here.
New PHP Versions Released
PHP development team has released 7.2.1, 7.1.13, 7.0.27 and 5.6.33 versions of the PHP scripting language. All PHP users are recommended to upgrade their versions to the latest release of the correspondent branch.
Changelogs:
Version 7.2.1
Version 7.1.13
Version 7.0.27
Version 5.6.33
Changelogs:
Version 7.2.1
Version 7.1.13
Version 7.0.27
Version 5.6.33
Google Chrome Updated
Google have released a version 63.0.3239.132 of their Chrome web browser. More information about changes in Google Chrome Releases blog.
Mozilla Firefox Updated
Microsoft Security Updates For January 2018
Microsoft have released security updates for January 2018.
Summary of the updates (filter by inserting 12/15/2017 to the From field and 1/3/2018 to the To field) here.
Summary of the updates (filter by inserting 12/15/2017 to the From field and 1/3/2018 to the To field) here.
Wednesday, January 3, 2018
Identify Malicious WiFi Networks With PiKarma Script
Security researcher Besim Altinok has created a Python script, PiKarma that helps to identify WiFi networks that are carrying KARMA (Karma Attacks Radioed Machines Automatically) attacks, a well known form of WiFi Man in the Middle attacks.
"PiKarma allows users to test WiFi networks and determine if the WiFi network in a certain location is safe to use before carrying out any sensitive communications over them. If the script detects a KARMA attack, it logs details and then automatically sends a deauth request, disconnecting the user from the malicious network."
The only downside is that user will need an extra WiFi card. That is needed to keep an eye on the main one.
Bleeping Computer's article about PiKarma with details can be viewed here.
"PiKarma allows users to test WiFi networks and determine if the WiFi network in a certain location is safe to use before carrying out any sensitive communications over them. If the script detects a KARMA attack, it logs details and then automatically sends a deauth request, disconnecting the user from the malicious network."
The only downside is that user will need an extra WiFi card. That is needed to keep an eye on the main one.
Bleeping Computer's article about PiKarma with details can be viewed here.
Subscribe to:
Posts (Atom)
