Page 36 of 51 FirstFirst ... 2632333435363738394046 ... LastLast
Results 351 to 360 of 501

Thread: Old MS Alerts

  1. #351
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Post MS Security Bulletin Advance Notification - November 2010

    FYI...

    MS Security Bulletin Advance Notification - November 2010
    - http://www.microsoft.com/technet/sec.../MS10-nov.mspx
    November 04, 2010 - "This is an advance notification of security bulletins that Microsoft is intending to release on November 9, 2010... (Total of -3-)

    Bulletin 1 - Critical - Remote Code Execution - May require restart - Microsoft Office

    Bulletin 2 - Important - Remote Code Execution - May require restart - Microsoft Office

    Bulletin 3 - Important - Elevation of Privilege - May require restart - Microsoft Forefront Unified Access Gateway ...

    - http://blogs.technet.com/b/msrc/arch...bulletins.aspx
    4 Nov 2010 - "... three updates addressing 11 vulnerabilities..."

    Last edited by AplusWebMaster; 2010-11-05 at 19:37.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #352
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation IE 0-day in exploit kit...

    FYI...

    IE 0-day fix due out Dec. 14, 2010
    - http://blogs.technet.com/b/mmpc/arch...d-warrior.aspx
    9 Dec 2010 - "... the bulletin addressing this issue is planned to be released on Tuesday, Dec. 14 ..."
    - http://www.microsoft.com/security/po...0-3962-geo.jpg
    CVE-2010-3942 0-day - Attacks thru 12.8.2010 - MMPC charts
    - http://www.microsoft.com/security/po...10-3962-OS.jpg
    ___

    IE 0-day in exploit kit...
    - http://thompson.blog.avg.com/2010/11...ploit-kit.html
    November 07, 2010 - "... CVE-2010-3962* is in the Wild, but over the last couple of days, we've begun detecting it in the Eleonore Exploit Kit. This raises the stakes considerably..."
    * http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-3962
    Last revised: 11/11/2010
    CVSS v2 Base Score: 9.3 (HIGH) "... as exploited in the wild in November 2010..."
    • Fix it solution for the user-defined CSS
    - http://support.microsoft.com/kb/2458511#FixItForMe1
    November 4, 2010 - Revision: 3.0

    - http://www.microsoft.com/technet/sec...y/2458511.mspx
    • V1.1 (November 3, 2010): Added the opening of HTML mail in the Restricted sites zone as a mitigating factor, the automated Microsoft Fix it solution to the CSS workaround, and a finder acknowledgment. Removed reading e-mail in plain text as a workaround. Also clarified content in the EMET, DEP, and CSS workarounds.

    Last edited by AplusWebMaster; 2010-12-10 at 14:20.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #353
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Bulletin Summary - November 2010

    FYI...

    - http://www.microsoft.com/technet/sec.../MS10-nov.mspx
    November 9, 2010 - "This bulletin summary lists security bulletins released for November 2010... (Total of -3-)

    Critical -1-

    Microsoft Security Bulletin MS10-087 - Critical
    Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2423930)
    - http://www.microsoft.com/technet/sec.../MS10-087.mspx
    Critical - Remote Code Execution - May require restart - Microsoft Office
    • V1.1 (November 17, 2010): Corrected the severity table and vulnerability section to add CVE-2010-2573 as a vulnerability addressed by this update. This is an informational change only.

    http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-2573
    http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-3333
    http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-3334
    http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-3335
    http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-3336
    http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-3337
    CVSS v2 Base Score: 9.3 (HIGH)

    Important -2-

    Microsoft Security Bulletin MS10-088 - Important
    Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (2293386)
    - http://www.microsoft.com/technet/sec.../MS10-088.mspx
    Important - Remote Code Execution - May require restart - Microsoft Office
    • V1.2 (November 17, 2010): Clarified that for Microsoft PowerPoint 2002 and Microsoft PowerPoint 2003, customers also need to install the Microsoft Office update provided in MS10-087 to be protected from the vulnerability described in CVE-2010-2573. This is an informational change only. Customers who have already successfully applied the MS10-087 and the MS10-088 updates do not need to take any action.

    http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-2572
    http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-2573
    CVSS v2 Base Score: 9.3 (HIGH)

    Microsoft Security Bulletin MS10-089 - Important
    Vulnerabilities in Forefront Unified Access Gateway (UAG) Could Allow Elevation of Privilege (2316074)
    - http://www.microsoft.com/technet/sec.../MS10-089.mspx
    Important - Elevation of Privilege - May require restart - Microsoft Forefront United Access Gateway
    ___

    Deployment Priority
    - http://blogs.technet.com/cfs-filesys...ment-slide.png
    ___

    ISC Analysis
    - http://isc.sans.edu/diary.html?storyid=9910
    Last Updated: 2010-11-09 18:41:02 UTC
    ___

    - http://www.securitytracker.com/id?1024705
    - http://www.securitytracker.com/id?1024706
    - http://www.securitytracker.com/id?1024707
    Nov 9 2010
    ___

    MSRT
    - http://support.microsoft.com/?kbid=890830
    November 9, 2010 - Revision: 81.0
    (Recent additions)
    - http://www.microsoft.com/security/ma.../families.aspx
    ... added this release...
    • FakePAV
    • Worm:Win32/Sality.AT
    • Virus:Win32/Sality.AT

    - http://blogs.technet.com/b/mmpc/arch...ssentials.aspx

    Download:
    - http://www.microsoft.com/downloads/d...displaylang=en
    File Name: windows-kb890830-v3.13.exe

    To download the x64 version of MSRT, click here:
    - http://www.microsoft.com/downloads/d...displaylang=en
    File Name: windows-kb890830-x64-v3.13.exe
    ___

    Microsoft Security Advisory (2269637)
    [DLL] Insecure Library Loading Could Allow Remote Code Execution
    - http://www.microsoft.com/technet/sec...y/2269637.mspx
    • V2.0 (November 9, 2010) Added Microsoft Security Bulletin MS10-087, "Vulnerabilities in Microsoft Office Could Allow Remote Code Execution," to the Updates relating to Insecure Library Loading section.

    .
    Last edited by AplusWebMaster; 2010-12-09 at 17:40.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #354
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation EMET v2.0.0.3 released

    FYI...

    EMET v2.0.0.3 released
    - http://blogs.technet.com/b/srd/archi...-released.aspx
    17 Nov 2010 - "... some Enhanced Mitigation Experience Toolkit (EMET) v2.0 users may have potential issues with the update functionality of specific applications from Adobe and Google. As a result, today we released a new version of EMET that will help ensure these updaters work as expected when EMET is in place for added protection. No other behavior is being changed with this release. You can download version 2.0.0.3 of EMET here*..."
    * http://www.microsoft.com/downloads/e...4-95c855f69c39

    > http://www.computerworld.com/s/artic...hrome_problems
    November 18, 2010

    - http://www.theregister.co.uk/2010/11...obe_conflicts/
    Enterprise Security, 19 November 2010

    Last edited by AplusWebMaster; 2010-11-19 at 20:29.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #355
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Bulletin Advance Notification - December 2010

    FYI...

    - http://www.microsoft.com/technet/sec.../MS10-dec.mspx
    December 9, 2010 - "This is an advance notification of security bulletins that Microsoft is intending to release on December 14, 2010... (Total of -17-)

    Bulletin 1 - Critical - Remote Code Execution - Requires restart
    Microsoft Windows, Internet Explorer
    Bulletin 2 - Critical - Remote Code Execution - Requires restart
    Microsoft Windows
    Bulletin 3 - Important - Elevation of Privilege - Requires restart
    Microsoft Windows
    Bulletin 4 - Important - Remote Code Execution - May require restart
    Microsoft Windows
    Bulletin 5 - Important - Remote Code Execution - May require restart
    Microsoft Windows
    Bulletin 6 - Important - Remote Code Execution - Requires restart
    Microsoft Windows
    Bulletin 7 - Important - Remote Code Execution - May require restart
    Microsoft Windows
    Bulletin 8 - Important - Remote Code Execution - May require restart
    Microsoft Windows
    Bulletin 9 - Important - Elevation of Privilege - Requires restart
    Microsoft Windows
    Bulletin 10 - Important - Elevation of Privilege - Requires restart
    Microsoft Windows
    Bulletin 11 - Important - Elevation of Privilege - May require restart
    Microsoft Windows
    Bulletin 12 - Important - Denial of Service - Requires restart
    Microsoft Windows
    Bulletin 13 - Important - Denial of Service - Requires restart
    Microsoft Windows
    Bulletin 14 - Important - Remote Code Execution - May require restart
    Microsoft Office
    Bulletin 15 - Important - Remote Code Execution - May require restart
    Microsoft SharePoint
    Bulletin 16 - Important - Remote Code Execution - May require restart
    Microsoft Office
    Bulletin 17 - Moderate - Denial of Service - May require restart
    Microsoft Exchange ...

    - http://blogs.technet.com/b/msrc/arch...-released.aspx
    9 Dec 2010 - "... 17 updates addressing 40 vulnerabilities in Microsoft Windows, Office, Internet Explorer, SharePoint and Exchange..."

    - http://www.computerworld.com/s/artic..._Patch_Tuesday
    December 9, 2010 - "... a record, beating the count from October 2010 by one... The total bulletin count for the year - 106 - was also a record, as was the number of vulnerabilities patched in those updates: 266..."

    .
    Last edited by AplusWebMaster; 2010-12-09 at 23:46.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #356
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Bulletin Summary - December 2010

    FYI...

    - http://www.microsoft.com/technet/sec.../MS10-dec.mspx
    December 14, 2010 - "This bulletin summary lists security bulletins released for December 2010...

    Critical -2-

    Microsoft Security Bulletin MS10-090 - Critical
    Cumulative Security Update for Internet Explorer (2416400)
    - http://www.microsoft.com/technet/sec.../MS10-090.mspx
    Critical - Remote Code Execution - Requires restart - Microsoft Windows, Internet Explorer

    Microsoft Security Bulletin MS10-091 - Critical
    Vulnerabilities in the OpenType Font (OTF) Driver Could Allow Remote Code Execution (2296199)
    - http://www.microsoft.com/technet/sec.../MS10-091.mspx
    Critical - Remote Code Execution - Requires restart - Microsoft Windows

    Important -14-

    Microsoft Security Bulletin MS10-092 - Important
    Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420)
    - http://www.microsoft.com/technet/sec.../ms10-092.mspx
    Important - Elevation of Privilege - Requires restart - Microsoft Windows

    Microsoft Security Bulletin MS10-093 - Important
    Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (2424434)
    - http://www.microsoft.com/technet/sec.../MS10-093.mspx
    Important - Remote Code Execution - May require restart - Microsoft Windows

    Microsoft Security Bulletin MS10-094 - Important
    Vulnerability in Windows Media Encoder Could Allow Remote Code Execution (2447961)
    - http://www.microsoft.com/technet/sec.../MS10-094.mspx
    Important - Remote Code Execution - May require restart - Microsoft Windows

    Microsoft Security Bulletin MS10-095 - Important
    Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2385678)
    - http://www.microsoft.com/technet/sec.../MS10-095.mspx
    Important - Remote Code Execution - May require restart - Microsoft Windows

    Microsoft Security Bulletin MS10-096 - Important
    Vulnerability in Windows Address Book Could Allow Remote Code Execution (2423089)
    - http://www.microsoft.com/technet/sec.../MS10-096.mspx
    Important - Remote Code Execution - May require restart - Microsoft Windows

    Microsoft Security Bulletin MS10-097 - Important
    Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution (2443105)
    - http://www.microsoft.com/technet/sec.../MS10-097.mspx
    Important - Remote Code Execution - May require restart - Microsoft Windows

    Microsoft Security Bulletin MS10-098 - Important
    Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673)
    - http://www.microsoft.com/technet/sec.../ms10-098.mspx
    Important - Elevation of Privilege - Requires restart - Microsoft Windows

    Microsoft Security Bulletin MS10-099 - Important
    Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege (2440591)
    - http://www.microsoft.com/technet/sec.../ms10-099.mspx
    Important - Elevation of Privilege - Requires restart - Microsoft Windows

    Microsoft Security Bulletin MS10-100 - Important
    Vulnerability in Consent User Interface Could Allow Elevation of Privilege (2442962)
    - http://www.microsoft.com/technet/sec.../MS10-100.mspx
    Important - Elevation of Privilege - May require restart - Microsoft Windows

    Microsoft Security Bulletin MS10-101 - Important
    Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2207559)
    - http://www.microsoft.com/technet/sec.../ms10-101.mspx
    Important - Denial of Service - Requires restart - Microsoft Windows

    Microsoft Security Bulletin MS10-102 - Important
    Vulnerability in Hyper-V Could Allow Denial of Service (2345316)
    - http://www.microsoft.com/technet/sec.../ms10-102.mspx
    Important - Denial of Service - Requires restart - Microsoft Windows

    Microsoft Security Bulletin MS10-103 - Important
    Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (2292970)
    - http://www.microsoft.com/technet/sec.../ms10-103.mspx
    Important - Remote Code Execution - May require restart - Microsoft Office

    Microsoft Security Bulletin MS10-104 - Important
    Vulnerability in Microsoft SharePoint Could Allow Remote Code Execution (2455005)
    - http://www.microsoft.com/technet/sec.../MS10-104.mspx
    Important - Remote Code Execution - May require restart - Microsoft SharePoint

    Microsoft Security Bulletin MS10-105 - Important
    Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)
    - http://www.microsoft.com/technet/sec.../ms10-105.mspx
    Important - Remote Code Execution - May require restart - Microsoft Office

    Moderate -1-

    Microsoft Security Bulletin MS10-106 - Moderate
    Vulnerability in Microsoft Exchange Server Could Allow Denial of Service (2407132)
    - http://www.microsoft.com/technet/sec.../MS10-106.mspx
    Moderate - Denial of Service - May require restart - Microsoft Exchange
    ___

    Deployment Priority
    - http://blogs.technet.com/cfs-filesys...deployment.png

    Severity and Exploitabilty Index
    - http://blogs.technet.com/cfs-filesys...everity-xi.png
    ___

    ISC Analysis
    - http://isc.sans.edu/diary.html?storyid=10081
    Last Updated: 2010-12-14 18:52:39 UTC
    ___

    - http://www.us-cert.gov/cas/techalerts/TA10-348A.html
    December 14, 2010
    Impact: A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system.
    Solution: Apply updates ..."
    ___

    MSRT
    - http://support.microsoft.com/?kbid=890830
    December 14, 2010 - Revision: 82.0
    (Recent additions)
    - http://www.microsoft.com/security/ma.../families.aspx
    ... added this release...
    • Qakbot

    Download:
    - http://www.microsoft.com/downloads/d...displaylang=en
    File Name: windows-kb890830-v3.14.exe

    To download the x64 version of MSRT, click here:
    - http://www.microsoft.com/downloads/d...displaylang=en
    File Name: windows-kb890830-x64-v3.14.exe

    .
    Last edited by AplusWebMaster; 2010-12-15 at 16:07.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #357
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS Security Advisories updated

    FYI...

    Microsoft Security Advisory (973811)
    Extended Protection for Authentication
    - http://www.microsoft.com/technet/sec...ry/973811.mspx
    • V1.8 (December 14, 2010): Updated the FAQ with information about a non-security update enabling Microsoft Outlook to opt in to Extended Protection for Authentication.
    • V1.9 (December 17, 2010): Removed the FAQ entry, originally added December 14, 2010, about a non-security update enabling Microsoft Outlook to opt in to Extended Protection for Authentication.

    Microsoft Security Advisory (2458511)
    Vulnerability in Internet Explorer Could Allow Remote Code Execution
    12/14/2010 - "We have issued MS10-090* to address this issue..."

    Microsoft Security Advisory (2269637)
    Insecure Library Loading Could Allow Remote Code Execution
    • V3.0 (December 14, 2010) Added the following Microsoft Security Bulletins to the Updates relating to Insecure Library Loading section:
    MS10-093*, "Vulnerability in Windows Movie Maker Could Allow Remote Code Execution;"
    MS10-094*, "Vulnerability in Windows Media Encoder Could Allow Remote Code Execution;"
    MS10-095*, "Vulnerability in Microsoft Windows Could Allow Remote Code Execution;"
    MS10-096*, "Vulnerability in Windows Address Book Could Allow Remote Code Execution;" and
    MS10-097*, "Insecure Library Loading in Internet Connection Signup Wizard Could Allow Remote Code Execution."

    * http://forums.spybot.info/showpost.p...1&postcount=73

    .
    Last edited by AplusWebMaster; 2010-12-22 at 14:55.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #358
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Patch issues w/Outlook 2007 ...

    FYI...

    Patch issues with Outlook 2007
    - http://isc.sans.edu/diary.html?storyid=10117
    Last Updated: 2010-12-20 14:47:33 UTC - "Last week on December 14, Microsoft released an update (KB 2412171) for Microsoft Outlook 2007, and several of our readers wrote in indicating it caused problems with Outlook after applying the update. On December 16, Microsoft removed the update from Microsoft Update. Microsoft identified 3 issues with this update. If you are experiencing similar issues with the patch like those listed in this Microsoft Blog and you are using Windows XP, Vista and 7, Microsoft listed the steps to remove the patch here*."
    * http://blogs.msdn.com/b/outlook/arch...look-2007.aspx
    ___

    > http://support.microsoft.com/kb/2485531
    Last Review: December 21, 2010 - Revision: 4.0
    ___

    - http://support.microsoft.com/kb/2412171
    Last Review: December 18, 2010 - Revision: 3.1
    ___

    [Symptoms related to Outlook 2007 bug injected by bad M$ Update KB 2412171]
    - http://www.us-cert.gov/current/#micr...ntry_regarding
    December 20, 2010
    • Outlook fails to connect if Secure Password Authentication (SPA) is configured for an account and the mail server does not support SPA.
    Noticeable performance issues when switching between folders if a Microsoft Exchange Server account is not configured in Outlook.
    • AutoArchive cannot be configured for IMAP, POP3, or Outlook Live Connector accounts if there is no Exchange Server account configured in the same Outlook provide...
    > http://blogs.msdn.com/b/outlook/arch...look-2007.aspx

    Last edited by AplusWebMaster; 2010-12-22 at 19:24.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #359
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation MS WMI Admin Tool ActiveX vuln

    FYI...

    MS WMI Admin Tool ActiveX vuln
    - http://www.us-cert.gov/current/#micr...e_tool_activex
    December 22, 2010 - "... vulnerability affecting the WBEMSingleView.ocx ActiveX control. This control is part of the Microsoft WMI Administrative Tools package. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to set the kill bit for CLSID 2745E5F5-D234-11D0-847A00C04FD7BB08 to help mitigate the risks until a fix is available from the vendor... Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#725596* ..."
    * http://www.kb.cert.org/vuls/id/725596
    Last Updated: 2010-12-22

    - http://secunia.com/advisories/42693/
    Last Update: 2010-12-23
    Criticality level: Highly critical
    Impact: System access
    Where: From remote
    Solution Status: Unpatched
    Software: Microsoft WMI Administrative Tools 1.x, Microsoft WMI Object Viewer ActiveX Control 1.x...
    Solution: Set the kill-bit for the affected ActiveX control...

    Last edited by AplusWebMaster; 2010-12-24 at 12:39.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #360
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation 0-Day IIS 7.5 DoS - processing FTP requests

    FYI...

    - http://blogs.technet.com/b/srd/archi...erability.aspx
    swiblog / 22 Dec 2010 6:58 PM - "... the IIS FTP Service is not installed by default, and even after installation, it is not enabled by default..."

    0-Day IIS 7.5 DoS (processing FTP requests)
    - http://isc.sans.edu/diary.html?storyid=10126
    Last Updated: 2010-12-22 22:05:34 UTC - "A 0-day exploit has been published at exploit-db (see US-Cert advisory*) that takes advantage of a memory corruption vulnerability in IIS 7.5's FTP service. This bug will work pre-authentication.
    From the looks of it, it is a pure remote exploit that's chief use would be denial of service. As with any memory corruption bugs, it is theoretically possible to use this to gain access to the server with the permissions of the user that is running IIS... Some defenses would be limiting FTP services that are internet-facing (especially if IIS), using firewalls to limit access to the server and configuring perimeter devices to check for memory attacks..."
    * http://www.kb.cert.org/vuls/id/842372

    - http://secunia.com/advisories/42713
    Last Update: 2010-12-23
    Criticality level: Highly critical
    Impact: DoS, System access
    Where: From remote
    Solution Status: Unpatched
    Software: Microsoft Internet Information Services (IIS) 7.x
    Solution: Restrict traffic to the FTP service.

    - http://www.securitytracker.com/id?1024921
    Updated: Dec 23 2010

    Last edited by AplusWebMaster; 2010-12-24 at 12:38.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •