Page 15 of 31 FirstFirst ... 511121314151617181925 ... LastLast
Results 141 to 150 of 306

Thread: Alerts

  1. #141
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iTunes 12.0.1, OS X Server v4.0, OS X Yosemite v10.10 released

    FYI...

    iTunes 12.0.1 released
    - https://support.apple.com/kb/HT6537
    Last Modified: Oct 16, 2014
    CVE Reference(s): CVE-2013-2871, CVE-2013-2875, CVE-2013-2909, CVE-2013-2926, CVE-2013-2927, CVE-2013-2928, CVE-2013-5195, CVE-2013-5196, CVE-2013-5197, CVE-2013-5198, CVE-2013-5199, CVE-2013-5225, CVE-2013-5228, CVE-2013-6625, CVE-2013-6635, CVE-2013-6663, CVE-2014-1268, CVE-2014-1269, CVE-2014-1270, CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292, CVE-2014-1293, CVE-2014-1294, CVE-2014-1298, CVE-2014-1299, CVE-2014-1300, CVE-2014-1301, CVE-2014-1302, CVE-2014-1303, CVE-2014-1304, CVE-2014-1305, CVE-2014-1307, CVE-2014-1308, CVE-2014-1309, CVE-2014-1310, CVE-2014-1311, CVE-2014-1312, CVE-2014-1313, CVE-2014-1323, CVE-2014-1324, CVE-2014-1325, CVE-2014-1326, CVE-2014-1327, CVE-2014-1329, CVE-2014-1330, CVE-2014-1331, CVE-2014-1333, CVE-2014-1334, CVE-2014-1335, CVE-2014-1336, CVE-2014-1337, CVE-2014-1338, CVE-2014-1339, CVE-2014-1340, CVE-2014-1341, CVE-2014-1342, CVE-2014-1343, CVE-2014-1344, CVE-2014-1362, CVE-2014-1363, CVE-2014-1364, CVE-2014-1365, CVE-2014-1366, CVE-2014-1367, CVE-2014-1368, CVE-2014-1384, CVE-2014-1385, CVE-2014-1386, CVE-2014-1387, CVE-2014-1388, CVE-2014-1389, CVE-2014-1390, CVE-2014-1713, CVE-2014-1731, CVE-2014-4410, CVE-2014-4411, CVE-2014-4412, CVE-2014-4413, CVE-2014-4414, CVE-2014-4415
    ___

    Security Update 2014-005
    - https://support.apple.com/kb/HT6531
    Oct 16, 2014
    > https://www.us-cert.gov/ncas/current...pdate-2014-005
    Oct 17, 2014 - "... Security Update 2014-005 to address vulnerabilities in SSL 3.0..."
    ___

    OS X Server v4.0
    - http://support.apple.com/kb/HT6536
    Oct 16, 2014

    - http://www.securitytracker.com/id/1031071
    ___

    OS X Yosemite v10.10
    - http://support.apple.com/kb/HT6535
    Oct 16, 2014

    - http://www.securitytracker.com/id/1031063

    - http://www.securitytracker.com/id/1031065

    OS X Yosemite: List of available trusted root certificates
    - http://support.apple.com/kb/HT6005
    Oct 17, 2014

    Last edited by AplusWebMaster; 2014-10-17 at 21:33.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #142
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adblock Plus 2.6.5 for Firefox ...

    FYI...

    Adblock Plus 2.6.5 for Firefox
    - https://adblockplus.org/releases/adb...refox-released
    Changes:
    - Fixed: Element hiding exceptions are broken by changes in Firefox 34 and Firefox 35 (issue 1241, issue 1381).
    - Fixed: Blocking via context menu won’t always suggest blocking the most recent request (issue 362).
    - Fixed: Issue reporter will complain about too many filter lists even when these filter lists are “special” like the anti-adblock list (issue 690).
    - Fixed: Disabling filters via space bar no longer works in preferences (issue 1129).
    - Fixed: Sharing Adblock Plus from the first-run page won’t work if the Anti-Social list is enabled (issue 1133).
    - Fixed: Anti-Adblock warning will sometimes appear on websites without any anti-adblock behavior (issue 1161).
    - Made $sitekey option behavior more consistent, it can be used similarly to $domain now rather than whitelisting complete websites only (issue 432).

    - https://addons.mozilla.org/en-US/fir.../adblock-plus/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #143
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iOS 8.1 released

    FYI...

    iOS 8.1 released
    - https://support.apple.com/kb/HT6541
    Oct 20, 2014
    Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later

    - http://www.securitytracker.com/id/1031077/
    CVE Reference: CVE-2014-4448, CVE-2014-4449, CVE-2014-4450
    Oct 20 2014
    Impact: Disclosure of system information, Disclosure of user information
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 8.1 ...

    - https://en.greatfire.org/blog/2014/o...nch-new-iphone
    Oct 20, 2014 - "After previous attacks on Github, Google, Yahoo and Microsoft, the Chinese authorities are now staging a man-in-the-middle (MITM) attack on Apple’s iCloud... Firefox and Chrome will both prevent users from accessing iCloud.com when they are trying to access a site that is suffering from a MITM attack..."

    - http://www.reuters.com/article/2014/...0I92H020141021
    Oct 21, 2014
    ___

    Apple TV 7.0.1
    - https://support.apple.com/kb/HT6542
    Oct 20, 2014

    - https://support.apple.com/kb/HT1222

    Last edited by AplusWebMaster; 2014-10-21 at 15:45.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #144
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation SSL 3.0 obsolete ...

    FYI...

    - http://windowssecrets.com/top-story/...oodle-attacks/
    Oct 23, 2014 - "The following changes force your browser to not use SSL 3.0. Here’s what to adjust in the top three browsers...

    Chrome: In Google’s browser, edit the shortcut that launches the browser, adding a flag to the end of the Shortcut path. Start by selecting the icon normally used to launch Chrome. Right-click the icon and select Properties. Under the Shortcut tab, find the box labeled “Target” and insert –ssl-version-min=tls1 immediately after chrome.exe” (see Figure 1). It should look something like this (note the space between .exe” and –ssl-):
    “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” –ssl-version-min=tls1
    Figure 1: http://windowssecrets.com/wp-content...-TS-Chrome.png

    ... in the Oct. 14 Mozilla blog post*, Firefox 34, due to be released on Nov. 25, will disable SSL 3.0 support. In the meantime, Mozilla recommends installing the add-on (download site**), “SSL Version Control 0.2? (see Figure 2), which will let you control SSL support within the browser. (Some websites have recommended adjusting Firefox settings in the configuration file, but Mozilla recommends using the add-on instead.)..."
    * https://blog.mozilla.org/security/20...nd-of-ssl-3-0/
    ** https://addons.mozilla.org/en-US/fir...rsion-control/
    Figure 2: http://windowssecrets.com/wp-content...1023-TS-FF.png

    ... Internet Explorer: In IE, click the gear (settings) icon, open Internet options, and then select the Advanced tab. Scroll down the Settings list to the Security category, and then look for Use SSL 3.0. Uncheck the box (see Figure 3), click OK, and then relaunch IE... Microsoft released an initial security advisory on this topic; expect to see additional guidance in the near future...
    Figure 3: http://windowssecrets.com/wp-content...1023-TS-IE.png

    ... How to test your browser’s TLS/SSL protection:
    Several websites test whether your currently open browser supports SSL 3.0. For a simple test, Poodletest.com displays a poodle dog if your browser still supports SSL 3.0, and a Springfield terrier if it doesn’t. On the other hand, Qualys SSL Labs (site***) provides a more detailed analysis of the SSL protocols your browser supports.
    As noted above, some business sites such as online -banking- might still need SSL 3.0. Again, I recommend leaving SSL 3.0 support on -one- browser; it’ll be faster and safer than repeatedly adjusting browser settings. If you’re running a Web server or small-business server, you should -disable- SSL 3.0 support to better protect connected workstations and Internet-based phones... there’s a silver lining to this latest security mess — it should now force everyone on the Internet to finally abandon a dated, insecure protocol."
    *** https://www.ssllabs.com/ssltest/viewMyClient.html
    "Your user agent is not vulnerable..." < What you want to see after the new Firefox extention is installed.
    ___

    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2014-3513 - 7.1 (HIGH)
    Last revised: 10/22/2014
    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2014-3567 - 7.1 (HIGH)
    Last revised: 10/31/2014
    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2014-3568 - 4.3
    Last revised: 10/31/2014

    Last edited by AplusWebMaster; 2014-11-03 at 21:49.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #145
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881
    Last edited by AplusWebMaster; 2014-10-24 at 18:53.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #146
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adblock Plus 1.8.7 for Chrome and Opera released

    FYI...

    Adblock Plus 1.8.7 for Chrome and Opera released
    - https://adblockplus.org/releases/adb...opera-released
    2014-10-28
    Install/update links at the URL above.

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #147
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Sumatra PDF reader v3.0 ...

    FYI...

    Sumatra PDF reader v3.0 released
    - http://blog.kowalczyk.info/software/...apdf/news.html
    Version history - v3.0 (2014-10-18)
    Changes in this release:
    - Tabs! Enabled by default. Use Settings/Options... menu to go back to the old UI
    - support table of contents and links in ebook UI
    - add support for PalmDoc ebooks
    - swapped keybindings:
    - F11: Fullscreen mode (still also Ctrl+Shift+L)
    - F5: Presentation mode (also Shift+F11, still also Ctrl+L)
    - added a document measurement UI. Press 'm' to start. Keep pressing 'm' to change measurement units
    - new advanced settings: FullPathInTitle, UseSysColors (no longer exposed through the Options dialog), UseTabs
    - replaced non-free UnRAR with a free RAR extraction library...

    [prior version 2.5.2] ...

    Download: http://blog.kowalczyk.info/software/...df-viewer.html

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #148
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation AdblockPlus v2.6.6 for Firefox ...

    FYI...

    AdblockPlus 2.6.6 for Firefox released
    - https://adblockplus.org/releases/adb...refox-released
    2014-11-11 - "... Adblock Plus will use a slightly different approach to read files from disk... reason is a change that Mozilla made for Firefox and that broke Adblock Plus completely in the Firefox nightly builds."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #149
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iOS 8.1.1, OS X Yosemite v10.10.1, Apple TV 7.0.2 released

    FYI...

    iOS 8.1.1 released
    - http://support.apple.com/en-us/HT6590
    Nov 17, 2014
    ... for iPhone 4s and later, iPod touch 5th generation and later, and iPad 2 and later...
    - http://www.securitytracker.com/id/1031232
    CVE Reference: CVE-2014-4451, CVE-2014-4457, CVE-2014-4463
    Nov 18 2014
    Impact: Execution of arbitrary code via local system, User access via local system
    Fix Available: Yes Vendor Confirmed: Yes ...
    Solution: The vendor has issued a fix (8.1.1).
    ___

    OS X Yosemite v10.10.1
    - http://support.apple.com/en-us/HT6572
    Nov 17, 2014
    - http://www.securitytracker.com/id/1031230
    CVE Reference: CVE-2014-4453, CVE-2014-4458, CVE-2014-4459, CVE-2014-4460
    Nov 18 2014
    Impact: Disclosure of system information, Execution of arbitrary code via network, User access via network
    Fix Available: Yes Vendor Confirmed: Yes ...
    Solution: The vendor has issued a fix (10.10.1).
    ___

    Apple TV 7.0.2
    - http://support.apple.com/en-us/HT6592
    Nov 17, 2014
    - http://www.securitytracker.com/id/1031231
    CVE Reference: CVE-2014-4452, CVE-2014-4455, CVE-2014-4461, CVE-2014-4462
    Nov 18 2014
    Impact: Execution of arbitrary code via local system, Execution of arbitrary code via network, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes ...
    Solution: The vendor has issued a fix (7.0.2).
    ___

    - https://isc.sans.edu/diary.html?storyid=18961
    Nov 17, 2014
    - https://www.us-cert.gov/ncas/current...e-and-Apple-TV
    Nov 17, 2014

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #150
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation WordPress 4.0.1 Security Release

    FYI...

    WordPress 4.0.1 Security Release
    - https://wordpress.org/news/2014/11/wordpress-4-0-1/
    Nov 20, 2014 - "WordPress 4.0.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately... WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site... This issue does not affect version 4.0, but version 4.0.1 does address these -eight- security issues..."

    - http://www.securitytracker.com/id/1031243
    Nov 20 2014
    Impact: Denial of service via network, Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to versions 3.7.5, 3.8.5, 3.9.3, 4.0.1
    Description: Several vulnerabilities were reported in WordPress. A remote user can cause denial of service conditions. A remote user can conduct cross-site scripting attacks. A remote user can conduct cross-site request forgery attacks. A remote user can compromise a target user's account...
    Solution: The vendor has issued a fix (3.7.5, 3.8.5, 3.9.3, 4.0.1).
    The vendor's advisory is available at:
    - https://wordpress.org/news/2014/11/wordpress-4-0-1/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •