WordPress v3.5.1 released
FYI...
WordPress v3.5.1 released
- https://wordpress.org/download/
"The latest stable release of WordPress (Version 3.5.1) is available..."
- https://wordpress.org/news/2013/01/wordpress-3-5-1/
Jan 24, 2013 - "... first maintenance release of 3.5, fixing 37 bugs... a security release for all previous WordPress versions..."
- https://secunia.com/advisories/51967/
Release Date: 2013-01-25
Criticality level: Moderately critical
Impact: Cross Site Scripting, Exposure of sensitive information
Where: From remote
... vulnerabilities are reported in versions prior to 3.5.1.
Solution: Update to version 3.5.1.
- http://www.securitytracker.com/id/1028045
Jan 25 2013
Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Host/resource access via network, Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 3.5.1 ...
"WordPress Plugin" search results ...
- https://secunia.com/advisories/searc...rdPress+Plugin
Found -530- Secunia Security Advisories ...
March 14, 2013
___
- http://h-online.com/-1791820
25 Jan 2013
- http://www.h-online.com/imgs/43/9/7/...c597dc045.jpeg
:fear::fear:
AdblockPlus v2.2.3 released
FYI...
Changelog for Adblock Plus 2.2.3
- https://adblockplus.org/releases/adb...refox-released
Feb 13, 2013 - The following lists the changes compared to Adblock Plus 2.2.3. If you experience issues with this release please check the list of known issues.
• Worked around AVG Security Toolbar 14.0.3.* breaking Adblock Plus among other things.
• Made sure that first-run page always opens is the current browser window (bug 819561)...
___
AdblockPlus v2.2.2 released
- https://adblockplus.org/en/changelog-2.2.2
2013-01-30
- http://news.slashdot.org/story/13/01...orn-cisco-says
Feb 01, 2013 - "The popular belief is that security risks increase as the user engages in riskier and shadier behavior online, but that apparently isn't the case, Cisco found in its 2013 Annual Security report*. It can be more dangerous to click on an online advertisement than an adult content site these days, according to Cisco. For example, users clicking on online ads were 182 times more likely to wind up getting infected with malware than if they'd surfed over to an adult content site, Cisco said. The highest concentration of online security targets do not target pornography, pharmaceutical, or gambling sites as much as they affect legitimate sites such as search engines, online retailers, and social media. Users are 21 times more likely to get hit with malware from online shopping sites and 27 more times likely with a search engine than if they'd gone to a counterfeit software site..."
* http://www.cisco.com/en/US/prod/vpnd...ty_report.html
AdBlockPlus for Firefox: https://addons.mozilla.org/en-US/fir.../adblock-plus/
> https://adblockplus.org/en/getting_started#install
:fear:
Expect a v2 of iOS 6.1 ...
FYI...
Expect a v2 of iOS 6.1 ...
iOS 6.1 Leads to Battery Life Drain, Overheating for iPhone Users
- http://thenextweb.com/apple/2013/02/...ng-to-ios-6-1/
8 Feb 2013
- http://arstechnica.com/apple/2013/02...ntacts-photos/
Feb 14, 2013 - "An -old- vulnerability in the iPhone's lock screen and Emergency Call feature appears to have resurfaced for a third time in iOS 6.1. With the right sequence of button clicking, it's possible to get to an iPhone user's voicemails, contacts, and photos—even if the iPhone is locked and password protected..."
- https://secunia.com/advisories/52173/
Access restriction in iOS 6 partially useless
- http://h-online.com/-1805842
19 Feb 2013
Rapid growth in transaction logs, CPU use, and memory consumption in Exchange Server 2010 when a user syncs a mailbox by using an iOS 6.1-based device
- http://support.microsoft.com/kb/2814847
Last Review: February 12, 2013 - Revision: 5.0
Status: Apple and Microsoft are investigating this issue. We will post more information in this article when the information becomes available...
Workaround: To work around this issue, do not process Calendar items such as meeting requests on iOS 6.1 devices. Also, immediately restart the iOS 6.1 device...
:fear::fear:
iOS 6.1.2 Software Update
FYI...
iOS 6.1.2 Software Update
- https://support.apple.com/kb/DL1639
Feb 19, 2013 - "Fixes an Exchange calendar bug that could result in increased network activity and reduced battery life...
System Requirements: iPhone 3GS and later, iPad 2 and later, iPod touch 4th generation and later, iPhone 5 ..."
- http://support.microsoft.com/kb/2814847
Last Review: February 19, 2013 Revision: 15.0 - "... Resolution: Apple has posted the following article to address the issue:
- https://support.apple.com/kb/TS4532
Feb 19, 2013 - ... Resolution: To resolve this issue, update to iOS 6.1.2..."
___
iTunes 11.0.2 released
- https://support.apple.com/kb/DL1614
Feb 19, 2013
APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13
- http://prod.lists.apple.com/archives.../msg00002.html
2013-02-19
- http://support.apple.com/kb/HT5666
:fear::fear:
Thunderbird 17.0.3 released
FYI...
Thunderbird 17.0.3 released
- https://www.mozilla.org/en-US/thunde...3/releasenotes
Feb 19, 2013
Automated Updates: https://support.mozillamessaging.com...ng-thunderbird
Manual check: Go to >Help >About Thunderbird
Download
- https://www.mozilla.org/thunderbird/all.html
Security Advisories
- https://www.mozilla.org/security/kno...nderbird17.0.3
- http://www.securitytracker.com/id/1028165
CVE Reference: CVE-2013-0765, CVE-2013-0772, CVE-2013-0773, CVE-2013-0774, CVE-2013-0775, CVE-2013-0776, CVE-2013-0777, CVE-2013-0778, CVE-2013-0779, CVE-2013-0780, CVE-2013-0781, CVE-2013-0782, CVE-2013-0783, CVE-2013-0784
Feb 20 2013
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 17.0.3
:fear:
iOS/iTunes/Kindle app update...
FYI...
Amazon fixes its book deleting iTunes Kindle app update
- http://www.theinquirer.net/inquirer/...dle-app-update
Feb 28 2013 - "... Amazon has revisited the webpage and the update. Version 3.6.2* of the Kindle app for iOS includes both a fix for the registration issue and "Various Bug Fixes and Security Fixes"..."
* https://itunes.apple.com/us/app/kind...302584613?mt=8
Updated: Feb 27, 2013
Version: 3.6.2
Size: 21.4 MB
What's New in Version 3.6.2
• Fix for Registration Issue
• Various Bug Fixes and Security Fixes...
:fear::sad:
Flash content in Safari...
FYI...
Apple blocks older insecure versions of Flash...
- https://isc.sans.edu/diary.html?storyid=15316
Last Updated: 2013-03-02 18:23:36 - "Apple has recently stepped up its response to security issues involving 3rd party plug-ins. They have aggressively used its anti-malware tool sets to enforce minimum versions of Adobe Flash*, Oracle Java, and similar popular plug-ins..."
* https://support.apple.com/kb/ht5655
Mar 1, 2013 - "... When attempting to view Flash content in Safari, you may see this alert: "Blocked Plug-in"
Selecting it will display this alert:
'Adobe Flash Player' is out of date.
- Click 'Download Flash…' to have Safari open the Adobe Flash Player installer website.
- Download the latest Adobe Flash Player installer--click the "Download now" button.
- Open the downloaded disk image.
- Open the installer and follow the onscreen instructions...'"
- https://support.apple.com/kb/HT5660
Mar 1, 2013
:fear::fear:
Apple Mac OS X update for Java
FYI...
APPLE-SA-2013-03-04-1: Apple Mac OS X update for Java
- https://secunia.com/advisories/52484/
Release Date: 2013-03-05
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2013-0809, CVE-2013-1493
For more information: https://secunia.com/SA52451/
Original Advisory: APPLE-SA-2013-03-04-1:
- http://support.apple.com/kb/HT5677
- http://prod.lists.apple.com/archives...Mar/index.html
- http://prod.lists.apple.com/archives.../msg00000.html
:fear::fear: