Alerts

**AplusWebMaster** · 2016-07-10, 14:03

FYI...

Thunderbird v45.2.0 released
- https://www.mozilla.org/en-US/thunde.../releasenotes/
June 30, 2016
Fixed: Invitations to events could not be printed.
Fixed: Dragging and dropping of contacts from the contact list onto an addressbook while All Addressbooks is selected moved only one contact
Fixed: Falsely reported not enough disk space during compacting
Fixed: Links were not always detected properly in the message body (terminated early on "|", some long links not detected at all)

> https://www.mozilla.org/en-US/securi...hunderbird45.2
Fixed in Thunderbird 45.2
2016-49 Miscellaneous memory safety hazards (rv:47.0/rv:45.2)

Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
Manual check: Go to >Help >About Thunderbird

- https://www.mozilla.org/en-US/thunderbird/releases/

Download
- https://www.mozilla.org/en-US/thunderbird/all/

**AplusWebMaster** · 2016-07-19, 05:02

FYI...

- https://support.apple.com/en-us/HT201222

- https://lists.apple.com/archives/sec...l/threads.html

iOS 9.3.3
- https://support.apple.com/en-us/HT206902
July 18, 2016 - "Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later..."
- http://www.securitytracker.com/id/1036344
CVE Reference: CVE-2016-1863, CVE-2016-1864, CVE-2016-1865, CVE-2016-4582, CVE-2016-4587, CVE-2016-4593, CVE-2016-4594, CVE-2016-4603, CVE-2016-4604, CVE-2016-4605, CVE-2016-4626, CVE-2016-4627, CVE-2016-4628, CVE-2016-4631, CVE-2016-4632, CVE-2016-4635, CVE-2016-4637
Jul 19 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 9.3.3 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote or local user can cause denial of service conditions on the target system.
A remote or local user can obtain potentially sensitive information on the target system.
A local user can obtain elevated privileges on the target system.
A remote user can spoof a URL or content.
Solution: The vendor has issued a fix (9.3.3)...
___

iTunes 12.4.2 for Windows
- https://support.apple.com/en-us/HT206901
July 18, 2016 - "Available for: Windows 7 and later..."

iCloud for Windows 5.2.1
- https://support.apple.com/en-us/HT206899
July 18, 2016 - "Available for: Windows 7 and later..."

Safari 9.1.2
- https://support.apple.com/en-us/HT206900
July 18, 2016 - "Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6..."
- http://www.securitytracker.com/id/1036343
CVE Reference: CVE-2016-4583, CVE-2016-4584, CVE-2016-4585, CVE-2016-4586, CVE-2016-4589, CVE-2016-4590, CVE-2016-4591, CVE-2016-4592, CVE-2016-4622, CVE-2016-4623, CVE-2016-4624, CVE-2016-4651
Jul 19 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 9.1.2 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can consume excessive memory resources on the target system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof user interface elements.
Solution: The vendor has issued a fix (9.1.2)...
___

OS X El Capitan v10.11.6 and Security Update 2016-004
- https://support.apple.com/en-us/HT206903
July 18, 2016 - "Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11 and later..."
- http://www.securitytracker.com/id/1036348
CVE Reference: CVE-2016-0718, CVE-2016-4447, CVE-2016-4448, CVE-2016-4449, CVE-2016-4483, CVE-2016-4595, CVE-2016-4596, CVE-2016-4597, CVE-2016-4598, CVE-2016-4599, CVE-2016-4600, CVE-2016-4601, CVE-2016-4602, CVE-2016-4607, CVE-2016-4608, CVE-2016-4609, CVE-2016-4610, CVE-2016-4612, CVE-2016-4614, CVE-2016-4615, CVE-2016-4616, CVE-2016-4619, CVE-2016-4621, CVE-2016-4625, CVE-2016-4629, CVE-2016-4630, CVE-2016-4633, CVE-2016-4634, CVE-2016-4638, CVE-2016-4639, CVE-2016-4640, CVE-2016-4641, CVE-2016-4645, CVE-2016-4646, CVE-2016-4647, CVE-2016-4648, CVE-2016-4649, CVE-2016-4650, CVE-2016-4652
Jul 19 2016
Fix Available: Yes Vendor Confirmed: Yes ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A local user can cause denial of service conditions on the target system.
A remote or local user can obtain potentially sensitive information on the target system.
A local user can obtain elevated privileges on the target system.
A physically local user can view passwords.
Solution: The vendor has issued a fix (10.11.6, Security Update 2016-004)...
___

tvOS 9.2.2
- https://support.apple.com/en-us/HT206905
July 18, 2016 - "Available for: Apple TV (4th generation)..."

watchOS 2.2.2
- https://support.apple.com/en-us/HT206904
July 18, 2016 - "Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes..."
___

- https://www.us-cert.gov/ncas/current...curity-Updates
July 18, 2016

**AplusWebMaster** · 2016-08-05, 17:21

FYI...

- https://support.apple.com/en-us/HT201222

iOS 9.3.4 released
- https://support.apple.com/en-us/HT207026
Aug 4, 2016 - "Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later..."
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed through improved memory handling.
CVE-2016-4654: Team Pangu

... Update fixes a single issue credited to prominent jailbreaking...
> http://arstechnica.com/apple/2016/08...-9-3-4-update/
8/4/2016
___

- http://www.securitytracker.com/id/1036546
CVE Reference: CVE-2016-4654
Aug 6 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 9.3.3; possibly earlier versions...
Impact: An application can execute arbitrary code on the target system with kernel-level privileges.
Solution: The vendor has issued a fix (9.3.4)...
___

- https://www.us-cert.gov/ncas/current...ecurity-Update
Aug 05, 2016

**AplusWebMaster** · 2016-08-18, 22:23

FYI...

WordPress 4.6 released
- https://wordpress.org/download/
Aug 16, 2016 - "The latest stable release of WordPress (Version 4.6) is available..."

Release notes
- https://codex.wordpress.org/Version_4.6

- https://wordpress.org/download/release-archive/
___

- http://www.securitytracker.com/id/1036683
CVE Reference:
- https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-6896
- https://cve.mitre.org/cgi-bin/cvenam...=CVE-2016-6897
Aug 22 2016
Impact: Denial of service via network, Modification of user information
Fix Available: Yes Vendor Confirmed: Yes Exploit Included: Yes
Version(s): 4.5.3; possibly other versions ...
Impact: A remote user can take actions on the target system acting as the target authenticated user.
A remote authenticated user can cause the target application to fail.
Solution: The vendor has issued a fix (4.6)...

**AplusWebMaster** · 2016-08-25, 23:31

FYI...

Out-of-Band iOS Patch Fixes 0-Day ...
- https://isc.sans.edu/diary.html?storyid=21409
2016-08-25 - "A new spyware has been discovered on the Apple platform. Called Pegasus... it turns out to be a sophisticated targeted spyware. Developed by professionals, it uses 0-day vulnerabilities, code obfuscation and encryption techniques. Apple released today an out-of-band patch for iOS (version 9.3.5)*. It fixes three critical vulnerabilities..."

iOS 9.3.5 released
* https://support.apple.com/en-us/HT207107
Aug 25, 2016 - "Available for: iPhone 4s and later, iPad 2 and later, iPod touch (5th generation) and later..."

- https://lists.apple.com/archives/sec.../msg00000.html
25 Aug 2016

- http://www.securitytracker.com/id/1036694
CVE Reference: CVE-2016-4655, CVE-2016-4656, CVE-2016-4657
Aug 25 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 9.3.5...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
An application can obtain portions of kernel memory contents.
An application can obtain elevated privileges on the target system.
Solution: The vendor has issued a fix (9.3.5)...

- https://www.us-cert.gov/ncas/current...ecurity-Update
Aug 25, 2016

**AplusWebMaster** · 2016-08-26, 12:49

FYI...

Adblock Plus 1.12.2 for Chrome, Opera and Safari released
- https://adblockplus.org/releases/adb...afari-released
2016-08-23
Install Adblock Plus 1.12.2 for Chrome
Install Adblock Plus 1.12.2 for Opera
Install Adblock Plus 1.12.2 for Safari (Safari 6 or higher required)
This is a minor release, focused on stability and preventing circumvention...

**AplusWebMaster** · 2016-09-02, 20:22

FYI...

- https://support.apple.com/en-us/HT201222

Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite
- https://support.apple.com/en-us/HT207130
Sep 1, 2016 - "Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6 ..."
- https://lists.apple.com/archives/sec.../msg00001.html

Safari 9.1.3
- https://support.apple.com/en-us/HT207131
Sep 1, 2016 - "Available for: OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11.6 ..."
- https://lists.apple.com/archives/sec.../msg00000.html
___

- https://isc.sans.edu/diary.html?storyid=21439
2016-09-02 - "... The OS X update, which is only available for El Capitan and Yosemite, fixes the two kernel vulnerabilities. The Safari update which is available for OS X Mavericks and Yosemite... fixes the WebKit vulnerability... recommend patching these quickly given that the same vulnerabilities have already been exploited for iOS."
___

- https://www.us-cert.gov/ncas/current...curity-Updates
Sep 01, 2016

**AplusWebMaster** · 2016-09-08, 11:55

FYI...

WordPress 4.6.1 - Security and Maintenance Release
- https://wordpress.org/news/2016/09/w...nance-release/
Sep 7, 2016 - "WordPress 4.6.1 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.6 and earlier are affected by two security issues: a cross-site scripting vulnerability via image filename... and a path traversal vulnerability in the upgrade package uploader... In addition to the security issues above, WordPress 4.6.1 fixes 15 bugs from 4.6. For more information, see the release notes* or consult the list of changes**..."

Release notes
* https://codex.wordpress.org/Version_4.6.1

List of changes
** https://core.trac.wordpress.org/query?milestone=4.6.1

Download
- https://wordpress.org/download/
___

- http://www.securitytracker.com/id/1036747
Sep 8 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): 4.6 and prior...
Impact: A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the WordPress software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user. The impact of the path traversal flaw was not disclosed.
Solution: The vendor has issued a fix (4.6.1)...
___

- https://www.us-cert.gov/ncas/current...ecurity-Update
Sep 7, 2016

**AplusWebMaster** · 2016-09-14, 11:56

FYI...

- https://support.apple.com/en-us/HT201222

iOS 10
- https://support.apple.com/en-us/HT207143
Sep 13, 2016 - "Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later..."

iOS 10.0.1
- https://support.apple.com/en-us/HT207145
Sep 13, 2016 - "... iOS 10.0.1 also includes the security content of iOS 10."

- http://www.securitytracker.com/id/1036797
CVE Reference: CVE-2016-4620, CVE-2016-4719, CVE-2016-4740, CVE-2016-4741, CVE-2016-4746, CVE-2016-4747, CVE-2016-4749
Sep 13 2016
Impact: Denial of service via network, Disclosure of authentication information, Disclosure of system information, Disclosure of user information
Fix Available: Yes Vendor Confirmed: Yes ...
Impact: A remote user in a privileged network position can prevent software updates.
A remote user in a privileged network position can obtain mail credentials.
A local user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (10.0, 10.0.1)...
___

Xcode 8
- https://support.apple.com/en-us/HT207140
Sep 13, 2016 - "Available for: OS X El Capitan v10.11.5 and later..."

watchOS 3
- https://support.apple.com/en-us/HT207141
Sep 13, 2016 - "Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermès"
___

- https://www.us-cert.gov/ncas/current...curity-Updates
Sep 13, 2016

**AplusWebMaster** · 2016-09-20, 23:09

FYI...

- https://support.apple.com/en-us/HT201222

Safari 10
- https://support.apple.com/en-us/HT207157
Sep 20, 2016 - "Available for: OS X Yosemite v10.10.5 and OS X El Capitan v10.11.6..."
- https://lists.apple.com/archives/sec.../msg00007.html

- http://www.securitytracker.com/id/1036854
CVE Reference: CVE-2016-4611, CVE-2016-4618, CVE-2016-4728, CVE-2016-4729, CVE-2016-4730, CVE-2016-4731, CVE-2016-4733, CVE-2016-4734, CVE-2016-4735, CVE-2016-4737, CVE-2016-4751, CVE-2016-4758, CVE-2016-4759, CVE-2016-4760, CVE-2016-4762, CVE-2016-4763, CVE-2016-4765, CVE-2016-4766, CVE-2016-4767, CVE-2016-4768, CVE-2016-4769
Sep 21 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 10.0 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can spoof the address bar.
A remote user can obtain potentially sensitive information.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with an arbitrary site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix (10.0)...
___

macOS Sierra 10.12
- https://support.apple.com/en-us/HT207170
Sep 20, 2016 - "Available for: OS X El Capitan v10.11.6..."
- https://lists.apple.com/archives/sec.../msg00006.html
___

macOS Server 5.2
- https://support.apple.com/en-us/HT207171
Sep 20, 2016 - "Available for: macOS Sierra 10.12..."
- https://lists.apple.com/archives/sec.../msg00009.html
___

iCloud for Windows 6.0
- https://support.apple.com/en-us/HT207147
Sep 20, 2016 - "Available for: Windows 7 and later..."
- https://lists.apple.com/archives/sec.../msg00013.html
___

iTunes 12.5.1 for Windows
- https://support.apple.com/en-us/HT207158
Sep 13, 2016 - "Available for: Windows 7 and later..."
- https://lists.apple.com/archives/sec.../msg00012.html
___

- https://www.us-cert.gov/ncas/current...curity-Updates
Sep 20, 2016

Thread: Alerts

Thread Tools

Display

Thunderbird v45.2.0 released

Apple iOS 9.3.3, iTunes 12.4.2, iCloud for Windows, more...

Apple iOS 9.3.4 released

WordPress 4.6 released

iOS 9.3.5 released

Adblock Plus 1.12.2

Apple updates - 2016.09.01

WordPress 4.6.1 released

iOS 10.0.1 released

Apple updates ..

Posting Permissions