Page 27 of 31 FirstFirst ... 17232425262728293031 LastLast
Results 261 to 270 of 306

Thread: Alerts

  1. #261
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Thunderbird 45.7.1 released

    FYI...

    Thunderbird 45.7.1 released
    - https://www.mozilla.org/en-US/thunde.../releasenotes/
    Feb 7, 2017
    Fixed: Crash when viewing certain IMAP messages (introduced in 45.7.0)

    Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download
    - https://www.mozilla.org/en-US/thunderbird/all/
    v45.7.1

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #262
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation WordPress 4.7.3 released

    FYI...

    WordPress 4.7.3 released
    - https://wordpress.org/news/
    Mar 6, 2017 - "WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
    WordPress versions 4.7.2 and earlier are affected by six security issues:
    1. Cross-site scripting (XSS) via media file metadata...
    2. Control characters can trick redirect URL validation...
    3. Unintended files can be deleted by administrators using the plugin deletion functionality...
    4. Cross-site scripting (XSS) via video URL in YouTube embeds...
    5. Cross-site scripting (XSS) via taxonomy term names...
    6. Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources...
    In addition to the security issues above, WordPress 4.7.3 contains 39 maintenance fixes to the 4.7 release series...

    Release notes
    - https://codex.wordpress.org/Version_4.7.3

    Download
    - https://wordpress.org/download/
    ___

    - http://www.securitytracker.com/id/1037959
    Mar 7 2017
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): 4.7.2 and prior ...
    Impact: A remote user can take actions on the target system acting as the target authenticated user.
    A remote user can consume excessive server resources on the target system.
    A remote user can bypass redirect URL validation on the target system.
    A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the WordPress software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
    Solution: The vendor has issued a fix (4.7.3)...
    ___

    - https://www.us-cert.gov/ncas/current...ecurity-Update
    Mar 06, 2017

    Last edited by AplusWebMaster; 2017-03-07 at 13:55.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #263
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Thunderbird 45.8.0 released

    FYI...

    Thunderbird 45.8.0 released
    - https://www.mozilla.org/en-US/thunde.../releasenotes/
    Mar 7, 2017

    Fixed in Thunderbird 45.8
    - https://www.mozilla.org/en-US/securi...hunderbird45.8

    - https://www.mozilla.org/en-US/securi...s/mfsa2017-07/
    Critical
    CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
    CVE-2017-5401: Memory Corruption when handling ErrorResult
    CVE-2017-5402: Use-after-free working with events in FontFace objects
    CVE-2017-5404: Use-after-free working with ranges in selections
    CVE-2017-5398: Memory safety bugs fixed in Thunderbird 45.8

    Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download
    - https://www.mozilla.org/en-US/thunderbird/all/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #264
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adblock Plus 1.13 for Chrome and Opera

    FYI...

    Adblock Plus 1.13 for Chrome and Opera released
    - https://adblockplus.org/releases/adb...opera-released
    2017-03-15
    Install Adblock Plus 1.13 for Chrome
    Install Adblock Plus 1.13 for Opera

    This is a major release containing some user interface improvements...
    Changes:
    - Further improved our WebSocket (issue 4643, 4807) and popup (issue 4834) blocking capabilities.
    - Improved the “Block element” tool, fixing a bug where the dialog window would sometimes fail to open (issue 4714) and another which very rarely caused the currently targeted element(s) not to be highlighted (issue 4603).
    - Improved the “Add your own filters” interface in the Options page. Extremely large filters are now displayed properly (issue 1121), and the interface is much more responsive when dealing with large numbers of custom filters (issue 4752).
    - Improved the Adblock Plus developer tools pane. Chrome’s dark theme is now supported (issue 4136), the Control-F search interface now works (issue 4644) and elements hidden by CSS property filters are now listed (issue 3596).
    - Worked around a limitation with Chrome’s onCommitted event which caused many problems (issue 4598, 4599, 4647, 4804). Most notably this caused some requests to be improperly blocked / not blocked...

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #265
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iTunes 12.6 released

    FYI...

    - https://support.apple.com/en-us/HT201222

    iTunes 12.6 released
    - https://support.apple.com/en-us/HT207598
    Mar 21, 2017 - "Available for: OS X Mavericks v10.9.5 and later..."
    ___

    iTunes 12.6 for Windows
    - https://support.apple.com/en-us/HT207599
    Mar 21, 2017 - "Available for: Windows 7 and later..."
    ... added more "Entries" March 28, 2017

    - http://www.securitytracker.com/id/1038157
    CVE Reference: CVE-2017-2383, CVE-2017-2463, CVE-2017-2479, CVE-2017-2480, CVE-2017-5029
    Mar 29 2017
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 12.6 ...
    Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
    A remote user can obtain potentially sensitive information on the target system.
    Solution: The vendor has issued a fix (12.6)...
    The vendor advisory is available at: https://support.apple.com/en-us/HT207599
    ___

    - https://www.us-cert.gov/ncas/current...-Update-iTunes
    Mar 24, 2017

    Last edited by AplusWebMaster; 2017-03-29 at 22:27.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #266
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Apple - many multiple updates - 2017.03.27

    FYI...

    - https://support.apple.com/en-us/HT201222

    Apple Releases Security Update for iWork
    - https://www.us-cert.gov/ncas/current...y-Update-iWork
    Mar 27, 2017

    - https://support.apple.com/en-us/HT207595
    Mar 27, 2017 - "Available for: macOS 10.12 or later, iOS 10.0 or later..."

    - http://www.securitytracker.com/id/1038134
    CVE Reference: CVE-2017-2391
    Mar 27 2017
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 4.1 ...
    Impact: A user with access to exported PDF documents can obtain potentially sensitive information from the password protected exported PDF.
    Solution: The vendor has issued a fix (4.1)...
    The vendor advisory is available at: https://support.apple.com/en-us/HT207595

    - http://www.securitytracker.com/id/1038135
    CVE Reference: CVE-2017-2391
    Mar 27 2017
    Fix Available: Yes Vendor Confirmed: Yes
    Impact: A user with access to exported PDF documents can obtain potentially sensitive information from the password protected exported PDF.
    Solution: The vendor has issued a fix (6.1)...
    The vendor advisory is available at: https://support.apple.com/en-us/HT207595

    - http://www.securitytracker.com/id/1038136
    CVE Reference: CVE-2017-2391
    Mar 27 2017
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 7.1...
    Impact: A user with access to exported PDF documents can obtain potentially sensitive information from the password protected exported PDF.
    Solution: The vendor has issued a fix (7.1)...
    The vendor advisory is available at: https://support.apple.com/en-us/HT207595
    ___

    Safari 10.1
    - https://support.apple.com/en-us/HT207600
    Mar 27 2017 - "Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6, and macOS Sierra 10.12.4.."

    - http://www.securitytracker.com/id/1038137
    CVE Reference: CVE-2016-9642, CVE-2016-9643, CVE-2017-2364, CVE-2017-2367, CVE-2017-2376, CVE-2017-2377, CVE-2017-2378, CVE-2017-2385, CVE-2017-2386, CVE-2017-2389, CVE-2017-2394, CVE-2017-2395, CVE-2017-2396, CVE-2017-2405, CVE-2017-2415, CVE-2017-2419, CVE-2017-2424, CVE-2017-2433, CVE-2017-2442, CVE-2017-2444, CVE-2017-2445, CVE-2017-2446, CVE-2017-2447, CVE-2017-2453, CVE-2017-2454, CVE-2017-2455, CVE-2017-2459, CVE-2017-2460, CVE-2017-2464, CVE-2017-2465, CVE-2017-2466, CVE-2017-2468, CVE-2017-2469, CVE-2017-2470, CVE-2017-2471, CVE-2017-2475, CVE-2017-2476, CVE-2017-2481 (Links to External Site)
    Mar 27 2017
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 10.1...
    Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
    A remote user can cause denial of service conditions.
    A local user can obtain potentially sensitive information on the target system.
    A remote user can bypass security controls on the target system.
    A remote user can obtain potentially sensitive information on the target system.
    A remote user can spoof a URL.
    A remote user can access the target user's cookies (including authentication cookies), if any, associated with the site running the Apple Safari software, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
    Solution: The vendor has issued a fix (10.1).
    The vendor advisory is available at: https://support.apple.com/en-us/HT207600
    ___

    macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite
    - https://support.apple.com/en-us/HT207615
    Mar 27 2017

    - http://www.securitytracker.com/id/1038138
    CVE Reference: CVE-2016-5636, CVE-2016-7585, CVE-2017-2379, CVE-2017-2381, CVE-2017-2388, CVE-2017-2390, CVE-2017-2392, CVE-2017-2398, CVE-2017-2401, CVE-2017-2402, CVE-2017-2403, CVE-2017-2406, CVE-2017-2407, CVE-2017-2408, CVE-2017-2409, CVE-2017-2410, CVE-2017-2413, CVE-2017-2416, CVE-2017-2417, CVE-2017-2418, CVE-2017-2420, CVE-2017-2421, CVE-2017-2422, CVE-2017-2423, CVE-2017-2425, CVE-2017-2426, CVE-2017-2427, CVE-2017-2428, CVE-2017-2429, CVE-2017-2430, CVE-2017-2431, CVE-2017-2432, CVE-2017-2435, CVE-2017-2436, CVE-2017-2437, CVE-2017-2438, CVE-2017-2439, CVE-2017-2440, CVE-2017-2441, CVE-2017-2443, CVE-2017-2448, CVE-2017-2449, CVE-2017-2450, CVE-2017-2451, CVE-2017-2456, CVE-2017-2457, CVE-2017-2458, CVE-2017-2461, CVE-2017-2462, CVE-2017-2467, CVE-2017-2472, CVE-2017-2473, CVE-2017-2474, CVE-2017-2478, CVE-2017-2482, CVE-2017-2483, CVE-2017-2485, CVE-2017-2486, CVE-2017-2487, CVE-2017-6974
    Updated: Mar 28 2017
    Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes ...
    Solution: The vendor has issued a fix (Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite).
    The vendor advisory is available at: https://support.apple.com/en-us/HT207615
    ___

    iOS 10.3
    - https://support.apple.com/en-us/HT207617
    Mar 27 2017 - "Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later..."

    - http://www.securitytracker.com/id/1038139
    CVE Reference: CVE-2017-2384, CVE-2017-2393, CVE-2017-2397, CVE-2017-2399, CVE-2017-2400, CVE-2017-2404, CVE-2017-2412, CVE-2017-2414, CVE-2017-2434, CVE-2017-2452, CVE-2017-2484
    Mar 28 2017
    Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 10.3...
    Impact: A remote user can access and modify certain iTunes data.
    A local user can obtain potentially sensitive information on the target system.
    A remote user can conduct cross-site scripting attacks.
    Solution: The vendor has issued a fix (10.3).
    The vendor advisory is available at: https://support.apple.com/en-us/HT207617
    ___

    macOS Server 5.3
    - https://support.apple.com/en-us/HT207604
    Mar 27 2017 - "Available for: macOS 10.12.4 and later..."

    - http://www.securitytracker.com/id/1038144
    CVE Reference: CVE-2007-6750, CVE-2017-2382
    Mar 28 2017
    Impact: Denial of service via network, Disclosure of system information
    Fix Available: Yes Vendor Confirmed: Yes ...
    Impact: A remote user can cause denial of service conditions.
    A remote user can determine valid usernames on the target system.
    Solution: The vendor has issued a fix (macOS Server 5.3).
    The vendor advisory is available at: https://support.apple.com/en-us/HT207604
    ___

    tvOS 10.2
    - https://support.apple.com/en-us/HT207601
    Mar 27 2017 - "Available for: Apple TV (4th generation)..."
    ___

    watchOS 3.2
    - https://support.apple.com/en-us/HT207602
    Mar 27 2017 - "Available for: All Apple Watch models..."
    ___

    - https://www.us-cert.gov/ncas/current...y-Update-iWork
    Mar 27 2017

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #267
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Apple update - iCloud for Windows 6.2

    FYI...

    - https://support.apple.com/en-us/HT201222

    iCloud for Windows 6.2
    - https://support.apple.com/en-us/HT207607
    Mar 28, 2017 - "Available for: Windows 7 and later..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #268
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iOS 10.3.1 released

    FYI...

    - https://support.apple.com/en-us/HT201222

    iOS 10.3.1
    - https://support.apple.com/en-us/HT207688
    Apr 3, 2017 - "Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later...
    Wi-Fi: Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip
    Description: A stack buffer overflow was addressed through improved input validation.
    CVE-2017-6975 ..."
    ___

    - http://www.securitytracker.com/id/1038172
    CVE Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-6975
    Apr 4 2017
    Fix Available: Yes Vendor Confirmed: Yes ...
    Impact: A remote user within WiFi range can execute arbitrary code on the target system.
    Solution: The vendor has issued a fix (10.3.1)...
    ___

    - https://www.us-cert.gov/ncas/current...ity-Update-iOS
    April 03, 2017

    Last edited by AplusWebMaster; 2017-04-07 at 18:13.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #269
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Thunderbird 52.0 released

    FYI...

    Thunderbird 52.0 released
    - https://www.mozilla.org/en-US/thunde.../releasenotes/
    April 4, 2017

    Fixed in Thunderbird 52
    - https://www.mozilla.org/en-US/securi...#thunderbird52

    - https://www.mozilla.org/en-US/securi...s/mfsa2017-09/
    Critical
    CVE-2017-5400: asm.js JIT-spray bypass of ASLR and DEP
    CVE-2017-5401: Memory Corruption when handling ErrorResult
    CVE-2017-5402: Use-after-free working with events in FontFace objects
    CVE-2017-5403: Use-after-free using addRange to add range to an incorrect root object
    CVE-2017-5404: Use-after-free working with ranges in selections

    Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download
    - https://www.mozilla.org/en-US/thunderbird/all/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #270
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Thunderbird 52.0.1 released

    FYI...

    Thunderbird 52.0.1 released
    - https://www.mozilla.org/en-US/thunde.../releasenotes/
    April 14, 2017

    Fixed:
    - Crash due to incompatibility with McAfee Anti-SPAM add-on. Add-on is blocked in 52.0.1
    - Clicking on a link in an email may not open this link in the external browser...

    Complete list of changes in this release
    - https://mzl.la/2nSk0Ft
    373 bugs found

    Automated Updates: https://support.mozilla.org/en-US/kb...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download
    - https://www.mozilla.org/en-US/thunderbird/all/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •