Page 5 of 31 FirstFirst 12345678915 ... LastLast
Results 41 to 50 of 306

Thread: Alerts

  1. #41
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Thunderbird v17.0 released

    FYI...

    Thunderbird v17.0 released
    - https://www.mozilla.org/en-US/thunde...0/releasenotes
    Nov 20, 2012

    Automated Updates: https://support.mozillamessaging.com...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download
    - https://www.mozilla.org/thunderbird/all.html

    Security Advisories
    - https://www.mozilla.org/security/kno...#thunderbird17
    ___

    - http://www.securitytracker.com/id/1027793
    CVE Reference: CVE-2012-4201, CVE-2012-4202, CVE-2012-4204, CVE-2012-4205, CVE-2012-4207, CVE-2012-4208, CVE-2012-4209, CVE-2012-4212, CVE-2012-4213, CVE-2012-4214, CVE-2012-4215, CVE-2012-4216, CVE-2012-4217, CVE-2012-4218, CVE-2012-5829, CVE-2012-5830, CVE-2012-5833, CVE-2012-5835, CVE-2012-5836, CVE-2012-5838, CVE-2012-5839, CVE-2012-5840, CVE-2012-5841, CVE-2012-5842, CVE-2012-5843
    Nov 21 2012
    Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
    Solution: The vendor has issued a fix (17.0)...

    - https://secunia.com/advisories/51358/
    Release Date: 2012-11-21
    Criticality level: Highly critical
    Impact: Security Bypass, Cross Site Scripting, System access
    Where: From remote...
    Solution: Upgrade to version 17.0.

    Last edited by AplusWebMaster; 2012-11-22 at 11:09.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #42
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation AdblockPlus updated

    FYI...

    Adblock Plus 2.2.1 released
    - https://adblockplus.org/releases/adb...s-221-released
    2012-11-23

    - https://adblockplus.org/en/changelog-2.2.1
    . Fixed issue affecting loading of filters in old Firefox version (including Firefox 10).
    . Fixed wrong apostrophe encoding in translations (especially Italian).

    - https://adblockplus.org/en/changelog-2.2
    Changelog for the previous release
    2012-11-21

    > https://addons.mozilla.org/en-US/fir.../adblock-plus/

    Last edited by AplusWebMaster; 2012-11-23 at 17:53.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #43
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation WordPress Plugins - 464 Secunia Security Advisories ...

    FYI...

    "WordPress Plugin" search results ...
    - https://secunia.com/advisories/searc...rdPress+Plugin
    Found: 464 Secunia Security Advisories ...
    Nov 27, 2012

    >> http://piwik.org/blog/2012/11/securi...2012-nov-26th/
    Updated: Nov 27, 2012 - "... The website Piwik.org is running WordPress and got compromised, because of a security issue in a WordPress plugin... compromised by an attacker on 2012 Nov 26th, this attacker added a malicious code in the Piwik 1.9.2 Zip file... You would be at risk only if you installed or updated to Piwik 1.9.2 on Nov 26th from 15:43 UTC to 23:59 UTC. If you are not using 1.9.2, or if you have updated to 1.9.2 earlier than Nov 26th 15:40 UTC or from Nov 27th, you should be safe..."
    ___

    - http://h-online.com/-1757246
    27 Nov 2012

    Last edited by AplusWebMaster; 2012-11-28 at 00:28.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #44
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Java 0-Day exploit on sale for ‘Five Digits’

    FYI...

    Java 0-Day exploit on sale for ‘Five Digits’
    - https://krebsonsecurity.com/2012/11/...r-five-digits/
    Nov 27, 2012 - "Miscreants in the cyber underground are selling an exploit for a previously undocumented security hole in Oracle’s Java software that attackers can use to remotely seize control over systems running the program... The flaw, currently being sold by an established member of an invite-only Underweb forum, targets an unpatched vulnerability in Java JRE 7 Update 9, the most recent version of Java (the seller says this flaw does not exist in Java 6 or earlier versions)... The seller was not terribly specific on the price he is asking for this exploit, but set the expected offer at “five digits.” The price of any exploit is ultimately whatever the market will bear, but this is roughly in line with the last Java zero-day exploit that was being traded and sold on the underground...
    How to Unplug Java from the Browser:
    > http://krebsonsecurity.com/how-to-un...m-the-browser/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #45
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Lightbulb 0-day vulns in MySQL fixed by MariaDB

    FYI...

    0-day vulns in MySQL fixed by MariaDB
    - http://h-online.com/-1761451
    3 Dec 2012 - "A recently published security vulnerability in the MySQL open source database has been met with fixes by the developers of the open source MariaDB* fork... they also note that a supposed zero day vulnerability that enumerates MySQL users has been known about for ten years. MariaDB versions 5.1, 5.2, 5.3 and 5.5, in which CVE 2012-5579 is fixed, are available for download*. MySQL provider Oracle has yet to confirm the vulnerabilities, much less provide updated software."
    * http://downloads.mariadb.org/
    ___

    - https://secunia.com/advisories/51427/
    Release Date: 2012-12-03
    ... may be related to vulnerability #1: https://secunia.com/SA51008/
    CVE Reference(s): CVE-2012-5611, CVE-2012-5612, CVE-2012-5614, CVE-2012-5615
    Impact: Brute force, DoS, System access
    Where: From local network
    Software: MySQL 5.x
    Solution: No official solution is currently available...
    ___

    - http://blog.trendmicro.com/trendlabs...-mysql-server/
    Dec 6, 2012 - "... MySQL Database is famous for its high performance, high reliability and ease of use. It runs on both Windows and many non-Windows platforms like UNIX, Mac OS, Solaris, IBM AIX, etc. It has been the fastest growing application and the choice of big companies such as Facebook, Google, and Adobe among others. Given its popularity, cybercriminals and other attackers are definitely eyeing this platform..."

    Last edited by AplusWebMaster; 2012-12-06 at 20:09.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #46
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation cPanel - updates available

    FYI...

    cPanel - updates available
    - https://secunia.com/advisories/51494/
    Release Date: 2012-12-05
    Criticality level: Moderately critical
    Impact: Unknown
    Where: From remote
    Software: cPanel 11.x
    ... vulnerabilities are reported in versions prior to 11.30.7.4, 11.32.5.15, and 11.34.0.11.
    Solution: Update to version 11.30.7.4, 11.32.5.15, or 11.34.0.11.
    Original Advisory:
    http://cpanel.net/important-security...nel-whm-11-30/
    http://cpanel.net/important-11-32-se...te-cpanel-whm/
    http://cpanel.net/important-11-34-se...se-cpanel-whm/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #47
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iTunes v11.0.1 released

    FYI...

    iTunes 11.0.1 released
    - https://support.apple.com/kb/DL1614
    Dec 13, 2012 - "This update to the new iTunes addresses an issue where new purchases in iCloud may not appear in your library if iTunes Match is turned on, makes iTunes more responsive when searching a large library, fixes a problem where the AirPlay button may not appear as expected, and adds the ability to display duplicate items within your library. This update also includes other important stability and performance improvements."

    Available on Apple Software Update.

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #48
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iOS 6.0.2 Update ...

    FYI...

    iOS 6.0.2 Software Update
    - http://support.apple.com/kb/DL1621
    Dec 18, 2012 - Fixes a bug that could impact Wi-Fi...
    System Requirements: iPhone 5, iPad mini

    - http://www.todaysiphone.com/2012/12/...ased-by-apple/
    "... everyone and their dogs are trying to download the delta update and Apple’s servers are having a hard time..."

    - http://bgr.com/2012/12/18/apple-rele...258170-258170/
    Dec 18, 2012 - "... these Wi-Fi issues were supposed to be fixed with the release of iOS 6.0.1 but notes that users have still reported problems connecting to known Wi-Fi hotspots even after installing the patch..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #49
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Shockwave - vulnerable Flash runtime

    FYI...

    Shockwave player - vulnerable Flash runtime
    * http://www.kb.cert.org/vuls/id/323161
    Last revised: 17 Dec 2012 - "Adobe Shockwave Player 11.6.8.638 and earlier versions on the Windows and Macintosh operating systems provide a vulnerable version of the Flash runtime..."

    - http://h-online.com/-1772754
    19 Dec 2012 - "US-CERT has warned that a security hole exists in Adobe's Shockwave Player*. Version 11.6.8.638 and earlier versions that were installed using the company's "Full" installer are affected. These all include an older version of Flash (10.2.159.1) that contains several exploitable vulnerabilities. Shockwave uses a custom Flash runtime instead of a globally installed Flash plugin. According to US-CERT, the Flash vulnerabilities can be exploited to execute arbitrary code at the user's privilege level via specially crafted Shockwave content. As the Shockwave Player tends to be used only rarely, simply uninstalling the software can provide protection. Adobe is even offering an uninstaller** for this purpose..."
    ** https://www.adobe.com/shockwave/download/alternates/
    (See "Shockwave Player Uninstaller".)

    - https://krebsonsecurity.com/2012/12/...shockwave-bug/
    Dec 19, 2012 - "... U.S. CERT first warned Adobe about the vulnerability in October 2010, and Adobe says it won’t be fixing it until February 2013..."

    - http://www.securitytracker.com/id/1027903
    - http://www.securitytracker.com/id/1027904
    - http://www.securitytracker.com/id/1027905
    Dec 20 2012

    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2012-6270 - 9.3 (HIGH)
    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2012-6271 - 9.3 (HIGH)

    Last edited by AplusWebMaster; 2012-12-24 at 17:47.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #50
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Sumatra PDF reader v2.2.1 released

    FYI...

    Sumatra PDF reader v2.2.1 released
    - http://blog.kowalczyk.info/software/...apdf/news.html
    2013-01-12
    Version history - Changes in this release:
    • fixed ebooks sometimes not remembering the viewing position
    • fixed Sumatra not exiting when opening files from a network drive
    • fixes for most frequent crashes and PDF parsing robustness fixes

    Download
    - http://blog.kowalczyk.info/software/...df-viewer.html

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •