Page 9 of 31 FirstFirst ... 567891011121319 ... LastLast
Results 81 to 90 of 306

Thread: Alerts

  1. #81
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Thunderbird v24.0 released

    FYI...

    Thunderbird v24.0 released
    - https://www.mozilla.org/en-US/thunde.../releasenotes/
    Sep 17, 2013

    Security Advisories
    - https://www.mozilla.org/security/kno...hunderbird24.0
    Fixed in Thunderbird 24.0
    MFSA 2013-92 GC hazard with default compartments and frame chain restoration
    MFSA 2013-91 User-defined properties on DOM proxies get the wrong "this" object
    MFSA 2013-90 Memory corruption involving scrolling
    MFSA 2013-89 Buffer overflow with multi-column, lists, and floats
    MFSA 2013-88 compartment mismatch re-attaching XBL-backed nodes
    MFSA 2013-85 Uninitialized data in IonMonkey
    MFSA 2013-83 Mozilla Updater does not lock MAR file after signature verification
    MFSA 2013-82 Calling scope for new Javascript objects can lead to memory corruption
    MFSA 2013-81 Use-after-free with select element
    MFSA 2013-80 NativeKey continues handling key messages after widget is destroyed
    MFSA 2013-79 Use-after-free in Animation Manager during stylesheet cloning
    MFSA 2013-77 Improper state in HTML5 Tree Builder with templates
    MFSA 2013-76 Miscellaneous memory safety hazards (rv:24.0 / rv:17.0.9)

    Automated Updates: https://support.mozillamessaging.com...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download: https://www.mozilla.org/thunderbird/all.html
    ___

    - http://www.securitytracker.com/id/1029044
    CVE Reference: CVE-2013-1718, CVE-2013-1719, CVE-2013-1720, CVE-2013-1722, CVE-2013-1723, CVE-2013-1724, CVE-2013-1726, CVE-2013-1728, CVE-2013-1730, CVE-2013-1732, CVE-2013-1735, CVE-2013-1736, CVE-2013-1737, CVE-2013-1738
    Sep 17 2013
    Impact: Denial of service via network, Execution of arbitrary code via network, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 24.0; prior to ESR 17.0.9...

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #82
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iOS 7, iTunes 11.1 released

    FYI...

    iOS7 released
    - http://support.apple.com/kb/HT5934
    Sep 18, 2013
    - http://lists.apple.com/archives/secu.../msg00006.html

    - https://secunia.com/advisories/54886/
    Release Date: 2013-09-19
    Criticality: Highly Critical
    Where: From remote
    Impact: Security Bypass, Cross Site Scripting, Spoofing, Brute force, Exposure of sensitive information, DoS, System access
    Operating System: Apple iOS 4.x for iPhone 3GS and later, Apple iOS 4.x for iPhone 4 (CDMA), Apple iOS 5.x for iPhone 3GS and later, Apple iOS 6.x for iPhone 3GS and later, Apple iOS for iPad 4.x, Apple iOS for iPad 5.x, Apple iOS for iPad 6.x, Apple iOS for iPod touch 6.x ...
    Solution: Upgrade to version 7...
    Original Advisory: APPLE-SA-2013-09-18-2:
    http://support.apple.com/kb/HT5934

    - http://www.securitytracker.com/id/1029054
    CVE Reference: CVE-2011-2391, CVE-2013-0957, CVE-2013-1036, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-3950, CVE-2013-3953, CVE-2013-3954, CVE-2013-3955, CVE-2013-4616, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128, CVE-2013-5129, CVE-2013-5131, CVE-2013-5134, CVE-2013-5137, CVE-2013-5138, CVE-2013-5139, CVE-2013-5140, CVE-2013-5141, CVE-2013-5142, CVE-2013-5145, CVE-2013-5149, CVE-2013-5150, CVE-2013-5151, CVE-2013-5152, CVE-2013-5153, CVE-2013-5154, CVE-2013-5155, CVE-2013-5156, CVE-2013-5157, CVE-2013-5158, CVE-2013-5159
    Sep 18 2013
    Impact: Denial of service via local system, Denial of service via network, Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via local system, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 7 ...

    - http://www.securitytracker.com/id/1029072
    Sep 20 2013
    Impact: User access via local system
    Vendor Confirmed: Yes Exploit Included: Yes
    Version(s): 7
    ... A local user can invoke the Apple Control Center and bypass the passcode lock screen to access photos and related photo sharing applications.... No solution was available at the time of this entry.
    The vendor is working on a fix...
    ___

    - http://www.theinquirer.net/inquirer/...te-apple-users
    Sep 19 2013 - "... Apple released its iOS 7 mobile operating system update on Wednesday, although download problems have meant that thousands still haven't been able to upgrade to the latest software. As seems typical with iOS updates, the release of iOS 7 didn't go smoothly. Thousands of keen iPhone and iPad users tried to download the iOS 7 update as soon as it went live... some users inundated with error messages after trying to install the software, while others were unable to download it at all... download failures likely having occurred because the firm's network and servers infrastructure couldn't handle the huge surge in traffic..."
    ___

    iTunes 11.1 released
    - http://support.apple.com/kb/HT5936
    Sep 18, 2013
    - http://lists.apple.com/archives/secu.../msg00005.html

    - https://secunia.com/advisories/54893/
    Release Date: 2013-09-19
    Criticality: Highly Critical
    Where: From remote
    Impact: System access
    CVE Reference: https://web.nvd.nist.gov/view/vuln/d...=CVE-2013-1035 - 9.3 (HIGH)
    ... vulnerability is reported in versions prior to 11.1.
    Solution: Update to version 11.1.
    Original Advisory: APPLE-SA-2013-09-18-1:
    http://support.apple.com/kb/HT5936

    - http://www.securitytracker.com/id/1029053
    CVE Reference: CVE-2013-1035
    Sep 18 2013
    Impact: Execution of arbitrary code via network, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 11.1 ...

    Last edited by AplusWebMaster; 2013-09-21 at 19:56.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #83
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iOS 7.0.2 released

    FYI...

    iOS 7.0.2 released
    - http://support.apple.com/kb/HT5957
    Sep 26, 2013
    - http://lists.apple.com/archives/secu.../msg00009.html

    - http://www.securitytracker.com/id/1029100
    CVE Reference:
    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2013-5160 - 3.3
    - https://web.nvd.nist.gov/view/vuln/d...=CVE-2013-5161 - 4.4
    Sep 26 2013
    Impact: User access via local system
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): 7.0 ...
    Solution: The vendor has issued a fix (7.0.2)...
    ___

    iPhone and iPad users - iMessage bug in iOS 7
    - http://www.theinquirer.net/inquirer/...e-bug-in-ios-7
    Oct 01 2013 - "... some of Apple's forum members appear to have discovered a solution for the problem. Those suffering from the bug should disable iMessage in Settings > Messages, then reset the iPhone's network under Settings > General > Reset, then enable iMessage again. We've tried this, and our iMessage function seems to be back up and running as normal..."

    Last edited by AplusWebMaster; 2013-10-02 at 00:05.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #84
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation OpenOffice 4.0.1 released ...

    FYI...

    OpenOffice 4.0.1 released ...
    - https://cwiki.apache.org/confluence/...+Release+Notes
    Sep 29, 2013 - "Apache OpenOffice 4.0.1 is a maintenance release which fixes critical issues and improves the overall quality of the application. All users of Apache OpenOffice 4.0 or earlier are advised to upgrade. You can download Apache OpenOffice 4.0.1 here*.
    General areas of improvement include: additional native language translations, bug fixes, performance improvements and Windows 8 compatibility enhancements...

    * http://www.openoffice.org/download/

    Performance Improvements/Enhancements compared to OpenOffice 4.0.0:
    The performance for saving XLS files was boosted by more than 230%.

    Improvements/Enhancements missing in the OpenOffice 4.0.0 release notes:
    OpenOffice 4.0 integrated the very popular extensions "Presenter Screen" and "Presentation Minimizer" into the core product.

    Bug Fixes ..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #85
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Adblock Plus 2.4 update...

    FYI...

    Adblock Plus updates...
    - https://adblockplus.org/releases/adb...opera-released
    2013-10-09 - "Adblock Plus 2.4 for Firefox, Adblock Plus 1.6 for Chrome and Opera released...
    • Firefox-only changes
    Fixed: Adblock Plus icon wasn’t showing up on browser startup for some users.
    Fixed: Redirect blocking wasn’t working in current Firefox versions.
    Fixed: Issue reporter fails to process some console errors.
    Fixed: Adblock Plus fails to start up when updating in current Firefox nightly builds (workaround for bug 924340).
    • Chrome/Opera-only changes
    The number of ads blocked on a page and in total now shows up when in the icon is clicked..."

    - https://addons.mozilla.org/en-US/fir.../adblock-plus/

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #86
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Apple Java update... 2013.10.15 ...

    FYI...

    Apple-SA-2013-10-15-1 Java for OS X 2013-005 and Mac OS X v10.6 Update 17
    - http://lists.apple.com/archives/secu.../msg00001.html
    15 Oct 2013

    - https://secunia.com/advisories/55328/
    Release Date: 2013-10-16
    Criticality: Highly Critical
    Where: From remote
    Impact: Manipulation of data, Exposure of sensitive information, DoS, System access
    CVE Reference(s): CVE-2013-3829, CVE-2013-4002, CVE-2013-5772, CVE-2013-5774, CVE-2013-5775, CVE-2013-5776, CVE-2013-5777, CVE-2013-5778, CVE-2013-5780, CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5788, CVE-2013-5789, CVE-2013-5790, CVE-2013-5797, CVE-2013-5800, CVE-2013-5801, CVE-2013-5802, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804, CVE-2013-5805, CVE-2013-5806, CVE-2013-5809, CVE-2013-5810, CVE-2013-5812, CVE-2013-5814, CVE-2013-5817, CVE-2013-5818, CVE-2013-5819, CVE-2013-5820, CVE-2013-5823, CVE-2013-5824, CVE-2013-5825, CVE-2013-5829, CVE-2013-5830, CVE-2013-5831, CVE-2013-5832, CVE-2013-5838, CVE-2013-5840, CVE-2013-5842, CVE-2013-5843, CVE-2013-5844, CVE-2013-5846, CVE-2013-5848, CVE-2013-5849, CVE-2013-5850, CVE-2013-5851, CVE-2013-5852, CVE-2013-5854
    ... update for Java for Mac OS X. This fixes multiple vulnerabilities, which can be exploited by malicious users to manipulate certain data and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
    For more information: https://secunia.com/SA55315/
    Solution: Apply Java for OS X 2013-005 or Mac OS X v10.6 Update 17 (please see the vendor's advisory for details).
    Original Advisory: APPLE-SA-2013-10-15-1:
    http://lists.apple.com/archives/secu.../msg00001.html

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #87
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Post AdblockPlus - Customizable Facebook page

    FYI...

    Customizable Facebook page
    - https://adblockplus.org/blog/customizable-facebook-page
    2013-10-21 - "You can now customize Facebook with Adblock Plus. Under default settings, ABP blocks all Facebook ads – sponsored stories, page post ads, standard ads, promoted posts or otherwise. But there are other unneeded, potentially unwanted elements that insert themselves automatically into your news feed and sidebar. Now you can block these too..."
    - http://facebook.adblockplus.me/en/

    - http://www.infoworld.com/t/web-brows...oyances-229247
    Oct 22, 2013 - "... Many end users understand all too well that the vast majority of sites need ad revenue to survive, but are fed up with obnoxious, experience-killing ads that leak privacy data..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #88
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation iOS 7.0.3, Safari 6.1, OS X Mavericks v10.9, iTunes 11.1.2 ...

    FYI...

    iOS 7.0.3 ...
    - http://lists.apple.com/archives/secu.../msg00002.html
    22 Oct 2013
    - https://secunia.com/advisories/55447/
    Release Date: 2013-10-23
    NOT Critical ...
    - http://www.securitytracker.com/id/1029233
    CVE Reference: CVE-2013-5144, CVE-2013-5162, CVE-2013-5164
    Oct 23 2013
    Impact: User access via local system
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): 7.0.2; iPhone 4 and later ...
    Solution: The vendor has issued a fix (7.0.3).
    The vendor's advisory is available at:
    http://support.apple.com/kb/HT6010
    ___

    Safari 6.1 ...
    - http://lists.apple.com/archives/secu.../msg00003.html
    22 Oct 2013
    - https://secunia.com/advisories/55448/
    Release Date: 2013-10-23
    Criticality: Highly Critical
    Where: From remote
    Impact: Cross Site Scripting, Exposure of sensitive information, System access
    CVE Reference(s): CVE-2013-1036, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-2848, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128, CVE-2013-5129, CVE-2013-5130, CVE-2013-5131
    ... vulnerabilities are reported in versions prior to 6.1.
    Solution: Update to version 6.1.
    Original Advisory: APPLE-SA-2013-10-22-2:
    http://support.apple.com/kb/HT6000
    ___

    OS X Mavericks v10.9 ...
    - http://lists.apple.com/archives/secu.../msg00004.html
    22 Oct 2013
    - https://secunia.com/advisories/55446/
    Release Date: 2013-10-23
    Criticality: Highly Critical
    Where: From remote
    Impact: Hijacking, Security Bypass, Spoofing, Exposure of sensitive information, Privilege escalation, DoS, System access
    Operating System: Apple Macintosh OS X
    CVE Reference(s): CVE-2011-2391, CVE-2011-3389, CVE-2011-3427, CVE-2011-4944, CVE-2012-0845, CVE-2012-0876, CVE-2012-1150, CVE-2013-0249, CVE-2013-1667, CVE-2013-1944, CVE-2013-3950, CVE-2013-3954, CVE-2013-4073, CVE-2013-5135, CVE-2013-5138, CVE-2013-5139, CVE-2013-5141, CVE-2013-5142, CVE-2013-5145, CVE-2013-5165, CVE-2013-5166, CVE-2013-5167, CVE-2013-5168, CVE-2013-5169, CVE-2013-5170, CVE-2013-5171, CVE-2013-5172, CVE-2013-5173, CVE-2013-5174, CVE-2013-5175, CVE-2013-5176, CVE-2013-5177, CVE-2013-5178, CVE-2013-5179, CVE-2013-5180, CVE-2013-5181, CVE-2013-5182, CVE-2013-5183, CVE-2013-5184, CVE-2013-5185, CVE-2013-5186, CVE-2013-5187, CVE-2013-5188, CVE-2013-5189, CVE-2013-5190, CVE-2013-5191, CVE-2013-5192
    Solution: Update to version 10.9 (Maverick).
    Original Advisory: APPLE-SA-2013-10-22-3:
    http://support.apple.com/kb/HT6011
    http://lists.apple.com/archives/secu.../msg00004.html
    ___

    iTunes 11.1.2
    - http://lists.apple.com/archives/secu.../msg00009.html
    22 Oct 2013
    - https://secunia.com/advisories/55442/
    Release Date: 2013-10-23
    Criticality: Highly Critical
    Where: From remote
    Impact: Exposure of sensitive information, DoS, System access
    Solution Status: Vendor Patch
    CVE Reference(s): CVE-2011-3102, CVE-2012-0841, CVE-2012-2807, CVE-2012-2825, CVE-2012-2870, CVE-2012-2871, CVE-2012-5134, CVE-2013-1024, CVE-2013-1037, CVE-2013-1038, CVE-2013-1039, CVE-2013-1040, CVE-2013-1041, CVE-2013-1042, CVE-2013-1043, CVE-2013-1044, CVE-2013-1045, CVE-2013-1046, CVE-2013-1047, CVE-2013-2842, CVE-2013-5125, CVE-2013-5126, CVE-2013-5127, CVE-2013-5128
    ... vulnerabilities are reported in versions prior to 11.1.2.
    Solution: Update to version 11.1.2.
    Original Advisory: APPLE-SA-2013-10-22-8:
    http://support.apple.com/kb/HT6001

    Last edited by AplusWebMaster; 2013-10-23 at 18:33.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #89
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Arrow WordPress 3.7 released ...

    FYI...

    WordPress 3.7 released
    - https://wordpress.org/download/
    Oct 24, 2013 - "The latest stable release of WordPress (Version 3.7) is available..."

    - http://wordpress.org/news/2013/10/basie/

    - https://codex.wordpress.org/Version_3.7

    - https://codex.wordpress.org/Changelog/3.7

    - http://core.trac.wordpress.org/query...&milestone=3.7
    Results... 438
    ___

    - http://nakedsecurity.sophos.com/2013...ile-you-sleep/
    Oct 26, 2013 - "... it will automatically update itself with the latest maintenance and security releases... researchers believe that as many as 73% of the WordPress sites out there are vulnerable to attack purely because they aren't running the latest version... The automatic updater also supports themes and plugins - the software skins and add-ons that allow users to customise their WordPress websites..."
    > http://nakedsecurity.sophos.com/2013...ble-to-attack/

    Last edited by AplusWebMaster; 2013-10-29 at 11:16.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #90
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Thunderbird v24.1 released

    FYI...

    Thunderbird 24.1.1
    - https://www.mozilla.org/security/kno...nderbird24.1.1
    Fixed in Thunderbird 24.1.1
    MFSA 2013-103 Miscellaneous Network Security Services (NSS) vulnerabilities
    - https://www.mozilla.org/security/ann...a2013-103.html

    - https://www.mozilla.org/en-US/thunde.../releasenotes/
    Nov 19, 2013
    ___

    Thunderbird v24.1 released
    - https://www.mozilla.org/en-US/thunde.../releasenotes/
    Oct 29, 2013

    Security Advisories
    - https://www.mozilla.org/security/kno...hunderbird24.1
    Fixed in Thunderbird 24.1
    MFSA 2013-102 Use-after-free in HTML document templates
    MFSA 2013-101 Memory corruption in workers
    MFSA 2013-100 Miscellaneous use-after-free issues found through ASAN fuzzing
    MFSA 2013-98 Use-after-free when updating offline cache
    MFSA 2013-97 Writing to cycle collected object during image decoding
    MFSA 2013-96 Improperly initialized memory and overflows in some JavaScript functions
    MFSA 2013-95 Access violation with XSLT and uninitialized data
    MFSA 2013-94 Spoofing addressbar though SELECT element
    MFSA 2013-93 Miscellaneous memory safety hazards (rv:25.0 / rv:24.1 / rv:17.0.10)

    Automated Updates: https://support.mozillamessaging.com...ng-thunderbird
    Manual check: Go to >Help >About Thunderbird

    Download: https://www.mozilla.org/thunderbird/all.html
    ___

    - https://secunia.com/advisories/55489/
    Release Date: 2013-10-30
    Criticality: Highly Critical
    Where: From remote
    Impact: Spoofing, System access
    ... see the vendor's advisories for a list of affected products and versions.
    Solution: Update to a fixed version...

    - http://www.securitytracker.com/id/1029272
    CVE Reference: CVE-2013-5590, CVE-2013-5591, CVE-2013-5592, CVE-2013-5593, CVE-2013-5595, CVE-2013-5596, CVE-2013-5597, CVE-2013-5599, CVE-2013-5600, CVE-2013-5601, CVE-2013-5602, CVE-2013-5603, CVE-2013-5604
    Oct 30 2013
    Impact: Disclosure of system information, Execution of arbitrary code via network, User access via network
    Fix Available: Yes Vendor Confirmed: Yes
    Version(s): prior to 24.1 ...
    Solution: The vendor has issued a fix (24.1)...

    Last edited by AplusWebMaster; 2013-11-21 at 15:14.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •