Old Alerts

QuickTime v7.6.7 released

FYI...

QuickTime v7.6.7 released
- http://support.apple.com/kb/HT4290
Aug. 12, 2010 - CVE-2010-1799*

- http://www.apple.com/quicktime/download/
(32.9 MB)

Apple security updates
- http://support.apple.com/kb/HT1222

- http://secunia.com/advisories/40729/
Last Update: 2010-08-13
Criticality level: Highly critical
Impact: System access
Where: From remote
... The vulnerability is confirmed in version 7.6.6 (1671) for Windows. Other versions may also be affected.
Solution: Update to version 7.6.7.

* http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1799
Last revised: 08/21/2010 - "... Apple QuickTime before 7.6.7..."
CVSS v2 Base Score: 9.3 (HIGH)

- http://securitytracker.com/alerts/2010/Aug/1024336.html
Aug 13 2010

- http://isc.sans.edu/diary.html?storyid=9382
Last Updated: 2010-08-13 00:15:28 UTC

:fear:
 
Last edited:
iTunes v10 released

FYI...

iTunes v10 released
- http://support.apple.com/kb/HT4328
September 02, 2010
WebKit: CVE-ID:
CVE-2010-1780, CVE-2010-1782, CVE-2010-1783, CVE-2010-1784, CVE-2010-1785, CVE-2010-1786, CVE-2010-1787, CVE-2010-1788, CVE-2010-1789, CVE-2010-1790, CVE-2010-1791, CVE-2010-1792, CVE-2010-1793

- http://support.apple.com/downloads/

- http://secunia.com/advisories/41149/
Release Date: 2010-09-02
Criticality level: Highly critical
Impact: System access
Where: From remote ...
Solution: Upgrade to version 10.
Original Advisory: Apple:
http://support.apple.com/kb/HT4328

>> http://forums.spybot.info/showpost.php?p=382439&postcount=129

:fear:
 
Last edited:
Thunderbird v3.1.3 released

FYI...

Thunderbird v3.1.3 released
- http://secunia.com/advisories/41304/
Release Date : 2010-09-08
Criticality level: Highly critical
Impact: Cross Site Scripting, Exposure of sensitive information, System access
Where: From remote
CVE Reference(s): CVE-2010-2760, CVE-2010-2762, CVE-2010-2763, CVE-2010-2764, CVE-2010-2765, CVE-2010-2766, CVE-2010-2767, CVE-2010-2768, CVE-2010-2769, CVE-2010-2770, CVE-2010-3166, CVE-2010-3167, CVE-2010-3168, CVE-2010-3169
Solution: Update to version 3.1.3 or 3.0.7...

- http://www.mozillamessaging.com/en-US/thunderbird/3.1.3/releasenotes/
v.3.1.3, released September 7, 2010

- http://www.mozillamessaging.com/thunderbird/all.html

- http://securitytracker.com/alerts/2010/Sep/1024403.html
- http://securitytracker.com/alerts/2010/Sep/1024407.html
Sep 8 2010

:fear:
 
Safari v5.0.2 / v4.1.2 released

FYI...

Safari v5.0.2 / v4.1.2 released
- http://secunia.com/advisories/41085/
Release Date: 2010-09-08
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Apple Safari 4.x, Apple Safari 5.x
CVE Reference(s): CVE-2010-1805, CVE-2010-1806, CVE-2010-1807
Solution: Update to version 5.0.2 (Mac OS X 10.5.8, Mac OS X 10.6.2 or later, or Windows 7, Vista, or XP SP2) or 4.1.2 (Mac OS X 10.4.11 or Mac OS X 10.5.8 ).
Original Advisory: Apple: http://support.apple.com/kb/HT4333

- http://support.apple.com/downloads/
Safari 4.1.2 for Tiger: Fixes an issue that could prevent users from submitting web forms.
Safari 5.0.2: This update contains improvements to performance, usability, compatibility and security.

- http://securitytracker.com/alerts/2010/Sep/1024400.html
Sep 8 2010

:fear:
 
Google Chrome v6.0.472.62/v6.0.472.59 released

FYI...

Google Chrome v6.0.472.62 released
- http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_17.html
September 17, 2010 - "Google Chrome has been updated to 6.0.472.62 for Windows, Linux and Mac on the Stable channel... this version includes an updated version of the Flash Plugin with a fix for a security vulnerability*...
* http://www.adobe.com/support/security/advisories/apsa10-03.html

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2884
Last revised: 09/18/2010 - "... as exploited in the wild in September 2010..."
CVSS v2 Base Score: 9.3 (HIGH)
___

Google Chrome v6.0.472.59 released
- http://secunia.com/advisories/41390/
Release Date: 2010-09-15
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
Solution: Update to version 6.0.472.59 ...
Original Advisory:
http://googlechromereleases.blogspot.com/2010/09/stable-beta-channel-updates_14.html

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3408
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3409
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3410
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3412
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3414
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3415
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3416
"... before 6.0.472.59..."

:fear::fear:
 
Last edited:
Quicktime v7.6.8 released

FYI...

Quicktime v7.6.8 released
- http://support.apple.com/kb/HT4339
September 15, 2010
CVE-ID: CVE-2010-1818
CVE-ID: CVE-2010-1819

- http://www.apple.com/quicktime/download/

Apple security updates
- http://support.apple.com/kb/HT1222

- http://secunia.com/advisories/41213/
Last Update: 2010-09-16
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to version 7.6.8...

- http://securitytracker.com/alerts/2010/Sep/1024452.html
Sep 15 2010 "... prior to 7.6.8..."

:fear:
 
Last edited:
FoxIt Reader v4.2.0.0928 released

FYI...

FoxIt Reader v4.2.0.0928 released
- http://www.foxitsoftware.com/downloads/index.php
09/29/10

- http://www.foxitsoftware.com/pdf/reader/security_bulletins.php#identity
"... Fixed identity theft issue caused by the security flaw of the digital signature..."

- http://www.foxitsoftware.com/pdf/reader/bugfix.php

Update now available through the "Check for Updates" function:
From an admin. account: > Help > Check for Updates now > FoxIt Reader 4.2.0.0928 Upgrade
9.29.2010

- http://secunia.com/advisories/41656/
Release Date: 2010-10-06
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to version 4.2.0.0928, which also provides a security enhancement to the handling of PDF signatures.

- http://www.foxitsoftware.com/company/press.htm
"... 70 million users worldwide..."

:fear:
 
Last edited:
Thunderbird v3.1.5 released

FYI...

Thunderbird v3.1.5 released
- http://www.mozillamessaging.com/thunderbird/all.html

- http://www.mozillamessaging.com/en-US/thunderbird/3.1.5/releasenotes/
v.3.1.5, released October 19, 2010
• Several fixes to improve performance, stability and security, see the Security Advisory.
• Several fixes to improve the user interface and add-ons experience.

- https://bugzilla.mozilla.org/buglis...11-fixed;type0-0-0=equals;value0-0-0=.5-fixed
59 bugs found.

:fear::fear:
 
Google Chrome v7.0.517.41 released

FYI...

Google Chrome v7.0.517.41 released
- http://secunia.com/advisories/41888/
Release Date: 2010-10-20
Criticality level: Highly critical
Impact: Unknown, Security Bypass, Spoofing, System access
Where: From remote ...
Solution: Fixed in version 7.0.517.41 ...
Original Advisory:
http://googlechromereleases.blogspot.com/2010/10/stable-channel-update.html
... Updates from the previous stable release include:
Hundreds of bug fixes
• An updated HTML5 parser
• File API
• Directory upload via input tag ...

:fear::fear:
 
Last edited:
Safari v5.0.3 released

FYI...

Safari v5.0.3 released
- http://secunia.com/advisories/42264/
Release Date: 2010-11-19
Criticality level: Highly critical
Impact: System access, Spoofing, Security Bypass
Where: From remote
Solution Status: Vendor Patch ...
Solution: Update to Safari 5.0.3 (Mac OS X 10.5.8, Mac OS X 10.6.4 or later, Windows 7, Vista, XP) or Safari 4.1.3 (Mac OS X 10.4.11)...

- http://support.apple.com/kb/DL1070

- http://support.apple.com/kb/HT4455

- http://support.apple.com/kb/HT1222

- http://support.apple.com/downloads/

- http://www.securitytracker.com/id?1024757
Nov 18 2010
CVE Reference: CVE-2010-3803, CVE-2010-3804, CVE-2010-3805, CVE-2010-3259, CVE-2010-3808, CVE-2010-3809, CVE-2010-3810, CVE-2010-3811, CVE-2010-3812, CVE-2010-3813, CVE-2010-3116, CVE-2010-3257, CVE-2010-3816, CVE-2010-3817, CVE-2010-3818, CVE-2010-3819, CVE-2010-3820, CVE-2010-3821, CVE-2010-3822, CVE-2010-3823, CVE-2010-3824, CVE-2010-3826

- http://nakedsecurity.sophos.com/2010/11/19/safari-5-0-34-1-3-fixes-27-vulnerabilities/
November 19, 2010 - "... If you are a Safari user make sure you apply these updates as soon as possible, as it won't be long before our criminal adversaries attempt to use their disclosure against us..."

:fear:
 
Last edited:
FoxIt Reader v4.3.0.1110 released

FYI...

FoxIt Reader v4.3.0.1110 released
- http://www.foxitsoftware.com/downloads/index.php
11/16/10

- http://www.foxitsoftware.com/pdf/reader/bugfix.php
• Fixed an issue where Foxit Reader crashes when scrolling back after the user scrolls down to view the last page (actual image) of a PDF file.
• Fixed a crash issue when opening certain PDFs.

Update available through the "Check for Updates" function: From an admin. account: > Help > Check for Updates now > FoxIt Reader 4.3.0.1110 Upgrade

:fear:
 
Last edited:
Kerio Control v7.1.0 released

FYI...

Kerio Control v7.1.0 released
- http://secunia.com/advisories/42388/
Release Date: 2010-11-30
Criticality level: Moderately critical
Impact: Unknown
Where: From remote
Solution Status: Vendor Patch
Software: Kerio Control 7.x
... vulnerability is reported in versions prior to 7.1.0.
Solution: Update to version 7.1.0.
Original Advisory:
http://www.kerio.com/control/history
(formerly Kerio WinRoute Firewall)
Version 7.1.0 - November 30, 2010

:fear:
 
Last edited:
WordPress v3.0.2 released

FYI...

WordPress v3.0.2 released
- http://wordpress.org/download/
"The latest stable release of WordPress (Version 3.0.2) is available..."

- http://wordpress.org/news/2010/11/wordpress-3-0-2/
November 30, 2010 - "... mandatory security update for all previous WordPress versions..."

WordPress SQL Injection Vuln
- http://secunia.com/advisories/42431/
Release Date: 2010-12-01
Solution: Update to version 3.0.2.

- http://www.securitytracker.com/id?1024809
Dec 1 2010

- http://www.us-cert.gov/current/#wordpress_releases_wordpress_3_0
December 2, 2010

Over 500,000 Windows Live Spaces blogs migrated to WordPress.com
- http://windowsteamblog.com/windows_...e-spaces-blogs-migrated-to-wordpress-com.aspx
29 November 2010 - "... nearly 1 million new people now blogging on WordPress... those of you who haven’t gotten around to it yet, we want to remind you that you’ll need to do so before March 2011..."

:fear:
 
Last edited:
You must log in or register to reply here.
Back
Top