So, I spent the better part of the evening doing WordPress updates to get 5 blogs up to v. 2.0.2 and now….. clamav has multiple vulnerabilities …………… oi…. now it’s time to rebuild clamav to install on 2 machines……
Category: Security
-
Microsoft April Updates coming Tuesday
To change the Google theme of the afternoon…. Microsoft is due to release their April updates this coming Tuesday (April 11th.) Advance bulletin is here. Four updates affecting Windows, one affecting Office AND Windows. Highest severity is Critical (Explorer flaw probably) Reboot will be required… The Office/Windows update MAY require a reboot and is listed as Moderate.
-
IE exploit unofficial patches
While we wait for Microsoft to release a patch for the MOST recent Internet Explorer vulnerability….. it looks as though MS is “planning” to release a patch on their routine patch day of April 11th. (However they could always change their mind…) As before though there are some 3rd party patches. I’ve got to say I’m slightly uncomfortable with the prospect of a third party patch when there are workarounds (use another browser, disable active scripting….) However, for some those aren’t enough options. I know of two unofficial patches.
-
Internet based filesystem with no transfer fees
I thought this was a great idea…. rsync.net Okay for 2$ per GB of storage per month (or $24 per year for 1GB of storage) you can have your very own secure online storage drive. For you windows users think of a G: drive or a Z: drive that you could SECURELY connect to from a home machine and a work machine…. If you’re concerned about a catastrophic failure of one of their datacenters, then pay $3.50/GB/month for a more geographically dispersed plan (uses redundant data centers..) The best parts (I think) are this…. ssh encrypted connection to your drive and no transfer fees.
-
Update on Internet Explorer Exploit in the wild
If you use Internet Explorer to browse the web, I’d suggest finding the instructions to disable active scripting, or drop it and use something else in light of the recent exploit floating around. It seems that in spite of Microsoft’s infinite wisdom that “Microsoft has determined that an attacker who exploits this vulnerability would have no way to force users to visit a malicious Web site. Instead, an attacker would have to persuade them to visit the Web site, typically by getting them to click a link that takes them to the attacker’s Web site”…. the reality is that legitimate sites have been hacked and the malicious code has been added. (Over 200 legit sites…)
-
Another critical IE flaw
I should mention a fairly big Windows vulnerability (which involves active scripting). Apparently there are proof-of-concept exploits circulating that do innocent things like open up the calculator. Unfortunately, once exploits are out that can do this, it’s trivial for them to do worse. The bottom line is, be careful what sites you visit, beware of “driveby downloads” using this tactic consider alternative browsers until you’re patched. (Although in reality, with IE’s integration in Windows, it’s hard to be completely safe this way with other apps using IE to view html objects….)
-
March Microsoft Updates – etc.
I can’t believe it’s been so long without a post – last post was the last MS update cycle. I’ve been trying to avoid spending almost every waking hour at a computer for a while. Anyway, advance notice for the March Microsoft updates came out and it appears as though the only critical update is expected for Office, with an “important” update for Windows. The Office update may require a reboot, the Windows update is not expected to require a reboot.
Hopefully this will make for an un-eventful patch cycle.
-
Microsoft February Patch day advance notice
Microsoft has given advance notice that next Tuesday they will be releasing 7 updates for Windows, as many as 5 of these will be tagged as critical. The Security Fix has a bit on the advance notice as does Sans. Looks like one of the critical updates will be for Media Player, 4 for Windows itself and 2 updates for Microsoft Office. A reboot will be required for some of the updates.
-
Winamp and Shoutcast vulnerabilities
In the last several days there have been a couple vulnerabilities disclosed that I should cover. The first up is related to Winamp. Version 5.12 is vulnerable to a problem with the way it handles .pls (playlist) files. This could allow very bad things with a specially crafted pls file. There were some workarounds mentioned, however all those workarounds can be subverted. There is a new release available http://www.winamp.com/player/.
-
Network Security – Arp spoofing series
I think I’ve wrapped up the series on arp spoofing and it’s implications for network security. I know there’s nothing earth shattering here, most network security types are well aware of the problems (and perhaps aware of more sophisticated solutions?). For some though, this series is likely an eye opener as there are myths that switches cannot be sniffed, that ONLY wireless data packets can be sniffed, etc. etc.