Archive for the 'Security-updates' Category


Sun java update process vulnerable

Wednesday, August 30th, 2006

The Java Runtime Environment from Sun has a vulnerability that’s due in large part to a poor approach to updating it. IF you have not uninstalled previous versions of the JRE on your PC, they are likely still there EVEN after an update AND to make things even worse, a specially designed website could specifiy [...]

Sendmail DoS vulnerability

Wednesday, August 30th, 2006

I’ve got to admit, I hadn’t caught the notice of this until it was at incidents.org. I don’t currently administer sendmail on any machines, but…. Sendmail released version 8.13.8 on August 9th to address several issues (including a DoS vulnerability). It was possible for a specially crafted email to trigger the problem.    Send article [...]

Intel Proset Wireless update

Monday, August 28th, 2006

A couple weeks back, there was a pretty important security update for the Intel Proset Wireless driver. The big problem is that the update was a memory hog and caused porblems. Sans has info on the update to the update, also George Ou is encouraging everyone to make sure they’ve got things updated. It’s possible [...]

Wireshark, various vulnerabilities disclosed

Thursday, August 24th, 2006

There used to be a tool called ethereal and then it changed it’s name to wireshark. Today a number of security vulnerabilities were disclosed. A new version is available and workarounds. Please upgrade if at all possible.    Send article as PDF   

More Microsoft Patch problems MS06-042

Tuesday, August 22nd, 2006

This has been one of the “problem child” patches this time around and it looks as though it’s worse than initially thought. Apparently, instead of “just” crashing IE SP1 when viewing compressed http 1.1 web pages on WinXP SP1 or Windows 2000 SP4…. as stated in Microsoft’s bulletins, this could also lead to a buffer [...]

Other MS patch news as well as a Yahoo vulnerability?

Monday, August 14th, 2006

Or lack of currently available patch as the case may be. From the previous link it appears that there was at least one previously announced vulnerability that was not addressed in the recent patch day from Microsoft. From MS… “this is a DoS only issue that was not addressed in MS06-040, but will be addressed [...]

Ruby on Rails urgent update

Thursday, August 10th, 2006

A new version of Ruby on Rails has been released in response to a critical security vulnerability. The link will take you to information at incidents.org. 1.1.5 is the new version and should be compatible with 1.1.4 all previous versions appear to be vulnerable.    Send article as PDF   

Microsoft August Updates

Tuesday, August 8th, 2006

Incidents.org has an initial list of the updates today from Microsoft, there is also a brief from Microsoft on the updates. It appears as though one is Powerpoint specific, another is Office releated, one is tagged as an Internet Explorer update and the rest Windows. More details later in the day. Hopefully we can get [...]

RSS feed to spread the word of software updates

Friday, August 4th, 2006

The computer security landscape today is such that pretty much ALL software, whether it’s Operating System, Office Suite, Web browser or device driver is at any given time “the weakest link”. One of my dreams as someone that does IT is “what IF there were an easy way to keep track of updates for software?” [...]

Windows update advance notice for August 2006

Friday, August 4th, 2006

August’s advance bulletin of Microsoft updates is already up. Tuesday of course is the monthly Microsoft patch day. It appears as though there will be 12 updates this time around. As usual, it could be that individual updates fix multiple problems. 10 updates will affect Windows at least 1 critical, will require a restart. 2 [...]

Google
 
Web www.averyjparker.com

Switch to our mobile site