Information Security

Windows Security

Syndicate content
Pipes Output
Updated: 1 day 21 hours ago

Bugtraq: [security bulletin] HPSBMU02998 rev.2 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS)

Fri, 04/18/2014 - 13:30
[security bulletin] HPSBMU02998 rev.2 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS)
Categories: Vulnerability Pipes

Vuln: Microsoft Internet Explorer CVE-2014-0322 Use-After-Free Remote Code Execution Vulnerability

Wed, 04/16/2014 - 19:00
Microsoft Internet Explorer CVE-2014-0322 Use-After-Free Remote Code Execution Vulnerability
Categories: Vulnerability Pipes

WinXP and/or Win2003 hanged systems because of SC Forefront Endpoint Protection faulty update, (Wed, Apr 16th)

Wed, 04/16/2014 - 12:48

Reader Philipp reported today a bug affecting his remaining Windows XP machines and Windows 2003 servers. Seems to be that all Windows XP and Windows 2003 machines with SC Forefront Endpoint Protection definition update 1.171.1.0 and later are affected. You might want to test definition update 1.171.64.0, as we have received reports stating that it fixes the problem. However, we have not seen yet any official statement from Microsoft regarding this issue.

If you disable Forefront because it's not letting your machine work, please place other controls that minimize the associated risk. Otherwise, your computers could be so easily hacked.

We also receive questions on which AV is the best. Since the answer is it depends on the company and the information security assets, you might want to check the Magic Quadrant for Endpoint Protection from Gartner Group and try to find yourself what is the best answer for your company. If you want to read the entire file, you can have it from Mcafee or Computerlinks.

We will update this diary if more information becomes available.

More information available at:

Manuel Humberto Santander Pelaez
SANS Internet Storm Center - Handler
Twitter:@manuelsantander
Web:http://manuel.santander.name
e-mail: msantand at isc dot sans dot org

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Categories: Vulnerability Pipes

Oracle Critical Patch Update for April 2014, (Wed, Apr 16th)

Wed, 04/16/2014 - 08:07

Oracle released its quarterly Criticical Patch Update (CPU) yesterday [1]. As usual, the number of patches is quite intimidating. But remember these 104 fixes apply across the entire Oracle product range.

Some of the highlights:

CVE-2014-2406: A bug in Oracle's Database which allows a remotely authenticated user to gain control over the database.

37 new patches for Java SE, 35 of which allow remote execution as the user running the Java Applet (according to Oracle: "The CVSS scores below assume that a user running a Java applet or Java Web Start application has administrator privileges (typical on Windows)".

4 of the Java vulnerabilities have a base CVSS score of 10 indicating not only full remote code execution but also easy exploitability.

[1] http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Categories: Vulnerability Pipes

Vuln: Microsoft Word CVE-2014-1761 Remote Memory Corruption Vulnerability

Tue, 04/15/2014 - 19:00
Microsoft Word CVE-2014-1761 Remote Memory Corruption Vulnerability
Categories: Vulnerability Pipes

Vuln: Microsoft Word File Converting CVE-2014-1757 Remote Code Execution Vulnerability

Tue, 04/15/2014 - 19:00
Microsoft Word File Converting CVE-2014-1757 Remote Code Execution Vulnerability
Categories: Vulnerability Pipes