5 Benefits of Automating Patch Management

November 26, 2010 by  
Filed under Protection Tools

You need a patch management solution for proper patch management. But what are the benefits of automating patch management for these companies?

 

    1. Security

Security is the most obvious reason as to why companies would want to have an automated patch management solution in place. One of the main reasons why software vendors release new patches is to fix security vulnerabilities that can be exploited by malicious software or people intending to damage the IT systems or network.

 

Applying security patches in a timely fashion highly reduces the risk of having a security breach and all the related problems that come with it, like data theft, data loss, reputations issues or even legal penalties.

 

Read more

The Pirate Bay Hacked, User Info Exposed

July 8, 2010 by  
Filed under Security News

An Argentinian hacker named Ch Russo claims that he and two associates have found several SQL injection vulnerabilities in The Pirate Bay’s database, which granted him access to all user information, including usernames and e-mails.

 

According to KrebsOnSecurity, who spoke with Ch Russo on the phone, the hackers did not modify the user data or give it away to a third party. They did, as they say, consider how much this info would be worth to various anti-piracy outfits such as the RIAA.

 

“Probably these groups would be very interested in this information, but we are not [trying] to sell it. Instead we wanted to tell people that their information may not be so well protected,” Ch Russo said.

 

It seems that the vulnerability has been at least partially patched however, as Russo said the website component that gives access to The Pirate Bay’s database has been removed. Furthermore, The Pirate Bay site is currently down, sporting the following message: “Upgrading some stuff, database is in use for backups, soon back again.. Btw, it’s nice weather outside I think.”

 

Although it’s been under the attack of the entertainment industry for years now, The Pirate Bay has somehow been able to survive to this day, even in the wake of some other major torrent trackers, such as Mininova.

 

Security problems such as this one, however, might cause huge problems to the service if user information falls into the wrong (or right, depending on how you look at it) hands.

 

 

By :Stan Schroeder

Source : mashable.com


Guest blog: Adobe, make my day. Disable JavaScript by default

July 5, 2010 by  
Filed under Security News

2809 Guest blog: Adobe, make my day. Disable JavaScript by default

 

Users around the world will be pleased to learn that Adobe has managed to release an accelerated security update for Adobe Reader and Acrobat (APSB10-15) before the planned release date (13th July). The latest version of Adobe Acrobat and Reader for Windows is now 9.3.3.

 

The security update includes fixes for 17 vulnerabilities, which means that the guys from Adobe PSIRT have been working very hard in the last month or so.

 

From the malware protection point of view the most important vulnerability patched with the latest update is CVE-2010-1297 which has been actively exploited since its discovery on June 5th.

 

Although the vulnerability affected Adobe Flash, the main vehicle for delivering malicious payloads were PDF files. A booby-trapped PDF file would contain a Flash animation which would trigger the vulnerability, JavaScript code which would be used to create memory layout to allow the exploit to successfully launch shellcode and ultimately, an encrypted executable payload which would deliver the final functionality. This exploit is more complex than the usual exploits we have become used to in the last few years and it may mark a new trend in the direction of writing exploits and shellcode.

 

The common thread in most, if not all, Adobe exploits is the requirement for JavaScript as exploits will work correctly only if JavaScript is enabled. This is why we recommend all users disable JavaScript in Adobe Acrobat and Reader.

 

Read More…

 

YouTube on IE is forcing to update the flash player

June 12, 2010 by  
Filed under Security News

If you are visiting YouTube and you want to watch any video you will see this message like this picture:

IE youtube flash YouTube on IE is forcing to update the flash player

 

Because there is a critical vulnerabilities that have been discovered in the current versions of Adobe Flash Player for Windows, Macintosh, Solaris and Linux.

 

Critical patches: Update your Adobe Flash player now

June 11, 2010 by  
Filed under Security News

Adobe has issued a security bulletin detailing critical vulnerabilities that have been discovered in the current versions of Adobe Flash Player for Windows, Macintosh, Solaris and Linux.

 

An update issued by Adobe claims to resolve 32 vulnerabilities in Flash Player – which if left unpatched could leave open a door for hackers to infect innocent users’ computers. Some of the security holes are already being exploited by malicious hackers.

 

Adobe is recommending that users upgrade to Adobe Flash Player 10.1.53.64.

 

If you’re not sure which version of the Adobe Flash Player you have installed, visit theAbout Flash Player page. Remember that if you use more than one browser on your computer you should check the version number on each.

 

Adobe further recommends that users of Adobe AIR version 1.5.3.9130 and earlier versions update to Adobe AIR 2.02.12610.

 

It is becoming more and more common for cybercriminals to exploit vulnerabilities in Adobe’s software – so it would be a very good idea for everyone to update vulnerable computers as soon as possible.

 

By Graham Cluley, Sophos


A swarm of Safari security holes: Mac and Windows users told to update

June 9, 2010 by  
Filed under Security News

Whether you own a Windows or Mac OS X computer, if you’re a user of Apple’s Safari browser, it’s time to update your computer against a swarm of security vulnerabilities.

 

With the attention of most Apple devotees diverted this week towards the sleek new iPhone 4, some may have missed that the Cupertino-based company has also issued a brand new version of its web browser, Safari.

 

Most interestingly to us, however, is the news that Safari 5.0 not only includes new functionality, but also plugs at least 48 different security vulnerabilities that (if left unpatched) could be exploited by hackers.

 

Mac OS X version 10.4 users (which Safari 5 doesn’t support) aren’t left in the lurch either. Apple has issued Safari version 4.1 for those customers, which addresses the same set of security issues.

 

Read More…

 

Adobe products struck by zero-day attacks

June 6, 2010 by  
Filed under Security News

Adobe’s products are once again in the firing line, as hackers are reportedly exploiting critical unpatched vulnerabilities in the products Adobe Reader, Acrobat and Flash Player.

 

Adobe has published a security advisory describing the problems which affect users regardless of whether they’re running Windows, Mac OS X, Linux, Solaris or UNIX.

 

Adobe has labelled the zero-day vulnerabilities as “critical”, the most serious rating it has.

 

Adobe says that Adobe Reader and Acrobat version 8.x are not vulnerable, and that the Flash Player 10.1 release candidate “does not appear to be vulnerable”.

 

Although Adobe has published a way to mitigate the problem for Adobe Reader and Acrobat 9.x for Windows, the workaround is clearly not ideal:

Deleting, renaming, or removing access to the authplay.dll file that ships with Adobe Reader and Acrobat 9.x mitigates the threat for those products, but users will experience a non-exploitable crash or error message when opening a PDF file that contains SWF content.

 

Read More…


Critical security updates from Microsoft and Adobe

May 12, 2010 by  
Filed under Security News

It was “Patch Tuesday” yesterday, which means another parcel of security updates for computer users to unwrap, and this time the fixes aren’t just from Microsoft, but from Adobe too.

 

First on the menu is Microsoft, which has served up two security bulletins detailing vulnerabilities that could be exploited by hackers to execute malicious code (such as a worm) on your computer.

 

The first of these security holes exists in Outlook Express, Windows Mail, and Windows Live Mail. Microsoft’s Security Research & Defense blog goes into some detail about the vulnerability, explaining that although the security hole is given a “critical rating” on Windows 2000, Windows XP, Windows Vista, Windows Server 2003, and Windows Server 2008, it is considered less serious for Windows 7 users as Windows Live Mail is not installed by default on that platform.

 

The other patch from Microsoft addresses a vulnerability in Visual Basic for Applications, a component used by Microsoft Office and other third-party products. Microsoft has given this security update its highest possible rating – “Critical” – for all supported versions of Microsoft Visual Basic for Applications SDK and third-party applications that use Microsoft Visual Basic for Applications. It is also rated “Important” for all supported editions of Microsoft Office XP, Microsoft Office 2003, and the 2007 Microsoft Office System.

 

shockwave player 170 Critical security updates from Microsoft and AdobeNext up is Adobe, who have released patches to squash over 20 security vulnerabilities in its Shockwave and ColdFusion products.

 

The critical vulnerabilities identified in Adobe Shockwave Player 11.5.6.606 and earlier versions impact both Windows and Macintosh users, and could allow attackers to run malicious code on your computer.

 

Adobe recommends that users update their version of Adobe Shockwave Player to version 11.5.7.609.

 

Details of the ColdFusion vulnerabilities, classed as “important”, are provided in Adobe Security Bulletin APSB10-11.

 

Enough of waffle. Download and install the patches if your computer is affected.

 

By Graham Cluley, Sophos

 

Apple Safari zero-day exploit revealed

May 11, 2010 by  
Filed under Security News

 

 

2530 Apple Safari zero day exploit revealed

Apple’s Safari browser contains a critical, unpatched bug that attackers can use to infect Windows PCs with malicious code, researchers at US-CERT and other security firms said today.

 

Hackers could compromise PCs with simple “drive-by” attack tactics, researchers added.

 

The vulnerability, first reported by Danish vulnerability tracker Secunia and confirmed by the United States Computer Emergency Readiness Team (US-CERT), was disclosed by Polish researcher Krystian Kloskowski on Friday. The bug is caused by an error in the handling of the browser’s parent windows.

 

Apple Safari gets security fix in update | Apple Safari 4 browser | How to use Greasemonkey scripts with IE, Chrome and Safari

 

“This can be exploited to execute arbitrary code when a user visits a specially-crafted web page and closes opened pop-up windows,” said Secunia’s alert.

 

The vulnerability can also be exploited by attackers who dupe users into opening rigged HTML-based e-mail within Safari, added US-CERT in its advisory. That scenario likely would involve tricking users into opening malicious messages in a Web mail service, such as Gmail or Windows Live Hotmail.

 

Both Secunia and US-CERT confirmed today that the proof-of-concept attack code published by Kloskowski successfully compromises the Windows version of Safari 4.0.5, the most up-to-date edition. Secunia rated the vulnerability as “highly critical,” the second-most-dangerous ranking in its five-step threat scoring system.

 

It’s not known whether the vulnerability also exists in the much more widely used Mac OS X version of Apple’s software. “Other versions may also be affected,” cautioned US-CERT.

 

Charlie Miller, the noted vulnerability researcher who won $10,000 by hacking a Mac in March at the Pwn2Own contest, was out of his office and not able to verify that the bug also exists in Safari on Mac OS X.

 

US-CERT urged users of the Windows version of Safari to disable JavaScript as a temporary defense.

 

Apple last patched Safari in mid-March when it fixed 16 flaws, including six that applied only to the Windows version of the browser. It’s not unusual for Apple to patch Windows-only vulnerabilities when it updates Safari.

 

Apple patched Miller’s $10,000 vulnerability in mid-April by plugging a hole in ATS (Apple Type Services), a font renderer included with Mac OS X. Miller accessed the ATS bug via Safari during Pwn2Own.

 

 

By Gregg Keizer, techworld.com


Windows and Mac users urged to update Safari

March 12, 2010 by  
Filed under Security News

Apple has released version 4.0.5 of its Safari browser, fixing a number of issues with its browser for Windows and Mac OS X including – most importantly – a grand total of 16 security vulnerabilities.

 

If you dilly-dally over updating your computer, it’s possible that hackers could exploit the security bugs – including some that could mean that simply visiting a webpage with a maliciously crafted image could lead to malicious code being automatically run on your computer.

 

Interestingly, one of the bugs (CVE-2009-2285) fixed in Safari 4.0.5 was announced and patched in Mac OS X 10.6.2 back in December 2009, and in Mac OS X 10.5 since January, meaning that Windows users of Safari have been vulnerable for over two months to the way their browser handles booby-trapped TIFF images.

 

But it doesn’t matter whether you own a Mac or PC, if you run Safari the message is clear: It’s time to update your browser and ensure that you are protected against hackers exploiting the security holes detailed in the security advisory on Apple’s website.

 

Safari users should practise safe computing, and update their systems as soon as possible.

 

By Graham Cluley, Sophos

 

 

Next Page »