Brydan Solutions
IT Services | Cloud Services | Web Services
Apple has released iOS 4.3.5 for the iPhone (GSM model), iPod touch, and iPad, and iOS 4.2.10 for the iPhone (CDMA model) to address a vulnerability. This vulnerability may allow an attacker with a privileged network position to capture or modify data in SSL/TLS sessions.
US-CERT encourages users and administrators to review Apple Support Articles
Read more at:
Continue reading
The Foxit Corporation has released Foxit Reader 5.0.2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the security release notes for Foxit Reader 5.0.2 and apply any necessary…
Read more at: US-CERT Current Activity
Continue reading
Apple has released Safari 5.1 and 5.0.6 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, perform a cross-site scripting attack, or disclose sensitive information.
US-CERT encourages users and administrators to review Apple Support Article HT4808 and apply any…
Read more at: US-CERT Current Activity
Continue reading
Oracle has released its Critical Patch Update for July 2011 to address 78 vulnerabilities across multiple products. This update contains the following security fixes:
- 13 for Oracle Database Server
- 3 for Oracle Secure Backup
- 7 for Oracle Fusion Middleware
- 18 for…
Read more at: US-CERT Current Activity
Continue reading
Severity: Medium 12 July, 2011 Summary: This vulnerability affects: Visio 2003, only How an attacker exploits it: By enticing one of your users into opening a maliciously crafted Visio document Impact: An attacker can execute code, potentially gaining complete control of your users’ computers What to do: Deploy the Visio 2003 patch as soon as [...]
Continue reading
Also, Flaws in CSRSS and Kernel-Mode Drivers Severity: High 12 July, 2011 Summary: These vulnerabilities affect: All current versions of Windows and components that ship with it How an attacker exploits them: Multiple vectors of attack, including sending specially crafted wireless Bluetooth traffic Impact: An attacker can gain complete control of your Windows computer What [...]
Continue reading
Microsoft has released this month’s patches, and if you have a Windows Vista or 7 computer with bluetooth, you should update now. You’ll find the full list of this month’s Microsoft patches on their July Patch Day summary page. The summary describes three flaws that affect Windows and its components, and one flaw that affects [...]
Continue reading
Earlier this week, the Internet Systems Consortium (ISC) released a BIND 9 update to fix two serious Denial of Service (DoS) vulnerabilities in the popular, open source DNS server software. The two DoS flaws differ technically, but essentially share the same scope and impact. By sending specially crafted packets to your BIND 9 server, an [...]
Continue reading
After last month’s monsterous Patch Day, I’m happy to report Microsoft plans to give us a break next Tuesday. According to their Advanced Notification alert for July, they will release four security bulletins on Tuesday, July 12. The bulletins will cover 22 vulnerabilities affecting Windows and Office (likely Visio), and Microsoft only rates one of [...]
Continue reading
Summary: These vulnerabilities affect: All current versions of OS X 10.5.x (Leopard) and OS X 10.6.x (Snow Leopard) How an attacker exploits them: Multiple vectors of attack, including enticing your users to visit a malicious web site, or into downloading and viewing various documents or images Impact: Various results; in the worst case, an attacker [...]
Continue reading