PREVIOUS GNEWS. 16 Patches / 49 Vulns – 4 Critical Affecting most everything Other updates, MSRT,...
-
Upload
cathleen-blankenship -
Category
Documents
-
view
219 -
download
0
Transcript of PREVIOUS GNEWS. 16 Patches / 49 Vulns – 4 Critical Affecting most everything Other updates, MSRT,...
PREVIOUS GNEWS
• 16 Patches / 49 Vulns – 4 Critical• Affecting most everything
• Other updates, MSRT, Defender Definitions, Junk Mail Filter
– MS10-071 - Cumulative Security Update for Internet Explorer– MS10-072 - SafeHTML , Could Allow Information Disclosure– MS10-073 - Windows Kernel-Mode Drivers, Elevation of Privilege – MS10-074 - Microsoft Foundation Classes, Remote Code Execution – MS10-075 - Media Player Network Sharing Service, Remote Code
Execution– MS10-076 - Embedded OpenType Font Engine, Remote Code Execution – MS10-077 -.NET Framework, Remote Code Execution – MS10-078 - OpenType Font (OTF) Format Driver, Elevation of Privilege– MS10-079 - Microsoft Word, Remote Code Execution– MS10-080 - Microsoft Excel, Remote Code Execution– MS10-081 - Windows Common Control Library, Remote Code Execution – MS10-082 - Windows Media Player, Remote Code Execution– MS10-083 - COM Validation in Windows Shell and WordPad, Remote Code
Execution– MS10-084 - Windows Local Procedure Call, Elevation of Privilege– MS10-085 - SChannel, Denial of Service (2207566)– MS10-086 - Windows Shared Cluster Disks, Tampering
Patch Tuesday
• Oracle, 85 patches
• Adobe, 3 patches (23 holes in Reader)– APSB10-21 Adobe Reader and Acrobat– APSB10-22 Adobe Flash Player– APSA10-03 Flash Player
• Apple,– Security Update 2010-006– QuickTime 7.6.8
• Cisco– 14 patches, multiple products– NTP and SSLVPN, DoS– Multiple issues with H.323
• Browsers– YES
Holes / Patches
Corp. Hell
• Apple patents parental controls
• Apple trademarks “there’s an app for that”
Papers Hakin9 is out (email, ipv6, voip)
(IN)Secure Magazine #27 is out
OWSP ZAP (Zed Attack Proxy)A fork of Paros Proxy
Updates
Gfirst 6 presentations posted (Aug 2010)http://www.us-cert.gov/GFIRST/presentations.html
Lite coverage of HITBhttp://www.themalaysianinsider.com/features/article/securing-the-future/
Past Cons
ToorConSan Diego CA
20 – 22 Oct 2010
DayConDayton, OH
22 – 23 Oct 2010
SecTorToronto CA
25 – 27 Oct 2010
B-SidesDallas, TX6 Nov 2010
Con
All images scavenged without permission
All images scavenged without permission