PREVIOUS GNEWS. Advanced Notification on Thursday Patch Tuesday.
PREVIOUS GNEWS. 3 Patches – 4 Critical – 53+ CVEs Affected – Kernel, AD, SharePoint, Office,...
-
Upload
marjory-king -
Category
Documents
-
view
221 -
download
0
Transcript of PREVIOUS GNEWS. 3 Patches – 4 Critical – 53+ CVEs Affected – Kernel, AD, SharePoint, Office,...
PREVIOUS GNEWS
• 3 Patches – 4 Critical – 53+ CVEs
• Affected – Kernel, AD, SharePoint, Office, and more
• MS13-067 - Microsoft SharePoint Server, Remote Code
• MS13-068 - Microsoft Outlook, Remote Code
• MS13-069 - Cumulative Security Update for IE, Remote Code
• MS13-070 - OLE, Remote Code
• MS13-071 - Windows Theme File, Remote Code
• MS13-072 - Microsoft Office, Remote Code
• MS13-073 - Microsoft Excel, Remote Code
• MS13-074 - Microsoft Access, Remote Code
• MS13-075 - Microsoft Office IME (Chinese), Privilege Escalation
• MS13-076 – Kernel Mode Driver, Privilege Escalation
• MS13-077 - Windows Service Control Manager, Privilege Escalation
• MS13-078 - FrontPage, Information Disclosure
• MS13-079 - Active Directory, DoS
Other updates, MSRT, Defender Definitions, Junk Mail Filter
Patch Tuesday
• Oracle, due out Oct 15th
• Adobe– APSB13-21 – Adobe Flash Player– APSB13-22 – Adobe Reader and Acrobat– APSB13-23 – Adobe Shockwave Player
• Apple,– AirPort Base Station Firmeware 7.6.4
• Cisco– WebEx, – ASA, Multiple– Unified Communications, Multiple– Prime Central, Multiple– SocialMiner, Multiple– Jabber for Windows Cert Validation
Holes / Patches
• Crypto / NSA backdoor?
• Johns Hopkins prof forced to remove NSA related Blog
• HootSuite accounts hacked
Hacking
• Tahoe File System
• Pulled Pork 0.7.0– Includes ip reputation
• Microdunio
•
Tools
Papers• XKeyscore• http://resources.infosecinstitute.com/xkeyscore-nsas-surveillance-program/
• Malware Packers and Comms• http://resources.infosecinstitute.com/from-unpacking-to-communication-analysis
• HELIX• http://resources.infosecinstitute.com/incident-response-and-forensic-martial-arts-with-helix
• Windows Communications Foundation• http://resources.infosecinstitute.com/windows-communication-foundation
• email• http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-email-
correlation-and-phishing.pdf
CON Events• DFW BSides
All images scavenged without permission
All images scavenged without permission