PREVIOUS GNEWS. Advanced Notification on Thursday Patch Tuesday.
PREVIOUS GNEWS
description
Transcript of PREVIOUS GNEWS
![Page 1: PREVIOUS GNEWS](https://reader036.fdocuments.us/reader036/viewer/2022062409/56814fb3550346895dbd6ba9/html5/thumbnails/1.jpg)
PREVIOUS GNEWSPREVIOUS GNEWS
![Page 2: PREVIOUS GNEWS](https://reader036.fdocuments.us/reader036/viewer/2022062409/56814fb3550346895dbd6ba9/html5/thumbnails/2.jpg)
• 10 Patches / 34 Vulns – 3 Critical
• Affecting Winodow (all of them), Office, IE, SharePoint, .net
• Other updates, MSRT, Defender Definitions, Junk Mail Filter
– MS10-032 - Windows Kernel-Mode Drivers ,Elevation of Privilege– MS10-033 - Media Decompression ,Remote Code Execution– MS10-034 - Cumulative Security Update of ActiveX Kill Bits– MS10-035 - Cumulative Security Update for Internet Explorer– MS10-036 - COM Validation in Microsoft Office, Remote Code
Execution – MS10-037 - OpenType Compact Font Format (CFF) Driver, Elevation
of Privilege– MS10-038 – Microsoft Office Excel, emote Code Execution– MS10-039 - Microsoft SharePoint, Elevation of Privilege– MS10-040 - Internet Information Services, Remote Code Execution– MS10-041 - Microsoft .NET Framework, Tampering
Patch Tuesday
![Page 3: PREVIOUS GNEWS](https://reader036.fdocuments.us/reader036/viewer/2022062409/56814fb3550346895dbd6ba9/html5/thumbnails/3.jpg)
• Adobe, 3 patches– APSA10-01 Flash, Reader, Acrobat CS4– Flash RC is reported as patched.
• Really do we need apsa and apsb? One name, one patch!
• Apple,– Safari 4.1 (mac 10.4)– Safari 5.0 (mac 10.5+ and windows)– Java for Mac (10.5+)
• Cisco– 15 patches, multiple products– Cisco IOS with SIP, Remote Execution
• Windows 7 / 2008 R2 (disable aero)– Graphics driver cdd.dll, Remote Execuction
• Browsers– Firefox, Chrome, Opera, Safari
Holes / Patches
![Page 4: PREVIOUS GNEWS](https://reader036.fdocuments.us/reader036/viewer/2022062409/56814fb3550346895dbd6ba9/html5/thumbnails/4.jpg)
• OBD-II (paper available, cars-oakland2010.pdf)– It’s not just for diagnostics anymore– Change speedo read out, control brakes,….
• More Twitter BotNets– TwitterNet Builder
• Web Server BotNet– Mass DoS
•
Hacking / Holes
![Page 5: PREVIOUS GNEWS](https://reader036.fdocuments.us/reader036/viewer/2022062409/56814fb3550346895dbd6ba9/html5/thumbnails/5.jpg)
• Facebook Registration, for better security
• Symantec buys Verisign CA business
• Duke University shuts down usenet
• IBM promo usb, complete with virus
• Invisible Things Lab to make new OS, Qubes OS
• MSI switch to UEFI, death toll for BIOS?
• Open Source DB Monitoring, or lack there of
• Google Street View / WiFi debacle
Corp. Hell
![Page 6: PREVIOUS GNEWS](https://reader036.fdocuments.us/reader036/viewer/2022062409/56814fb3550346895dbd6ba9/html5/thumbnails/6.jpg)
Papers
Secure Hyper VisorOAKLAND10.pdf
NSA DeclassificationNSA-HGPEDC_1964.pdf
EFF Browser Uniqenessbrowser-uniqueness.pdf
![Page 7: PREVIOUS GNEWS](https://reader036.fdocuments.us/reader036/viewer/2022062409/56814fb3550346895dbd6ba9/html5/thumbnails/7.jpg)
Film / Music
Dr. Demento goes off the air.
LimeWire to shut down
![Page 8: PREVIOUS GNEWS](https://reader036.fdocuments.us/reader036/viewer/2022062409/56814fb3550346895dbd6ba9/html5/thumbnails/8.jpg)
metasploitablevuln os
metasploit 3.4
Ruby nmap parseroh noz madhat
mobile malware
Updates
![Page 9: PREVIOUS GNEWS](https://reader036.fdocuments.us/reader036/viewer/2022062409/56814fb3550346895dbd6ba9/html5/thumbnails/9.jpg)
CON Events
Social Engineering Capture the Flag
![Page 10: PREVIOUS GNEWS](https://reader036.fdocuments.us/reader036/viewer/2022062409/56814fb3550346895dbd6ba9/html5/thumbnails/10.jpg)
All images scavenged without permission
All images scavenged without permission