OS + Application Updates

[Pic0o]

On a semi-related note, FoxNews reports a Moch-CyberAttack Drill resulted in massive failure.

 

Fox News jokes aside, I cannot be shocked @ this conclusion:

The two-day "cyberwar" simulation involved 230 government agencies, private companies and other groups.

 

It ran through what would happen if overseas hackers launched massive attacks during a national crisis — as happened in Estonia last year during a wave of ethnic violence, and again in Georgia during the brief Russian invasion this August.

 

"There isn't really anybody in charge," Booz Allen Hamilton consultant Mark Gerencser told Reuters.

[Pic0o]

More updates to get, light info here.

You can get Details @ MS

 

Affected items are:

Internet Explorer

Exchange Server

SQL Server 2000 and 2005

Office Visio

[Pic0o]

A bunch of updates came out this week, all looking pretty critical. Applying to office rig now.

[Pic0o]

Some updates went down yesterday, and they look to be related to Powerpoint exploits. I almost never have anyone send me a ppt, so this is kinda a moot issue, but patch up just in case, and if you see some ppt spam, you have an idea of the intent.

 

On a related note, if you run Adobe Reader, update that as it has been vulnerable for a bit now, with some exploits targeting the flaws.

 

Windows Defender update for Windows 7 and prolly Vista too. :P

Edited May 13, 2009 by Pic0o
Topic Movin to sub

[Pic0o]

In the wake of Wednesday, get those Windows updates. My XP rig shows 9 critical patches.

[Pic0o]

It seems that MS has the patch out for the DirectX Video issue / flaw. A few other smaller updates, so get 'em patched up.

 

Andrew Storms, director of security operations at security and compliance firm nCircle, commented: "Microsoft has released updates that address two of three critical zero-day exploits this month. We can, however, anticipate a more complete patch for ActiveX later, since today's update from Microsoft only issues a killbit on the ActiveX control."

 

'Quick fix' :lol:

Info from:

http://www.theregister.co.uk/2009/07/15/ms_patch_tuesday/

[Pic0o]

I show about 15 updates today, and I thought I just checked within the last week. Guessing most, if not all of those are from yesterday's patches.

 

Patchen uppen.

[Pic0o]

This Tue was another Patch day. If you haven't do it up.

[Pic0o]

Yet another Patch day was this week. I show 1 critical on my Win 7 install, as most look directly related to Office apps.

 

Patch 'em up. I see 3 critical updates on my XP rig.

[Pic0o]

There were security conferences this weekend, and as a result, there are some updates to get. When installing KB2286198, I rebooted to see my Network connection was not working. When I say this, I mean I had a connection but no IP info. I rebooted a few more times with the same issue, so I went to add/remove.

 

Checking Add/Remove, I checked Show all updates and uninstalled the single item for yesterday, the KB above. I am on a Core 2 Duo E6400, running an Intel DG965WH Motherboard. The onboard NIC is an Intel 82566DC Gigabit adapter.

 

Once I uninstalled the KB and rebooted, my NIC was back to functional.

 

Later this morning...

I reinstalled the update without issue this round. I think one of the VPN apps on my PC may have been the core culprit. Oh well, keep this KB in mind, if you do have NIC issues pop up.

Edited August 4, 2010 by Pic0o

[Pic0o]

Windows Server has some critical updates related to RDP that you should prioritize deployment of. Check details on this release of updates.

 

Official Windows Update info page

 

“A little about MS12-020…this bulletin addresses one Critical-class issue and one Moderate-class issue in Remote Desktop Protocol (RDP),” Angela Gunn, security response communications manager for Microsoft’s Trustworthy Computing Group, explained in a blog post.

 

Besides the RDP bugs, this month’s Patch Tuesday addressed five other vulnerabilities: two denial-of-service bugs and an escalation of privileges issue in Microsoft Windows; a remote code execution vulnerability in Microsoft Expression Design; and an escalation of privileges issue in Microsoft Visual Studio. All those issues are rated ‘important’ with the exception of one of the Windows’ denial-of-service bugs, which is rated ‘moderate.’

 

After-hours it is. :lolabove:

[Pic0o]

Going to have this be the common application update thread. I'll try to keep a list of current driver and application versions. Applications are becoming more of an exploit vector than your OS is.

 

Java version:

7.1.9

 

Adobe Flash version:

11.4.402.287

 

Intel Rapid Storage Technology:

11.6.0.1030

 

Microsoft Silverlight version:

5.1.10411.0

Check Version on MS Site

 

I added some non-attack vector programs too, as I enjoy RAID support and have been known to dive into the Netflix. Let me know if I missed any relevant ones, excluding Web Browsers that update almost daily (and semi-silently).

[Pic0o]

11 Critical updates popped up on my rig last night. Installing now, as '13 is going to be some record exploit seasons.

[Pic0o]

Running an Ubuntu 12.04 and I see the following checking my flash player version.

NOTE: Adobe Flash Player 11.2 will be the last version to target Linux as a supported platform. Adobe will continue to provide security backports to Flash Player 11.2 for Linux.

 

Ouch. I guess the Mac OS X variants doing their own patching, pissed off adobe. FWIW, I'm pretty sure something is going to overtake flash, it's just not Silverlight. :P

[JeT]

Yeah... and flash is slowly being phased out anyhoo... even Adobe has come to admit that. But yeah... I'd like HTML5 please-- not another plugin like Silverlight, as then we're in the exact same position haha. I wish the 'Flix didn't constantly tell me to update ma lights of silver.