1 / 10

PREVIOUS GNEWS

PREVIOUS GNEWS. Patch Tuesday. 10 Patches / 34 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE, SharePoint, .net Other updates, MSRT, Defender Definitions, Junk Mail Filter. MS10-032 - Windows Kernel-Mode Drivers ,Elevation of Privilege

cabsher
Download Presentation

PREVIOUS GNEWS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PREVIOUS GNEWS

  2. Patch Tuesday • 10 Patches / 34 Vulns – 3 Critical • Affecting Winodow (all of them), Office, IE, SharePoint, .net • Other updates, MSRT, Defender Definitions, Junk Mail Filter • MS10-032 - Windows Kernel-Mode Drivers ,Elevation of Privilege • MS10-033 - Media Decompression ,Remote Code Execution • MS10-034 - Cumulative Security Update of ActiveX Kill Bits • MS10-035 - Cumulative Security Update for Internet Explorer • MS10-036 - COM Validation in Microsoft Office, Remote Code Execution • MS10-037 - OpenType Compact Font Format (CFF) Driver, Elevation of Privilege • MS10-038 – Microsoft Office Excel, emote Code Execution • MS10-039 - Microsoft SharePoint, Elevation of Privilege • MS10-040 - Internet Information Services, Remote Code Execution • MS10-041 - Microsoft .NET Framework, Tampering

  3. Holes / Patches • Adobe, 3 patches • APSA10-01 Flash, Reader, Acrobat CS4 • Flash RC is reported as patched. • Really do we need apsa and apsb? One name, one patch! • Apple, • Safari 4.1 (mac 10.4) • Safari 5.0 (mac 10.5+ and windows) • Java for Mac (10.5+) • Cisco • 15 patches, multiple products • Cisco IOS with SIP, Remote Execution • Windows 7 / 2008 R2 (disable aero) • Graphics driver cdd.dll, Remote Execuction • Browsers • Firefox, Chrome, Opera, Safari

  4. Hacking / Holes • OBD-II (paper available, cars-oakland2010.pdf) • It’s not just for diagnostics anymore • Change speedo read out, control brakes,…. • More Twitter BotNets • TwitterNet Builder • Web Server BotNet • Mass DoS

  5. Corp. Hell • Facebook Registration, for better security • Symantec buys Verisign CA business • Duke University shuts down usenet • IBM promo usb, complete with virus • Invisible Things Lab to make new OS, Qubes OS • MSI switch to UEFI, death toll for BIOS? • Open Source DB Monitoring, or lack there of • Google Street View / WiFi debacle

  6. Papers Secure Hyper Visor OAKLAND10.pdf NSA Declassification NSA-HGPEDC_1964.pdf EFF Browser Uniqeness browser-uniqueness.pdf

  7. Film / Music Dr. Demento goes off the air. LimeWire to shut down

  8. Updates metasploitable vuln os metasploit 3.4 Ruby nmap parser oh noz madhat mobile malware

  9. CON Events Social Engineering Capture the Flag

  10. All images scavenged without permission All images scavenged without permission

More Related