1 / 13

Patch Tuesday August 2017: Vulnerabilities and Updates

This article provides an overview of the Patch Tuesday updates for August 2017, including vulnerabilities and updates for various software and systems such as Internet Explorer, Microsoft Edge, Adobe Flash Player, and Apple devices. It also includes information on recent security conferences and events.

turnerk
Download Presentation

Patch Tuesday August 2017: Vulnerabilities and Updates

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Patch Tuesday • Aug 2017 – 51 vulnerabilities with 130 unique downloads • Internet Explorer / Microsoft Edge / Remote Code • Microsoft Windows / Remote Code • Microsoft SharePoint / Spoofing • Adobe Flash Player / Remote Code • Microsoft SQL Server / Info Disclosure • Out of Band Outlook Patch • EternalSynergy Exploit (SMB again)

  2. Holes / Patches • VMWare • VMSA-2017-0012 ( 1 CVE) • VCenter • VMSA-2017-0013 ( 4 CVE) • VIX API • Apple • Wifi / Boot Camp 6.1 ( 1 CVE) • tvOS 10.2.2 ( 38 CVE) • iTunes 12.6.2 Windows ( 23 CVE) • iCloud 6.2.2 Windows ( 22 CVE) • Safari 10.1.2( 25 CVE) • Security Update 2017-003 ( 37 CVE) • iOS 10.3.3 ( 47 CVE) • watchOS 3.2.3( 16 CVE) • Oracle • 308 Fixes • Adobe • APSB17-23 Flash Player ( 2 CVE) • APSB17-24 Acrobat / Reader ( 67 CVE) • APSB17-26 Experience Manager ( 3 CVE) • APSB17-27 Digital Editions ( 9 CVE) • Cisco • WebEx Extension • FreeRadius • 15 Vulns Identified • gSOAP • cameras

  3. Hacking • Half-baked WP takeovers • tor bounty open to all • Windows bounty announced • safe cracking robot • DEFCON - gun magnets • BLACKHAT - cache attack • DEFCON SMB 0-day • docker as malware • netflix api ddos

  4. ARM buys Simulity • Rapid7 buys Komand (orchestration) • Micheal Kors buys Jimmy Choo • intel shutsdown wearables • Adobe draws 2020 EOL line in sand • intel discontinues arduino 101 • foxxconn in wisconsin • bitcoin split • Mandiant analyst popped • HotSpot Shield data Corp

  5. Dutch surveillence • no cloud searches at the border • alphabay takedown (and Hansa) • 5yrs for citadel coder • civil asset forfieture • EFF Guide on Birde crossing and device wipe • jersy privacy • OCR reporting tool • Nevada privacy notice • malwaretechblog arrested • IOT Cybersecurity Improvement act of 2017 • Texas SB4 Govt

  6. MS ebooks https://blogs.msdn.microsoft.com/mssmallbiz/2017/07/11/largest-free-microsoft-ebook-giveaway-im-giving-away-millions-of-free-microsoft-ebooks-again-including-windows-10-office-365-office-2016-power-bi-azure-windows-8-1-office-2013-sharepo/ http://ligman.me/2sZVmcG Car hacking workbench pt2 https://community.rapid7.com/community/transpo-security/blog/2017/07/17/building-a-car-hacking-development-workbench-part-2 Car hacking workbench pt3 https://community.rapid7.com/community/transpo-security/blog/2017/07/20/building-a-car-hacking-development-workbench-part-3 Papers

  7. Metal is Terror employees OK with bio implants WTF

  8. siemonster pyREBox yython sandbox Blackhat arsenal Luckystrike 2.0 evil macro generator fireEye FlareVM malware analysis anti-drone DefPloreX machine learning Tools

  9. Past Cons BH - priveiw BH - top 20 BH - best of BH - Palo Alto IOT honeypot BH - Carwash smash DC - Queercon Badge DC - mr Robot Badge DC - badges DC - Tor

  10. Future Cons SANS San Antonio 6-11 Aug ToorCon San Diego 28Aug – 3 Sep DerbyCon 20-24 Sep Rock Stars of Cybersecurity Technologies 26 Sep CactusCon 29-30 Sep

  11. DHA @Dallas_Hackers ( 1st Wednesday / Family Karaoke, Dallas ) TX2600 @dallas2600 ( 1st Fri / Wild Turkey 35&WalnutHill, Dallas ) The Lab.MS @TheLab_ms ( 2ndSaturday + random events / TheLab.ms, Plano ) ISSA Fort Worth @ISSAFortWorth ( 2nd Tuesday / location varies ) ?? Fort Worth Crypto Party ?? ( 2nd Tuesday ? / The Maker Spot, N. Richland Hills ) Hack Ft Worth @Hack_FtW ( 3rd-ish Tuesday / Buffalo West, Fort Worth) OWASP Dallas @OWASPDallas ( 3rdTuesday / location varies ) Crypto Party DFW @CryptoPartyDFW ( 3rd Thursday / TheLab.ms, Plano ) North Texas Cyber Security Group @ntxcsg ( Last Thursday, Jakes, Frisco ) Dallas MakerSpace @dallasmakers ( Random events / Carrollton ) Where

  12. All images scavenged without permission All images scavenged without permission

More Related