A little something to keep you busy… Adobe vulnerabilities that affect Microsoft Windows, Mac and Unix machines. Patch ’em up! —–BEGIN PGP SIGNED MESSAGE—– Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA11-350A Adobe Updates for Multiple Vulnerabilities Original release date: December 16, 2011 Last revised: — Source: US-CERT Systems Affected * Adobe Reader X (10.1.1) …
1
CERT releases Cyber Security Alert TA11-347A for Microsoft Updates…
National Cyber Alert System Technical Cyber Security Alert TA11-347A Microsoft Updates for Multiple Vulnerabilities Original release date: December 13, 2011 Last revised: — Source: US-CERT Systems Affected Microsoft Windows Microsoft Office Internet Explorer Overview There are multiple vulnerabilities in Microsoft Windows, Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for December …
The US Postal Service did not email you about a returned or refused package. Don’t open that attachment!
In the last 24hrs, I have spoken with or assisted at least 3 people who have become infected due to opening a malicious email. One of them was my wifey, Pamela, who received an email from the US Postal Service stating that her package had been refused and to open the attached file for details. Due to her old Microsoft …
Microsoft Security Advisory – Fraudulent Digital Certificates Could Allow Spoofing
Microsoft notifications sent this out in email today (November 10, 2011) regarding fraudulent digital certificates: ******************************************************************** Title: Microsoft Security Advisory Notification Issued: November 10, 2011 ******************************************************************** Security Advisories Updated or Released Today ============================================== * Microsoft Security Advisory (2641690) – Title: Fraudulent Digital Certificates Could Allow Spoofing – http://technet.microsoft.com/security/advisory/2641690 – Revision Note: V1.0 (November 10, 2011): Advisory published.
November 2011 Microsoft Patch Tuesday includes server update goodness…
It’s that time of the month again… Update time that is for Microsoft machines. Microsoft has not left servers out of the mix at all, so you system admin types will be able to justify reboots for sure. These patches cover everything from code execution to elevation of privileges and even Denial of Service on just about every version of …
Secure IT Alert: iPad 2 w/ IOS 5 security flaw could expose sensitive information
It was brought to my attention a bit ago by a client that the iPad 2 with IOS 5 has a flaw that allows the last screen accessed before the Smart Cover lock was engaged. This is obviously not good for those using the iPad for financial, medical or legal purposes. The work around until this is fixed correctly is …
Which security standards and awareness compliance requirements apply to your organization?
I came across a very handy document from www.securingthehuman.org that explains which security standards and awareness compliance requirements might apply to your organization. It is by no means a complete listing, but gives the one minute run-down of the majority of the biggies…. — Last Updated: 19 July, 2011 1. Executive Summary The purpose of this document is to identify …
October updates for Apple products… Patch ’em up!
Apple released a slew of updates to address major security vulnerabilities this week… Be sure get your devices up to date… OS X Lion v10.7.2 and Security Update 2011-006 iTunes 10.5 Safari 5.1.1 iOS 5 Software Update Numbers for iOS v1.5 Pages for iOS v1.5 Apple TV 4.4 A few of these provide you with additional features, such as the …
Coming this October 11th – Microsoft brings you patchy goodness!
Microsoft is bringing you patchy goodness this coming “Patch Tuesday”, October 11th. Please update your machines to insure your network is secure. There is a little something for everyone! Desktops and servers will receive Microsoft’s love. This is from the Microsoft Security Bulletin Advance Notification for October 2011: Critical Security Bulletins ============================ Bulletin 1 – Affected Software: …
HTC logging tools may expose your EVO 3D, 4G or Thunderbolt Android smartphone information
An interesting article was pointed out to me over on the AndroidPolice.com site that says, “Massive Security Vulnerability In HTC Android Devices (EVO 3D, 4G, Thunderbolt, Others) Exposes Phone Numbers, GPS, SMS, Emails, Address, Much More“… This article pretty much says it all… There is even a work-around, but not an official fix for the security vulnerability from HTC as …