Support for Windows XP and Office 2003 is coming to an end

Support for Windows XP and Office 2003 is coming to an end

On April 8, 2014, Microsoft will end support for the decade-old Windows XP. This means you will no longer receive updates, including security updates, for Windows XP from Microsoft. Support of Microsoft Office 2003 will also be ending on the same date.

Security Risk
Without critical Windows XP security updates, your PC may become vulnerable to harmful viruses, spyware, and other malicious software which can steal or damage your business data and information. Anti-virus software will also not be able to fully protect you once Windows XP itself is unsupported.

Software Issues
Many software and hardware vendors will no longer support their products that are running on Windows XP as they are unable to get the Windows XP and Office 2003 updates. For example, the new Office leverages the modern Windows and will not run on Windows XP.

No One to Call
When problems arise, online and phone-based technical support will unfortunately no longer be available to assist you or your IT partner, leaving you on your own to deal with the problem.

Down Time
The risks of system failure and business disruption could increase because of the end of support, lack of supported software, and the increasing age of hardware running Windows XP.

If that has not convinced you to upgrade, then we should talk further! Give us a call at 864-990-4748 and let us convince you to switch your business over to a modern and supported operating system.

We can upgrade one computer or one thousand. We offer Microsoft licensing sales and consultation, as well as new computers from Lenovo, Samsung, Toshiba, Asus, Acer and our favorite vendor, Nexlink with either Windows 7 or Windows 8, and we offer installation and migration here in the Greenville SC area!

Slow computer – we can fix that! Viruses, spyware, adware, malware clean up in Greenville, SC

Though it is only a small fraction of what we do, when we help a client with a computer that is running slow, it may have the biggest impact on their day-to-day user experience over just about any other service or product we offer.

I was reminded of that earlier today when I received this in email from Jan at one of the local non-profit organizations we serve, Pleasant Valley Connection:

I can’t even believe how much better my computer is working.  I no longer have to wait 30 minutes for an email to go or come.  It’s a MIRACLE – thanks to Mr. H.

It struck me that we probably don’t make a big deal of it and tell everyone that we actually DO clean up computers and remove the malware, viruses, trojans, spyware, ad trackers and bogus search bars, and other things which can have a dramatic impact on the speed of your computer, not to mention the security of your data.

If you didn’t know, then that’s my fault. I am too busy trying to tell you all the big, amazing, high-tech things we do, like IP security cameras that allow you to watch your business from anywhere in the world, or the uber cool Voice over IP phone systems we sell, or access control, etc.

If I have failed you by not telling you that we can make your life better, increase your productivity and the productivity of your users on your business network, thus saving you money, then I apologize. Give us a call or use our contact form and let us know how we can help you.  We work with one single computer you might bring to our office, or we can go to your location and work there on one or one hundred computers.

 

RDX Removable Hard Drive System Test Center approved by CRN

Tandberg Data RDX removable hard drive solutions have been Test Center approved by CRN

Our partner, Tandberg Data has recently had the honor of having their RDX removable hard drive system Test Center approved by CRN.

Click above to link through to the CRN review.

Congratulations to Tandberg for their continued excellence in the field of backup solutions.

If you would like more information about RDX removable hard drive solutions from Tandberg, please use our contact form, or call us at 864-990-4748. We offer sales and support for backup systems in the Greenville SC area.

How To Disable Ad Tracking in iOS7

David Haskins with Haskins PR here in Greenville, SC made the following video which you might find useful. In it, he explains how to disable the Ad Tracking functionality which sends targeted ads to your IOS7 device, a privacy concern for many.

More info about Haskins PR is at www.haskinspr.com or you can reach them at 864-502-8899

iOS 7 is more than just a bunch of pretty changes and features

By now you surely have iOS 7 installed on your Apple iPhone, iPad, or whatever iThing you own. If you are like me, you are happy with the new features, for the most part, and missing some old functionality. If you are really picky, you might have found a dozen little bugs by now, but then again, you could have found the work-arounds either on your own or by googling for them too.

Whether you have updated or not, one thing is for sure, iOS 7 does offer a number of security enhancements.  Without counting them, let’s just say, there are a LOT.  Dozens in fact.

http://support.apple.com/kb/HT5934 is where you will find the list.

So, for those of you who are holding out to update your device because you like what you have, or you don’t care about new features – you may wish to consider it simply as a security enhancement.

One word of warning – the update may take a while…  Start it and go get a bite to eat. I’ve heard some people say it took them several hours, though in my experience it was less than an hour, it just seemed longer.

What ever you do – do NOT hold the power button and force the device down during the update installation. There have been many bricked phones and tablets due to that.  Also, you really should plug it into a power source and have reliable internet access during the update.

Should you have any issues, let us know, we will be happy to assist here in the Greenville, SC area…   864-990-4748

Is your video surveillance system being used to watch you?

Typical video baby monitor

Typical video baby monitor

An article caught my eye the other day, where a hacker had gained access to the video baby monitor a family had deployed. In doing so, they harassed the family a bit by saying their child’s name and moving the camera.

If your video surveillance system is configured to where you have remote access, you could be allowing someone to view what you view, to hear what you hear.

Should you want to secure your camera system, you can do so in several ways:

  • Disable default logins and passwords.
  • Use strong passwords.
  • Place your camera system on non-standard ports.
  • Employ a VPN to connect security to your home or business network.

Need help in the Upstate (Greenville area) of South Carolina? Homeland Secure IT can assist you. We offer sales, installation and support of video surveillance systems, including IP and CCTV.  Call us at 864-990-4748 or use our contact form for more information!

Are you afraid of social media?

I have a hard time trusting people who are not active and open on social media. My perception is that they are hiding something…

What are some reasons for NOT using social media to connect with people and share either your personal or business life (or in my case, both)???

Reasons people might abstain from being social on the internet:

– Owe money – don’t want to be found
– In the witness protection program
– Have multiple personalities (gets too confusing to be logged into the right profile)
– Running from the mob or a drug lord because you ripped them off
– Have multiple girl/boyfriends/husbands/wives and don’t want them to find out about the others
– Do illegal things and don’t want to be discovered by authorities
– Do stupid things (party, etc) and don’t want to be discovered by friends or family
– A “devout Christian” who doesn’t want to let their church know they are in a same-sex relationship, or go out drinking on Saturday
– Avoiding the IRS – Don’t want them to know you are buying new boats and planes
– Paranoid about “them” – because “they” are probably watching you right now. (NSA anyone?)
– Paranoid about identity theft – because there’s absolutely no other way for people to get information about you ;)|
– Don’t want their insurance provider to know they do extreme sports
– Afraid an employer will find out they living beyond their means (stealing from the company, or don’t NEED a raise)
– Job hunting – don’t want potential employers to know they drink every night and sleep late every day
– Really dislike their family and friends and don’t WANT a relationship
– Afraid of connections, commitments, etc.
– Court order forbids them from having a public social media page (or contact with children)
– Lack of technology – No internet access or device with a browser
– A strong commitment to family where they don’t want to miss a moment with their wife or children
– Too darn busy to use Social Media, even when in the bathroom like most people do and had rather spend that “downtime” playing Temple Run or Candy Crush
– Fear of the unknown – just fear in general

Any other reasons come to mind?  Just reply with your comments and let me know.

What about work?

What about at work?   Do you have a business network where you forbid the use of social media sites? Some work places have put in a total block of all social media sites, the firewall stops that activity dead in its tracks on devices connected to that network, however, that does not prohibit employees from using their own personal devices.   This has prompted some businesses to put a strict written policy in place as well which states that an employee can be dismissed just for checking their personal phone, tablet or laptop during business hours.

Homeland Secure IT can help with the hardware and software end of this, should your company want to block usage of social media. We can provide firewalls and/or software to block and/or monitor this type of activity.

We offer tried and true solutions from the brands you know best, such as Cisco, WatchGuard and Trend Micro.

Have a need or wish to discuss this?  Reach out to us at 864-990-4748 or use our CONTACT form.

 

Windows 8.1 could make a lot of people happy

The number one complaint we have heard from purchasers of new machines that come with Microsoft Windows 8 is that the desktop experience is not what they expect. Especially if they do not have a touchscreen.

Typical mouse and keyboard users flip back and forth between the desktop.

Have no fear, Microsoft has had mercy on your soul and the upcoming update will address that issue and many others! Booting directly to the desktop, however, will be the one feature that causes most people to immediately update, and will likely boost new computer sales in our opinion.

Here’s the whole long list of upcoming Windows 8.1 changes as it looks currently:

What’s New in Windows 8.1

We built Windows 8 to bring a modern computing experience to businesses and to help professionals stay connected to their colleagues and clients from anywhere, anytime. Windows 8.1 advances this vision and introduces new manageability, mobility, security, user experience and networking capabilities that will be available later this year – with the goal of offering customers the best business tablets and versatile modern business PCs driven by the most powerful operating system designed for today’s modern businesses.

Below is a list of some of the new and updated features that we invite to you test out when the Windows 8.1 experience becomes available later this month.

Bring Your Own Device (BYOD) Enhancements

Workplace Join

A Windows 8 PC was either domain joined or not.  If it was a member of the domain, the user could access corporate resources (if permissioned) and IT could control the PC through group policy and other mechanisms.  This feature allows a middle ground between all or nothing access, allowing a user to work on the device of their choice and still have access to corporate resources With Workplace Join, IT administrators now have the ability to offer finer-grained control to corporate resources.  If a user registers their device, IT can grant some access while still enforcing some governance parameters on the device.

Work Folders

Work Folders allows a user to sync data to their device from their user folder located in the corporation’s data center. Files created locally will sync back to the file server in the corporate environment. This syncing is natively integrated into the file system.  Note, this all happens outside the firewall client sync support. Previously, Windows 8 devices needed to be domain joined (or required domain credentials) for access to file shares.  Syncing could be done with third-party folder replication apps. With Work Folders, Users can keep local copies of their work files on their devices, with automatic synchronization to your data center, and for access from other devices. IT can enforce Dynamic Access Control policies on the Work Folder Sync Share (including automated Rights Management) and require Workplace Join to be in place.

Open MDM

While many organizations have investments with System Center and will continue to leverage these investments we also know that many organizations want to manage certain classes of devices, like tablets and BYOD devices, as mobile devices. With Windows 8.1, you can use an OMA-DM API agent to allow management of Windows 8.1 devices with mobile device management products, like Mobile Iron or Air Watch.

Mobile Device Management

When a user enrolls their device, they are joining the device to the Windows Intune management service.  They get access to the Company Portal which provides a consistent experience for access to their applications, data and to manage their own devices.  This allows a deeper management experience with existing tools like Windows Intune. IT administrators now have deeper policy management for Windows RT devices, and can manage Windows 8.1 PCs as mobile devices without having deploy a full management client.

Web Application Proxy

The Web Application Proxy is a new role service in the Windows Server Remote Access role. It provides the ability to publish access to corporate resources, and enforce multi-factor authentication as well as apply conditional access policies to verify both the user’s identity and the device they are using resources, and enforce multi-factor authentication as well as verify the device being used before access is granted.

RDS Enhancements

Enhanced Virtual Desktop Infrastructure (VDI) in Windows Server 2012 R2 with improvements in management, value, and user experience. Session Shadowing allows administrators to view and remotely control active user sessions in an RDSH server. Disk dedupe and storage tiering allow for lower cost storage options. User experience for RemoteApps, network connectivity and multiple displays has been improved. Administrators can now easily support users with session desktops to provide helpdesk style support. Administrators now have even more flexible storage options to support a VDI environment without expensive SAN investments. End users will find RemoteApp behavior is more like local apps, and the experience in low-bandwidth is better, with faster reconnects and improved compression, and support for multiple monitors.

NFC Tap-to-pair Printing

Tap your Windows 8.1 device against an enterprise NFC-enabled printer and you’re all set to print. No more hunting on your network for the correct printer and no need to buy a special printer to take advantage of this functionality. Simply attach an NFC tag to your existing printers to enable this functionality.

Wi-Fi Direct Printing

Connect to Wi-Fi Direct printers without adding additional drivers or software on your Windows 8.1 device, forming a peer-to-peer network between your device and the printer.

Native Miracast Wireless Display

Present your work wirelessly with no connection cords needed; just pair with a Miracast-enabled projector via NFC and Miracast will use Wi-Fi to let you project wire-free.

Mobility Enhancements

VPN

We have added support for a wider range of VPN clients in both Windows and Windows RT devices. We have also added the ability to have an app automatically trigger VPN connections.

Mobile Broadband

At Windows 8 launch, the devices had embedded radios that were separate components within the devices.  Windows 8.1 supports embedded wireless radio, which gives you increased power savings, longer battery life, also enables thinner form factors and lower cost devices.

Windows To Go

With Windows To Go in Windows 8.1, the Windows Store is enabled by default. Windows To Go users may roam to any number of machines and access the Windows Store and use Windows Store apps.

Broadband Tethering

Turn your Windows 8.1 mobile broadband-enabled PC or tablet into a personal Wi-Fi hotspot, allowing other devices to connect and access the internet.

Auto-triggered VPN

When you select an app or resource that needs access through the inbox VPN – like a company’s intranet site – Windows 8.1 will automatically prompt you to sign in with one click. This feature will be available with Microsoft and third-party inbox VPN clients.

Security Enhancements

Remote Business Data Removal

Corporations now have more control over corporate content which can be marked as corporate, encrypted, and then be wiped when the relationship between the corporation and user has ended. Corporate data can now be identified as corporate vs. user, encrypted, and wiped on command using EAS or EAS + OMA-DM protocol. This capability is requires implementation in the client application and in the server application (Mail + Exchange Server). The client application determines if the wipe simply makes the data inaccessible or actually deletes it.

Improved Biometrics

All SKUs will include end to end biometric capabilities that enable authenticating with your biometric identity anywhere in Windows (Windows sign-in, remote access, User Account Control, etc.). Windows 8.1 will also be optimized for fingerprint based biometrics and will include a common fingerprint enrollment experience that will work with a variety of readers (touch, swipe). Modern readers are touch based rather than swipe and include liveliness detection that prevents spoofing (e.g.: silicon emulated fingerprints). Access to Windows Store Apps, functions within them, and certificate release can be gated based on verification of a user’s biometric identity.

Pervasive Device Encryption

Device encryption previously found on Windows RT and Windows Phone 8 is now available in all editions of Windows. It is enabled out of the box and can be configured with additional BitLocker protection and management capability on the Pro and Enterprise SKUs. Consumer devices are automatically encrypted and protected when using a Microsoft account. Data on any Windows connected standby device is automatically protected (encrypted) with device encryption. Organizations that need to manage encryption can easily take add additional BitLocker protection options and manageability to these devices.

Improved Internet Explorer

Internet Explorer 11 improvements include faster page load times, side-by-side browsing of your sites, enhanced pinned site notifications, and app settings like favorites, tabs and settings sync across all your Windows 8.1 PCs. Internet Explorer 11 now includes capability that enables an antimalware solution to scan the input for a binary extension before it’s passed onto the extension for execution

Malware Resistance

Windows Defender, Microsoft’s free antivirus solution in Windows 8, will include network behavior monitoring to help detect and stop the execution of known and unknown malware. Internet Explorer will scan binary extensions (e.g. ActiveX) using the antimalware solution before potentially harmful code is executed.

Device Lockdown

With Assigned Access, a new feature offered in Windows 8.1 RT, Windows 8.1 Pro, and Windows 8.1 Enterprise, you can enable a single Windows Store application experience on the device. This can be things like a learning application for kids in an educational setting or a customer service application at a boutique, Assigned Access can ensure the device is delivering the intended experience. In our Windows Embedded 8.1 industry product, we deliver additional lockdown capabilities to meet the needs of industry devices like point of sale systems, ATMs, and digital signs.

Modern UI experience

Variable, Continuous Size of Snap Views

You have more ways to see multiple apps on the screen at once. You can resize apps to nearly infinite sized windows, share the screen between two apps, or have up to three apps on each monitor.

Boot to Desktop

We have made configuration options available which will allow you to boot directly to the desktop in Windows 8.1.

Desktop and Start Screen

Improvements have been made to better support users who prefer a mouse and keyboard experience to access applications.

These are just some of the key features available in Windows 8.1 We encourage you to test out and try these features when you evaluate Windows 8.1 for use both in your work environment as well as at home in your personal life. Please note that Windows Server 2012 R2 may be required in order for some of these features to be available.

Microsoft Office 2003 and Office for Mac 2011 Document Handling Vulnerability

This comes straight from our partners over at WatchGuard Security Center blog and may affect you if you are using Office 2003 for Windows or Office for Mac 2011. We happen to concur with the author’s thoughts that this is probably much more severe than Microsoft’s own rating of “important”.

If you need assistance with this, or any other computer security issue in the Greenville, Spartanburg or Anderson SC area, please call us at 864-990-4748. We are ready to help you!

Office 2003 Document Handling Code Execution Vulnerability

by Corey Nachreiner

Severity: Medium

Summary:

  • These vulnerabilities affect: Office 2003 and Office for Mac 2011
  • How an attacker exploits them: By enticing you to open maliciously crafted Office documents
  • Impact: An attacker can execute code, potentially gaining complete control of your computer
  • What to do: Install the appropriate Office patches as soon as possible, or let Windows Update do it for you.

Exposure:

As part of part of Patch Day, Microsoft released a security bulletin describing a vulnerability in Office 2003 and Office for Mac 2011. Specifically, the Office components used to parse PNG image files suffer from a buffer overflow vulnerability involving the way they handle specially crafted images. By embedding a malicious PNG image into an Office document, and tricking one of your users into downloading and opening or previewing it, an attacker can exploit this vulnerability to execute code on that user’s computer, inheriting that user’s privileges. If your user has local administrative privileges, the attacker gains full control of the user’s machine.

Though Microsoft only rates this security update as Important, since the attack requires user interaction to succeed, we believe it poses a significant risk because many normal users trust Microsoft Office documents. You should patch this flaw as soon as you can.

Solution Path

Microsoft has released an update for Office to fix this flaw. If you use Office 2003 or Office for Mac 2011 you should download, test, and deploy the update as soon as possible, or let Windows Update do it for you. See the “Affected and Non-Affected Software” section of Microsoft’s bulletin for more details on where to find the updates.

For All WatchGuard Users:

Though you can use WatchGuard’s XTM and XCS appliances to block certain files and content, such as Office documents, most organizations share these types of documents as part of normal business. Instead, we recommend you install Microsoft’s updates to completely protect yourself from this flaw.

Status:

Microsoft has released an Office update to fix this flaw.

References:

This alert was researched and written by Corey Nachreiner, CISSP (@SecAdept).

Apple owners rejoice! Security updates are available for you – apply them please!

Article HT5784 over on the Apple Support page, indicates that there’s something fun waiting for you in OS X Mountain Lion v10.8.4 and Security Update 2013-002

It would be wise to get yourself up to date so you can sleep better at night. Well, at least I will sleep better at night with the knowledge that you are safe and secure!

Here’s the link: http://support.apple.com/kb/HT5784

And here’s the article in its entirety for those of you just too tired to click on the link….

 

About the security content of OS X Mountain Lion v10.8.4 and Security Update 2013-002

Summary

This document describes the security content of OS X Mountain Lion v10.8.4 and Security Update 2013-002, which can be downloaded and installed via Software Updatepreferences, or from Apple Downloads.

Products Affected

OS X LionOS X Mountain Lion, Product Security

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

For information about the Apple Product Security PGP Key, see “How to use the Apple Product Security PGP Key.”

Where possible, CVE IDs are used to reference the vulnerabilities for further information.

To learn about other Security Updates, see “Apple Security Updates.”

OS X Mountain Lion v10.8.4 and Security Update 2013-002

Note: OS X Mountain Lion v10.8.4 includes the content of Safari 6.0.5. For further details see About the security content of Safari 6.0.5.

  • CFNetwork

    Available for: OS X Mountain Lion v10.8 to v10.8.3

    Impact: An attacker with access to a user’s session may be able to log into previously accessed sites, even if Private Browsing was used

    Description: Permanent cookies were saved after quitting Safari, even when Private Browsing was enabled. This issue was addressed by improved handling of cookies.

    CVE-ID

    CVE-2013-0982 : Alexander Traud of www.traud.de

  • CoreAnimation

    Available for: OS X Mountain Lion v10.8 to v10.8.3

    Impact: Visiting a maliciously crafted site may lead to an unexpected application termination or arbitrary code execution

    Description: An unbounded stack allocation issue existed in the handling of text glyphs. This could be triggered by maliciously crafted URLs in Safari. The issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0983 : David Fifield of Stanford University, Ben Syverson

  • CoreMedia Playback

    Available for: OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution

    Description: An uninitialized memory access issue existed in the handling of text tracks. This issue was addressed by additional validation of text tracks.

    CVE-ID

    CVE-2013-1024 : Richard Kuo and Billy Suguitan of Triemt Corporation

  • CUPS

    Available for: OS X Mountain Lion v10.8 to v10.8.3

    Impact: A local user in the lpadmin group may be able to read or write arbitrary files with system privileges

    Description: A privilege escalation issue existed in the handling of CUPS configuration via the CUPS web interface. A local user in the lpadmin group may be able to read or write arbitrary files with system privileges. This issue was addressed by moving certain configuration directives to cups-files.conf, which can not be modified from the CUPS web interface.

    CVE-ID

    CVE-2012-5519

  • Directory Service

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8

    Impact: A remote attacker may execute arbitrary code with system privileges on systems with Directory Service enabled

    Description: An issue existed in the directory server’s handling of messages from the network. By sending a maliciously crafted message, a remote attacker could cause the directory server to terminate or execute arbitrary code with system privileges. This issue was addressed through improved bounds checking. This issue does not affect OS X Lion or OS X Mountain Lion systems.

    CVE-ID

    CVE-2013-0984 : Nicolas Economou of Core Security

  • Disk Management

    Available for: OS X Mountain Lion v10.8 to v10.8.3

    Impact: A local user may disable FileVault

    Description: A local user who is not an administrator may disable FileVault using the command-line. This issue was addressed by adding additional authentication.

    CVE-ID

    CVE-2013-0985

  • OpenSSL

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: An attacker may be able to decrypt data protected by SSL

    Description: There were known attacks on the confidentiality of TLS 1.0 when compression was enabled. This issue was addressed by disabling compression in OpenSSL.

    CVE-ID

    CVE-2012-4929 : Juliano Rizzo and Thai Duong

  • OpenSSL

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: Multiple vulnerabilities in OpenSSL

    Description: OpenSSL was updated to version 0.9.8x to address multiple vulnerabilities, which may lead to denial of service or disclosure of a private key. Further information is available via the OpenSSL website athttp://www.openssl.org/news/

    CVE-ID

    CVE-2011-1945

    CVE-2011-3207

    CVE-2011-3210

    CVE-2011-4108

    CVE-2011-4109

    CVE-2011-4576

    CVE-2011-4577

    CVE-2011-4619

    CVE-2012-0050

    CVE-2012-2110

    CVE-2012-2131

    CVE-2012-2333

  • QuickDraw Manager

    Available for: OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.2

    Impact: Opening a maliciously crafted PICT image may lead to an unexpected application termination or arbitrary code execution

    Description: A buffer overflow existed in the handling of PICT images. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0975 : Tobias Klein working with HP’s Zero Day Initiative

  • QuickTime

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: Viewing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution

    Description: A buffer overflow existed in the handling of ‘enof’ atoms. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0986 : Tom Gallagher (Microsoft) & Paul Bates (Microsoft) working with HP’s Zero Day Initiative

  • QuickTime

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: Viewing a maliciously crafted QTIF file may lead to an unexpected application termination or arbitrary code execution

    Description: A memory corruption issue existed in the handling of QTIF files. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0987 : roob working with iDefense VCP

  • QuickTime

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: Viewing a maliciously crafted FPX file may lead to an unexpected application termination or arbitrary code execution

    Description: A buffer overflow existed in the handling of FPX files. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0988 : G. Geshev working with HP’s Zero Day Initiative

  • QuickTime

    Available for: OS X Mountain Lion v10.8 to v10.8.3

    Impact: Playing a maliciously crafted MP3 file may lead to an unexpected application termination or arbitrary code execution

    Description: A buffer overflow existed in the handling of MP3 files. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2013-0989 : G. Geshev working with HP’s Zero Day Initiative

  • Ruby

    Available for: Mac OS X 10.6.8, Mac OS X Server 10.6.8

    Impact: Multiple vulnerabilities in Ruby on Rails

    Description: Multiple vulnerabilities existed in Ruby on Rails, the most serious of which may lead to arbitrary code execution on systems running Ruby on Rails applications. These issues were addressed by updating Ruby on Rails to version 2.3.18. This issue may affect OS X Lion or OS X Mountain Lion systems that were upgraded from Mac OS X 10.6.8 or earlier. Users can update affected gems on such systems by using the /usr/bin/gem utility.

    CVE-ID

    CVE-2013-0155

    CVE-2013-0276

    CVE-2013-0277

    CVE-2013-0333

    CVE-2013-1854

    CVE-2013-1855

    CVE-2013-1856

    CVE-2013-1857

  • SMB

    Available for: OS X Lion v10.7 to v10.7.5, OS X Lion Server v10.7 to v10.7.5, OS X Mountain Lion v10.8 to v10.8.3

    Impact: An authenticated user may be able to write files outside the shared directory

    Description: If SMB file sharing is enabled, an authenticated user may be able to write files outside the shared directory. This issue was addressed through improved access control.

    CVE-ID

    CVE-2013-0990 : Ward van Wanrooij

  • Note: Starting with OS X v10.8.4, Java Web Start (i.e. JNLP) applications downloaded from the Internet need to be signed with a Developer ID certificate. Gatekeeper will check downloaded Java Web Start applications for a signature and block such applications from launching if they are not properly signed.

If you need assistance with these or any other updates or security issues, regardless of whether you run Apple products or Microsoft Windows, please call us at 864-990-4748, we are happy to help in the Upstate of SC!