1 / 12

October Patch Tuesday - Critical Patches and Updates

Get the latest October Patch Tuesday updates including critical patches for Internet Explorer, .NET Framework, and more. Stay secure with these important updates.

andrewb
Télécharger la présentation

October Patch Tuesday - Critical Patches and Updates

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GNEWS PREVIOUS

  2. Patch Tuesday • Oct - 8 Patches – 3 Critical - 24 CVEs • MS14-056 - Cumulative Security Update for Internet Explorer • MS14-057 - .NET Framework, Remote Code • MS14-058 - Kernel-Mode Driver, Remote Code • MS14-059 - ASP.NET MVC,Security Bypass • MS14-060 - Windows OLE, Remote Code • MS14-061 - Microsoft Word and Office Web Apps, Remote Code • MS14-062 - Message Queuing Service, Privilege Escalation • MS14-063 - FAT32 Disk Partition Driver, Privilege Escalation • Other updates, MSRT, Defender Definitions, Junk Mail Filter

  3. Nov – 14 +2TBD Patches – 4 Critical - 33 CVEs • MS14-064 - Windows OLE, Remote Code • MS14-065 - Cumulative Security Update for Internet Explorer • MS14-066 - Schannel, Remote Code • MS14-067 - XML Core Services, Remote Code • MS14-068 - Release date to be determined • MS14-069 - in Microsoft Office, Remote Code • MS14-070 - TCP/IP, Privilege Escalation • MS14-071 - Windows Audio Service, Privilege Escalation • MS14-072 - .NET Framework, Privilege Escalation • MS14-073 - Microsoft SharePoint Foundation, Privilege Escalation • MS14-074 - Remote Desktop Protocol,Security Bypass • MS14-075 - Release date to be determined • MS14-076 - Internet Information Services (IIS),Security Bypass • MS14-077 - Active Directory Federation Services, Privilege Escalation • MS14-078 - IME (Japanese), Privilege Escalation • MS14-079 - Kernel Mode Driver, DoS • Other updates, MSRT, Defender Definitions, Junk Mail Filter

  4. Holes / Patches • Cisco • UCM Manager • Small Buisness RV Routers • GNU Bash • Telepresence VSC • IPS IP Logging DoS • Oracle • 154 Fixes • Adobe • APSB14-22 – Flash Player • APSB14-24 – Flash Player • Apple, • OSX 10.10 • OSX Security Update 2014-005 • OSX Server 4.0 / 3.2.2 / 2.2.5 • iTunes 12.01 • iOS 8.1 • Apple TV 7.0.1 • QuickTime 7.7.6

  5. Hacking • MS OLE PowerPoint 0-day • Stings sub lib vulnerability don't use on malware files libbfd • Russian Tor node trojanizes binary s on fly • USB exploit code released • SilkRoad 2.0 and 27 other sites shutdown

  6. Corp • FB now on TOR • https://facebookcorewwwi.onion/ • USPS Breach • UK Ministry of Defense on GitHub

  7. Govt • DARPA funds PLINY • Programming “Auto-Complete”

  8. Papers NIST Draft Hypervisor Security Guide http://csrc.nist.gov/publications/drafts/800-125a/sp800-125a_draft.pdf Stanford Mass Surveillance Course

  9. Tools YARA Pattern Matching Swiss Knife for Malware Researchers ProcDot PerfMon output parser TotalHash.com Pattern Matching Swiss Knife for Malware Researchers

  10. Cons • CCC

  11. Local DHA ( 1st Wednesday / Allen Wicker Pub, plano) TX2600 ( 1st Fri / Wild Turkey 35&WalnutHill, dallas ) (1st Fri / 1418 Coffeehouse, plano) The Lab.MS ( 2nd Monday / Allen Wicker Pub, plano) Crypto Party ( 3rd Thursday / Improving Enterprises, addison) NAISG ( 4th Thursday / CrossPointe Theatre, carrollton ) LockPick DFW ( Last Monday / Trinity Hall, dallas ) Dallas MakerSpace Random / carrollton

  12. All images scavenged without permission All images scavenged without permission

More Related