1 / 13

October Security Updates: Critical Patches for Microsoft, Cisco, and More

This week, a series of vital security patches have been released addressing multiple critical vulnerabilities across various platforms. Five critical patches from Microsoft target issues in the JScript Engine, DHTML Editing Component, Windows Media Format, TCP/IP, and Wireless LAN services, all of which allow remote execution. Cisco has also issued patches for denial of service and memory leaks. Furthermore, vulnerabilities were identified in Adobe, FreeBSD, and several gaming applications like Counterstrike and Half-Life 2. Immediate updates are recommended.

wray
Télécharger la présentation

October Security Updates: Critical Patches for Microsoft, Cisco, and More

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Previous Gnews

  2. Patch Tuesday • 5 Patches – x bugs addressed • Other updates, MSRT, Defender Definitions, Junk Mail Filter • 5 Security Patches - 5 Critical • MS09-045 – JScript Scripting Engine, Remote Execution • MS09-046 – DHTML Editing Component ActiveX Control, Remote Execution • MS09-047 – Windows Media Format, Remote Execution • MS09-048 – Windows TCP/IP, Remote Execution • MS09-049 – Wireless LAN AutoConfig Service, Remote Execution

  3. Holes / Patches • Cisco Wireless Controllers • DoS, Mem Leak, HTTP Auth Bypass • Cisco Firewall Services Module • DoS – ICMP Messages • Adobe Flex, Multiple Vulns • FreeBSD • DoS - kevent and syscall • Linux 2.4/2.6 Local Privilege Escalation • ColdFusion, XSS

  4. Holes / Patches • Counterstrike • DoS / Code Execution • Half-Life 2 • DoS / Security Bypass/ Code Execution • Pidgin, Vuln in libpurple • Chrome • JavaScript / SSL / XML • Avast! Local Privilege Escalation • Oracle delays patches for Con now scheduled for Oct 20th

  5. Hacking • Microsoft FTP • Rsnake SMB enum and decloaking • Twitter, it’s not just for BotNet C&C anymore • Diesel Hybrid, 78mpg • Mitnick, booted off ISP (hostedhere.net) and AT&T Wireless • Snow Leopard = Vuln Flash • Wordpress Worm

  6. Corp. Hell London surveillance under fire 1 crime per 1000 cameras Immunet, cloud anti-virus Snow Leopard ships with malware detector Snow Leopard breaks full disk encryption Apache.org hacked Legal iPhone Jail Break Auth’ed thru support and synced via iTunes

  7. Corp. Hell

  8. Film / Music Irish ISP to block Pirate Bay

  9. WTF EFF finds loop hole in "burning man terms of service“ Sandia launches 1 mil node bot net Jericho rants all your interwebs are belong to the white house Wind Farm or Pending Death DHS travel logs

  10. Updates xplico 0.5.2 Network Forensic Tool, Pcap Parser trafscrambler 0.2 Mac, anti-sniffer subseven back under dev with orignal author IKECrack IKE / IPSEC authentication craker Stoned Bootkit MBR root kit

  11. Legal Ohio charges “lazy” employee as “hacker”

  12. Con • SecTor, 5 – 7 Oct / Toronto • http://www.sector.ca/schedule.htm • ToorCon, 23-25 Oct / San Diego • http://toorcon.org/

  13. All images scavenged without permission All images scavenged without permission

More Related