6 Patches, 15 bug – 3 Critical, Affects 2000, XP, Srv 2003 / 8, Vista, Office Other updates, MSRT,...

Tags:

Preview:

Click to see full reader

Citation preview

• 6 Patches, 15 bug – 3 Critical, Affects 2000, XP, Srv 2003 / 8, Vista, Office

• Other updates, MSRT, Defender Definitions, Junk Mail Filter

– MS09-063 - Web Services on Devices API Remote Code Execution– MS09-064 - License Logging Server Remote Code Execution– MS09-065 - Windows Kernel-Mode Drivers Remote Code Execution– MS09-066 - Active Directory Denial of Service– MS09-067 - Microsoft Office Excel Remote Code Execution– MS09-068 - Office Word Remote Code Execution

Patch Tuesday

• VMWare, Multiple Vulns– DHCP DoS– Guest Escaltion, Directory Traversal

• SSL/TLS is broken

• Java

• Adobe

• Wireshark, DoS Paltalk dissector

• Browsers– Firefox, Chrome, Opera, Safari

Holes / Patches

Hacking • VM Detection in Malware

• Evil-Maid– Drive Encryption Bypassing

• CSS History HiJacking

• Facebook HiJacking– crossdomain.xml

• Stroke dies, kinda, maybe...

• Apple 2009-006– 10.6.2 breaks atom support

• iPhone worm– root - alpine

• Google Cloud used for bot master

• Windows 7 / 2008 kernal crash

Holes / Patches

Books

• Free COFEE– Computer Online Forensic Evidence Extractor

• Rapid7 acquires Metasploit

• CyberTerror… it’s all in your head

• Hulu proxy blocking

• ICANN approves non-latin chars in TLD

• Skype for Linux to go open

• MS and NC State create Hypervisor based rootkit detection

Papers

Mostrame la Guita! Adventures in Buying Vulnerabilities

Pedram Amini

Web Application Security Consortium (WASC) 2008 Statistics

Microsoft Security Intelligence Report

WTF

• CIA invests in social network mining

• MS reports profits under Nevada

• New Zealand recommends eating your pets to go green

Legal

• FCC and Net Neutrality

• Pirate Bay (almost dead this time…)

• Email not protected by 4th Ammendment

• Congress wants ISPs to block fraud sites

UpdatesOragami 1.0.0

PDF forensics and forgery

Mozilla RaindropThink Google Wave

Nikto 2.1

KrbGuess 0.21Kerberos brute forcer

Yokoso 0.1Web finger printing

Chrome 4 Beta

RATS proxy 2.3

Google Go

All images scavenged without permission

All images scavenged without permission

Recommended

Advanced SRV Manual
Documents
Sample MSRT exam
Documents
SRV-FILESERVERDocumentsURBANISMEServeisTecnics ... · Title \SRV-FILESERVERDocumentsURBANISMEServeisTecnics_PROJECTESContenidors brossa, situacióSituació contenidors A-3 H CIUTAT
Documents
SRV International English
Documents
MSRT 39 Annual Report 2014-15
Documents
PREVIOUS GNEWS. 7 Patches – 3 Critical – 20 CVEs Affected – IE, Kernel, Visio, Silverlight Sarepoint,….. Other updates, MSRT, Defender Definitions, Junk
Documents
Junk removal services 1800 junk man
Services
Perf Tun Srv
Documents
Top Notch MSRT EPT Free Discussion tCOUtse TOEFL IELTS
Documents
Srv Trouble Di620
Documents
PREVIOUS GNEWS. 13 Patches – 5 Critical Affecting Windows (pretty much all of them) Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS10-003
Documents
PREVIOUS GNEWS. 4 Patches – 12 bugs addressed Affecting Office, Visual Studio, BizTalk Other updates, MSRT, Defender Definitions, Junk Mail Filter 4 Security
Documents
Consolidated Relief Valves Srv
Documents
MSRT - Microsoft Home Page | Devices and Services
Documents
8200 8300 Srv Catalog
Documents
Previous Gnews. 5 Patches – x bugs addressed Other updates, MSRT, Defender Definitions, Junk Mail Filter 5 Security Patches - 5 Critical –MS09-045 – JScript
Documents
PREVIOUS GNEWS. 11 Patches – bugs addressed Affecting Windows (all versions) Other updates, MSRT, Defender Definitions, Junk Mail Filter 11 Security Patches
Documents
Srv Switch
Documents
SRV ARCHANA
Documents
Junk Your Junk Mail
Lifestyle