Upload
shania
View
36
Download
1
Tags:
Embed Size (px)
DESCRIPTION
PREVIOUS GNEWS. Patch Tuesday. 10 Patches / 34 Vulns – 3 Critical Affecting Winodow (all of them), Office, IE, SharePoint, .net Other updates, MSRT, Defender Definitions, Junk Mail Filter. MS10-032 - Windows Kernel-Mode Drivers ,Elevation of Privilege - PowerPoint PPT Presentation
Citation preview
PREVIOUS GNEWSPREVIOUS GNEWS
• 10 Patches / 34 Vulns – 3 Critical
• Affecting Winodow (all of them), Office, IE, SharePoint, .net
• Other updates, MSRT, Defender Definitions, Junk Mail Filter
– MS10-032 - Windows Kernel-Mode Drivers ,Elevation of Privilege– MS10-033 - Media Decompression ,Remote Code Execution– MS10-034 - Cumulative Security Update of ActiveX Kill Bits– MS10-035 - Cumulative Security Update for Internet Explorer– MS10-036 - COM Validation in Microsoft Office, Remote Code
Execution – MS10-037 - OpenType Compact Font Format (CFF) Driver, Elevation
of Privilege– MS10-038 – Microsoft Office Excel, emote Code Execution– MS10-039 - Microsoft SharePoint, Elevation of Privilege– MS10-040 - Internet Information Services, Remote Code Execution– MS10-041 - Microsoft .NET Framework, Tampering
Patch Tuesday
• Adobe, 3 patches– APSA10-01 Flash, Reader, Acrobat CS4– Flash RC is reported as patched.
• Really do we need apsa and apsb? One name, one patch!
• Apple,– Safari 4.1 (mac 10.4)– Safari 5.0 (mac 10.5+ and windows)– Java for Mac (10.5+)
• Cisco– 15 patches, multiple products– Cisco IOS with SIP, Remote Execution
• Windows 7 / 2008 R2 (disable aero)– Graphics driver cdd.dll, Remote Execuction
• Browsers– Firefox, Chrome, Opera, Safari
Holes / Patches
• OBD-II (paper available, cars-oakland2010.pdf)– It’s not just for diagnostics anymore– Change speedo read out, control brakes,….
• More Twitter BotNets– TwitterNet Builder
• Web Server BotNet– Mass DoS
•
Hacking / Holes
• Facebook Registration, for better security
• Symantec buys Verisign CA business
• Duke University shuts down usenet
• IBM promo usb, complete with virus
• Invisible Things Lab to make new OS, Qubes OS
• MSI switch to UEFI, death toll for BIOS?
• Open Source DB Monitoring, or lack there of
• Google Street View / WiFi debacle
Corp. Hell
Papers
Secure Hyper VisorOAKLAND10.pdf
NSA DeclassificationNSA-HGPEDC_1964.pdf
EFF Browser Uniqenessbrowser-uniqueness.pdf
Film / Music
Dr. Demento goes off the air.
LimeWire to shut down
metasploitablevuln os
metasploit 3.4
Ruby nmap parseroh noz madhat
mobile malware
Updates
CON Events
Social Engineering Capture the Flag
All images scavenged without permission
All images scavenged without permission