Upload
ami-singleton
View
215
Download
0
Embed Size (px)
DESCRIPTION
IIS auth bypass. See MS Ciscoworks TFTP. Enable by default cisco ios DoS in Cisco Tunneling Control Protocol (cTCP) Java for HP-UX, (yeah…..) Quicktime / iTunes / Safari / Java / Firefox / Mac Kernal exploit on Milw0rm Vista SP2 released DirectX Holes / Patches
Citation preview
Previous Gnews
• Other updates, MSRT, Defender Definitions, Junk Mail Filter
• 10 Security Patches - 6 Critical, 3 Important, 1 Moderate– MS09-018 - Active Directory Could Allow Remote Code Execution– MS09-019 - Cumulative Security Update for Internet Explorer– MS09-020 - IIS Could Allow Elevation of Privilege– MS09-021 - Excel Could Allow Remote Code– MS09-022 - Windows Print Spooler Could Allow Remote Code
Execution– MS09-023 - Windows Search Could Allow Information Disclosure– MS09-024 - Microsoft Works Converters Could Allow Remote
Code Execution– MS09-025 - Windows Kernel Could Allow Elevation of Privilege– MS09-026 - RPC Could Allow Elevation of Privilege– MS09-027 - Word Could Allow Remote Code Execution
Patch Tuesday
• IIS auth bypass. See MS09-020
• Ciscoworks TFTP. Enable by default
• cisco ios DoS in Cisco Tunneling Control Protocol (cTCP)
• Java for HP-UX, (yeah…..)
• Quicktime / iTunes / Safari / Java / Firefox / <insert monthly crap>
• Mac Kernal exploit on Milw0rm
• Vista SP2 released
• DirectX
Holes / Patches
Papers • RSTEG , Retransmission Steganography
• Center for Internet Security, Concensus Metrics Definitions v1.0.0
• Election Assistance Commission, revised e-voting standards
• IOSCat,
Corp. Hell• DHS hacked, unclassified systems
• Craigslist removes ‘erotic services’– Replaced with ‘adult’
• Adobe moves to quarterly releases, – starting yesterday
• Triple Fiber Network shutdown by FTC
Film / MusicAmazon to bypass RIAA with TuneCore partnership
Original cast signed for Ghostbusters 3
Futurama signed for 26 new episodes on Comedy Central
WTFFCC reserves the right to enter your home without a warrant.
Claims inspection of proper operation of devices
HR848 Performance Rights ActFlat rate bulk royalty pricing, regardless of public domain or copyrighted content
Stuff• Snort gets new preprocessor, implements ip blacklisting.
• Wepbuster 1.0, sorta an automated aircrack-ng
• Ftpxerox 1.0,
• Warvox 1.0.1, voip / war dialing
• Black Hat USA, 2 - 7 Aug / Las Vegas NV• http://www.blackhat.com/
• -
• DefCon, 8 - 10 August / Las Vegas NV• http://www.defcon.org/
• -
Cons
All images scavenged without permission
All images scavenged without permission