Critical patches for Java, Flash and Shockwave

By yesterday’s set of patches that are released company Microsoft, added a similar “patches” from other manufacturers. It so happened by chance that for the better – in fact, it is convenient to update all at once. Let’s start with Java, because lately it seems to have overtaken Adobe Reader and Flash on the number of new exploits. At(…)

A clever strategy update will keep the serviceability of the system

It was a day that most system administrators would prefer to forget. Client Canadian security consultant David Lewis, founder of the Liquidmatrix Security Digest, has decided to release a patch for the product Symantec. Unfortunately, the company has not bothered to check the patch as necessary, and it has disabled its firewall. “Managing patches may seem(…)

According to buyer fixes, IBM, HP and Microsoft top the list of laggards

IBM, HP and Microsoft topped the list of companies that are not released within 6 months after notification of patches from the world’s largest program to hunt for bugs. During 2011 TippingPoint, unit HP, for a total of 29 issued a report on “zero-day” vulnerabilities that are 6 months or more are not obscured by(…)

Microsoft finally fixes Duqu-vulnerability

Microsoft released a security update that closes once and for all “nuclear” the vulnerability used by the notorious malware infection Duqu . Update the last Tuesday of patches includes 13 papers that address vulnerabilities in Windows, Office and Internet Explorer. Three vulnerabilities have been assessed as having a “critical” risk, while the remaining 10 are classified as “important.”(…)

Next week Microsoft will release 20 patches for its products

Microsoft Corp. today announced that next week will release a patch set for December of its software, which claimed 14 security bulletins, eliminating 20 different software vulnerabilities Windows, Internet Explorer, MS Office and Windows Media Player. Among the patches and fixes are for the most notorious problems such as holes, are used by the Trojan Duqu,(…)

Oracle database vulnerable

SQL-injection and other advanced threat gain momentum, and researchers complain that the effort that Oracle spends on other applications that distract the company from enhancing security of databases. Word of Oracle’s database security is not supported by case? Some researchers from the community associated with databases, think so. They complain that since the giant grew even more,(…)

BIND patch protects against a serious vulnerability

Internet Systems Consortium BIND advises users to upgrade to fix a bug that can already be used for an attack on the vulnerable server. ISC specifies that a particular event in the network causes the BIND 9 caching invalid entries, and then when you request a record server crashes with the error: INSIST (! Dns_rdataset_isassociated(…)

Apple has removed a bug in signature applications, which was a threat to iOS users

Apple has corrected a serious bug in the iPhone and the iPad, which allows hackers to embed in applications sensitive “load”, which is not confirmed officially. On Tuesday, Charlie Miller, a researcher of security Accuvant, removed from the list of developers iOS after he demonstrated the dangers that may cause vulnerability. Appendix Miller InstaStock, added to the app(…)

Microsoft released a fix for a vulnerability that lets you bypass-Applocker

Microsoft has released a temporary fix for vulnerability in its latest operating system, which allows untrusted users to bypass the safeguards in place to run unauthorized applications. AppLocker allows administrators to restrict the list of applications that can run on computers running Windows 7 and Windows Server 2008. However, end users can easily overcome the limitations(…)

Microsoft has released the November update

Microsoft released four security bulletins in the new monthly update, including fix for a critical vulnerability in Windows TCP / IP. November Tuesday patches consists of four papers, each of which addresses one vulnerability. One vulnerability was rated as “critical”, while the other two are marked as “important”, while the latter – as having “moderate” security(…)