MAAS History
Archives

Entries by Sean OConnell Public (50)

Monday
Mar142011

Google Releases Chrome 10.0.648.133

Google has released an update to Chrome 10.0.648.133 after the Pwn2Own contest. This is a patch for the WebKit vulnerability which was exploited in other takedowns during the event including Safari. Google has been very proactive during Pwn2Own releasing 3 updates in total. From a contest standpoint it is a success for HP. Keep in mind that workable exploits are really the goal, it takes months to develop them and the systems are in default install state. 

The update addresses this CVE:

 

  • [$1337] CVE-2011-1290 [75712] High Memory corruption in style handling. Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported through ZDI.

 

Saturday
Mar122011

Using iOS 4.3 Then You Need ITUNES 10.2.1

Apple has released an update to iTunes to solve the among other issues problems with Sync related to iOS 4.3. Users can download the update here. http://www.apple.com/itunes/download/ 

Wednesday
Mar092011

APPLE-SA-2011-03-09-2 Safari 5.0.4  

Apple has released Safari 5.0.4 to address a host of issues included those related to libXML and WebKit. Users should apply this update to servers and clients using the software update tool. The update also includes the following improvements.

  • Improved stability for webpages with multiple instances of plug-in content
  • Improved compatibility with webpages with image reflections and transition effects
  • A fix for an issue that could cause some webpages to print with incorrect layouts
  • A fix for an issue that could cause content to display incorrectly on webpages with plug-ins
  • A fix for an issue that could cause a Screen Saver to appear while video is playing in Safari
  • Improved compatibility with VoiceOver on webpages with text input areas and lists with selectable items
  • Improved stability when using VoiceOver
Wednesday
Mar092011

APPLE-SA-2011-03-09-1 iOS 4.3

Apple has released iOS 4.3 for iPad, iPhone and iPod Touch. The update includes fixes for four vulnerabilities in WebKit, Safari (URL Handler), ImageIO and libXML. This update can only be applied using iTunes. Users should apply this update as soon as possible. 

Wednesday
Mar092011

APPLE-SA-2011-03-09-3 Apple TV 4.2

Apple has released an update to Apple TV to address various security issues including a buffer overflow in libTIFF, device reset over WiFi and arbitrary code execution in FreeType when processing a maliciously crafted font. Users should update their Apple TV immediately.