MAAS History
Archives
Tuesday
Aug242010

APPLE-SA-2010-08-24-1 Security Update 2010-005  

DateTuesday, August 24, 2010 at 09:03PM

Apple hase released Apple-SA-2010-08-24-1 to address a host of security issues in Mac OSX client and Mac OSX server. Highlight include addressing the stack buffer overflow in Apple Type Services (ATS), CFNetwork which allowed anonymous TLS/SSL connections, ClamAV update to 0.96.1 (Vulnerabilities in older versions), CoreGraphics heap buffer overflow and libsecurity not properly comparing host names with three componets. 

Administrators and Users should apply this patch immediately to their systems. For more details visit the reference link below. This update requires a reboot. 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , , , , ,
Monday
Aug232010

Google Chrome 5.0.375.127 Released

DateMonday, August 23, 2010 at 01:46PM

Google Chrome 5.0.375.127 has been released that includes patches for various flaws. Users should Chrome>About Chrome and select the Check For Updates button. 

Below is the list of various CVE addressed:

  • [$1337] [45400] Critical Memory corruption with file dialog. Credit to Sergey Glazunov. 
  • [$500] [49596] High Memory corruption with SVGs. Credit to wushi of team509.
  • [$500] [49628] High Bad cast with text editing. Credit to wushi of team509.
  • [$1000] [49964] High Possible address bar spoofing with history bug. Credit to Mike Taylor.
  • [$2000] [50515] [51835] High Memory corruption in MIME type handling. Credit to Sergey Glazunov.
  • [$1337] [50553] Critical Crash on shutdown due to notifications bug. Credit to Sergey Glazunov.
  • [51146] Medium Stop omnibox autosuggest if the user might be about to type a password. Credit to Robert Hansen.
  • [$1000] [51654] High Memory corruption with Ruby support. Credit to kuzzcc.
  • [$1000] [51670] High Memory corruption with Geolocation support. Credit to kuzzcc.

 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , , ,
Wednesday
Aug182010

Adobe Pre-notification of Reader 9.3.3 Patch

DateWednesday, August 18, 2010 at 10:39AM

Adobe has already released an update of Flash player, they are expected to release the Reader Update on 8/19/2010. These vulnerabilities were the ones discussed and presented at Black Hat. Users and administrators should save the date.

AuthordrStrangeP0rk | CommentPost a Comment |
in , , , , ,
Friday
Aug132010

APPLE-SA-2010-08-12-1 QuickTime 7.6.7

DateFriday, August 13, 2010 at 07:32AM
Apple has released an update for QuickTime to address a vulnerability in the Windows version. There was a buffer overflow in the error logging which can result in arbitrary coded execution.
AuthordrStrangeP0rk | CommentPost a Comment |
in , ,
Wednesday
Aug112010

Microsoft Office 2008 for Mac 12.2.6 Update

DateWednesday, August 11, 2010 at 10:13PM
Microsoft has released an update for Office 2008 for Mac programs. the update addresses vulnerabilities that allowed an attacker to overwrite the contents of memory with malicious code leading to arbitrary code execution or privilege escalation. Users should update their versions of Office immediately.
AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , , ,
Page 1 ... 16 17 18 19 20 ... 46 Next 5 Entries ยป