The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities:Firefox 14Firefox ESR 10.0.6Thunderbird 14Thunderbird ESR 10.0.6SeaMonkey 2.11These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition,…
Oracle has released its Critical Patch Update for July 2012 to address 87 vulnerabilities across multiple products. This update contains the following security fixes:4 for Oracle Database Server1 for Oracle Application Express Listener2 for Oracle Secure Backup22 for Oracle Fusion Middleware1 for…
A common fraud, called “phishing”, sends messages that appear to be from a bank, shop or auction, giving a link to a fake website and asking you to follow that link and confirm your account details. The fraudsters then use your account details to buy stuff or transfer money out of the account.…
Google has released Google Chrome 20.0.1132.57 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.US-CERT encourages users and administrators to review the Google…
Microsoft has released security advisory 2719662 to address a vulnerability in Microsoft Windows Sidebar and Gadgets. This vulnerability may allow an attacker to execute arbitrary code, take control of an affected system, or disclose sensitive information.US-CERT encourages users and administrators…
Microsoft has released security advisory 2728973 to replace a number of certificates that did not meet Microsoft's high standard of Public-Key Infrastructure (PKI) management. This update places the intermediate certificate authority (CA) certificates in the Untrusted Certificate Store and…
Cisco has released security advisories to address multiple vulnerabilities affecting the following products:Cisco TelePresence ManagerCisco TelePresence Recoding ServerCisco TelePresence Multipoint SwitchCisco TelePresence Immersive Endpoint SystemThese vulnerabilities may allow an attacker to…
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, Developer Tools, and Server Software as part of the Microsoft Security Bulletin summary for July 2012. These vulnerabilities may allow an attack to execute arbitrary code, operate with elevated…
Cisco has released a security advisory to address vulnerabilities affecting the following products:Cisco WebEx Recording Format (WRF)Cisco Advanced Recording Format (ARF)These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.US-CERT encourages…
Google has released Google Chrome 20.0.1132.43 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.US-CERT encourages users and administrators to review the Google…
Cisco has released three security advisories to address vulnerabilities affecting the following products:Cisco ASA 5500 Series Adaptive Security Appliances (Cisco ASA)Cisco Catalyst 6500 Series ASA Service Module (Cisco ASASM)Cisco AnyConnect Secure Mobility ClientCisco Application Control Engine…
On June 13, the Pennsylvania House of Representatives voted on legislation to massively expand the spying power of both the government and civilians. The ACLU of Pennsylvania is disappointed that the state House passed HB 2400, but the struggle against this bill goes on. We are hopeful that the…
Apple has released a Java update to address multiple vulnerabilities for the following products:Mac OS X v10.6.8Mac OS X Server v10.6.8OS X Lion v10.7.4OS X Lion Server v10.7.4These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.US-CERT…
Microsoft has released Security Advisory 2719615 to address a vulnerability in Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0. This vulnerability may allow an attacker to execute arbitrary code if a user accesses specially crafted web pages using Internet Explorer. According to the advisory,…
Oracle released its Critical Patch Update for June 2012 containing 14 security fixes for the following products:JDK and JRE 7 Updates 4 and earlierJDK and JRE 6 Update 32 and earlierJDK and JRE 5.0 Update 35 and earlierSDK and JRE 1.4.2_37 and earlierJavaFX 2.1 and earlierUS-CERT encourages users…