Widespread P2P Data Breaches
The Federal Trade Commission has notified almost 100 organizations that personal information, including sensitive data about customers and/or employees, has been shared from the organizations’ computer networks and is available on peer-to-peer (P2P) file-sharing networks to any users of those networks, who could use it to commit identity theft or fraud. The agency also has [...]
Microsoft Security Bulletin
Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for June 2009. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, or obtain sensitive information.
Apple Safari Vulnerabilities
Apple has released Safari 4.0 for Windows and Mac OS X to address multiple vulnerabilities in CFNetwork, CoreGraphics, ImageIO, International Components for Unicode, libxml, Safari, Safari Windows Installer, and WebKit. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting [...]
Apple QuickTime Updates for Multiple Vulnerabilities
National Cyber Alert System
Technical Cyber Security Alert TA09-022A
Apple QuickTime Updates for Multiple Vulnerabilities
Original release date: January 22, 2009
Source: US-CERT
Systems Affected
Apple QuickTime 7.5 for Windows and Mac OS X
Overview
Apple has released QuickTime 7.6 to correct multiple vulnerabilities affecting QuickTime for Mac OS X and Windows. Attackers may be able to exploit these vulnerabilities to execute arbitrary [...]
Read More About - Apple QuickTime Updates for Multiple Vulnerabilities »
Microsoft Windows Does Not Disable AutoRun Properly
National Cyber Alert System
Technical Cyber Security Alert TA09-020A
Microsoft Windows Does Not Disable AutoRun Properly
Source: US-CERT
Systems Affected
Microsoft Windows
Overview
Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft’s guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability.
I. Description
Microsoft Windows includes an AutoRun feature, which can automatically [...]
Read More About - Microsoft Windows Does Not Disable AutoRun Properly »
Oracle National Cyber Alert System
Oracle Updates for Multiple Vulnerabilities
Original release date: January 15, 2009
Source: US-CERT
Overview
Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
I. Description
The Oracle Critical Patch Update – January 2009 addresses 41 vulnerabilities in different Oracle products and components. The document [...]