BuyLow.com Computers And Internet - Internet Security, Computers, Mobile Devices, Networks

BuyLow.com | Resources | Contact Us


 

Microsoft Updates for Multiple Vulnerabilities

Source: US-CERT
As part of the Microsoft Security Bulletin Summary for March 2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows and Windows Server.
A remote, unauthenticated attacker could gain elevated privileges, poison the DNS cache, execute arbitrary code, or cause a vulnerable application to crash.
Solution
Microsoft has provided updates for these vulnerabilities in the Microsoft [...]

Read More About - Microsoft Updates for Multiple Vulnerabilities »

Active Exploitation of Microsoft Internet Explorer 7 Vulnerability

US-CERT is aware of a public report indicating active exploitation of a previously patched vulnerability in Microsoft Internet Explorer 7. This vulnerability was addressed in Microsoft Security Advisory MS09-002. Additional information is available in US-CERT Technical Cyber Security Alert TA09-041A.
US-CERT encourages users to apply the update or workarounds as specified in Microsoft Security Advisory MS09-002. [...]

Read More About - Active Exploitation of Microsoft Internet Explorer 7 Vulnerability »

Microsoft Updates for Multiple Vulnerabilities

Systems Affected:
* Microsoft Internet Explorer
* Microsoft Office Visio
* Microsoft Exchange and SQL Server
Overview
Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.
I. Description
As part of the Microsoft Security Bulletin Summary for February 2009, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, Exchange Server, SQL Server, Office, and other [...]

Read More About - Microsoft Updates for Multiple Vulnerabilities »

White House (.gov) Email Down Due to Microsoft

The new White House team found out there email systems were down for most of the day on Monday. Press Secretary Robert Gibbs mad the announcement of the technical difficulties at his 1:30 p.m. briefing. He apologized for the e-mail silence and blamed it on a Mircrosoft Outlook server.
Both incoming and outgoing email were [...]

Read More About - White House (.gov) Email Down Due to Microsoft »

Microsoft Windows Does Not Disable AutoRun Properly

National Cyber Alert System
Technical Cyber Security Alert TA09-020A
Microsoft Windows Does Not Disable AutoRun Properly
Source: US-CERT
Systems Affected
Microsoft Windows
Overview
Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft’s guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability.
I. Description
Microsoft Windows includes an AutoRun feature, which can automatically [...]

Read More About - Microsoft Windows Does Not Disable AutoRun Properly »

Microsoft Technical Cyber Security Alerts Multiple SMB Protocol Vulnerabilities

Original release date: January 13, 2009
Source: US-CERT
Systems Affected
Microsoft Windows 2000, XP, and Vista
Microsoft Windows Server 2000, 2003, and 2008
Overview
Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.
I. Description
In their bulletin for January 2009, Microsoft released updates to address vulnerabilities in the Server Message Block (SMB) Protocol that affects all supported versions [...]

Read More About - Microsoft Technical Cyber Security Alerts Multiple SMB Protocol Vulnerabilities »

Protect Your Computer From Microsoft

Microsoft
Microsoft Security
4 steps to protect your computer
Step 1. Keep your firewall turned on
What is a firewall?
A firewall helps protect your computer from hackers who might try to delete information, crash your computer, or even steal your passwords or credit card numbers. Make sure your firewall is always turned on.
• How to turn on your firewall
• [...]

Read More About - Protect Your Computer From Microsoft »

RSS BugTraq

  • [SECURITY] [DSA 2100-1] New openssl packages fix double free
    Posted by Moritz Muehlenhoff on Aug 30------------------------------------------------------------------------ Debian Security Advisory DSA-2100-1 security () debian org http://www.debian.org/security/ Moritz Muehlenhoff August 30, 2010 http://www.debian.org/security/faq ------------------------------------------------------------------------ Package : opens […]
  • Re: [Full-disclosure] QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll)
    Posted by security curmudgeon on Aug 30: 1. OVERVIEW : : The QtWeb Browser application is vulnerable to Insecure DLL Hijacking : Vulnerability. Similar terms that describe this vulnerability have been : come up with Remote Binary Planting, and Insecure DLL : Loading/Injection/Hijacking/Preloading. : 3. VULNERABILITY DESCRIPTION : : The QtWeb Browser applicat […]
  • [ MDVSA-2010:165 ] libHX
    Posted by security on Aug 30 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2010:165 http://www.mandriva.com/security/ _______________________________________________________________________ Package : libHX Date : August 30, 2010 Affected: 2009.0, 2009.1, 2010.0, 2010.1 _________________________ […]
  • {Lostmon - Groups} Safari for windows Invalid SGV text style Webkit.dll DoS
    Posted by Lostmon lords on Aug 30################################################### Safari for windows Invalid SGV text style Webkit.dll DoS Vendor URL:www.apple.com Advisore:http://lostmon.blogspot.com/2010/08/safari-for-windows-invalid-sgv-text.html Vendor notify :Yes exploit available :YES ################################################### Safari browse […]
  • R7-0036: FCKEditor.NET File Upload Code Execution
    Posted by HD Moore on Aug 30R7-0036: FCKEditor.NET File Upload Code Execution August 30, 2010 -- Vulnerability Details: FCKEditor contains a file renaming bug that allows remote code execution. Specifically, it is possible to upload ASP code via the ASP.NET connector  in FCKEditor. The vulnerability requires that the remote server be running IIS. This vulne […]