Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2888898 times)

Asyn · « **Reply #870 on:** November 10, 2010, 05:06:27 PM »

Critical Hole in Mac OS X 10.5.x
http://www.coresecurity.com/content/Apple-OSX-ATSServer-CharStrings-Sign-Mismatch

Pondus · « **Reply #871 on:** November 11, 2010, 11:18:02 PM »

Hidden second Wi-Fi network with the Thomson TWG870U router
http://www.norman.com/security_center/blog/righard_zwienenberg/129786/en

Asyn · « **Reply #872 on:** November 12, 2010, 08:05:50 AM »

Quote from: Asyn on November 10, 2010, 07:51:27 AM

Quote from: Asyn on November 06, 2010, 05:35:45 PM
Microsoft warns of zero-day hole in Internet Explorer
https://www.microsoft.com/technet/security/advisory/2458511.mspx
http://www.symantec.com/connect/blogs/new-ie-0-day-used-targeted-attacks
http://blogs.technet.com/b/msrc/archive/2010/11/02/microsoft-releases-security-advisory-2458511.aspx
http://blogs.technet.com/b/srd/archive/2010/11/03/dep-emet-protect-against-attacks-on-the-latest-internet-explorer-vulnerability.aspx
http://support.microsoft.com/kb/2458511/en-us

Heads up... 0-day in an exploit kit
http://thompson.blog.avg.com/2010/11/heads-up-0-day-in-an-exploit-kit.html

Amnesty International Hong Kong Website Injected With Latest Internet Explorer 0-day
http://community.websense.com/blogs/securitylabs/archive/2010/11/10/Amnesty-International-Hong-Kong-Website-Injected-With-Latest-Internet-Explorer-0_2D00_day-.aspx

osants911 · « **Reply #873 on:** November 12, 2010, 09:06:48 AM »

How do criminals use Facebook? Let us count the ways

http://www.sync-blog.com/sync/2010/11/how-do-criminals-use-facebook-let-us-count-the-ways.html

Asyn · « **Reply #874 on:** November 15, 2010, 09:49:25 AM »

Stuxnet: A Breakthrough
http://www.symantec.com/connect/blogs/stuxnet-breakthrough

osants911 · « **Reply #875 on:** November 16, 2010, 09:17:19 AM »

Global spam e-mail drops after hacker arrests

http://www.bbc.co.uk/news/technology-11757347

Asyn · « **Reply #876 on:** November 16, 2010, 02:35:57 PM »

How the TLD4 rootkit gets around driver signing policy on a 64-bit machine
http://sunbeltblog.blogspot.com/2010/11/how-tld4-rootkit-gets-around-driver.html

Asyn · « **Reply #877 on:** November 17, 2010, 11:47:38 PM »

Red Hat warns of hole in OpenSSL
http://rhn.redhat.com/errata/RHSA-2010-0888.html
http://openssl.org/news/secadv_20101116.txt

Asyn · « **Reply #878 on:** November 17, 2010, 11:50:19 PM »

Quote from: Asyn on November 05, 2010, 01:29:59 PM

Adobe, Adobe, Adobe...
http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html
http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077255.html
http://secunia.com/advisories/42112/

Update for Adobe Reader fixes 19 holes
http://www.adobe.com/support/security/bulletins/apsb10-28.html

scythe944 · « **Reply #879 on:** November 18, 2010, 04:11:06 PM »

Quote from: Asyn on November 17, 2010, 11:50:19 PM

Quote from: Asyn on November 05, 2010, 01:29:59 PM
Adobe, Adobe, Adobe...
http://blogs.adobe.com/psirt/2010/11/potential-issue-in-adobe-reader.html
http://lists.grok.org.uk/pipermail/full-disclosure/2010-November/077255.html
http://secunia.com/advisories/42112/

Update for Adobe Reader fixes 19 holes
http://www.adobe.com/support/security/bulletins/apsb10-28.html

I don't want to sidetrack this thread, but this is something that really just drives me nuts. I understand Adobe patches as soon as they can and I appreciate that, even if they take WAY too long to do so. But it's very difficult to keep all of your computers up to date and patched when it requires admin rights in order to run the update.

In the schools that I manage, I don't allow my users to have admin rights, in fact, they pretty much don't have any rights at all, they can barely even open the task manager.

So when I have to go around the school and update adobe on every computer in the lab, the student classrooms, and the teacher computers, I just curse adobe's name. Same goes for iTunes/Quicktime, same goes for shockwave (which asks for admin rights at least, so that's nice), same for Java.

I really wish they'd let standard users update the software somehow, or ask for permission when the install starts instead of just erroring out and quitting. Why can't MS integrate third-party updates in WSUS!!!

Nope, can't do that, you just have to spend $4k on shavlik or something. Ridiculous.

/rant.

Lisandro · « **Reply #880 on:** November 18, 2010, 04:16:17 PM »

scythe, the only thing we need, in this case, is a service installed and running or a Windows Task running with admin rights for all users.

scythe944 · « **Reply #881 on:** November 18, 2010, 04:35:15 PM »

Quote from: Tech on November 18, 2010, 04:16:17 PM

scythe, the only thing we need, in this case, is a service installed and running or a Windows Task running with admin rights for all users.

And that's not going to happen, since MS won't even let standard users run Windows Updates (unless enabled through group policy). I understand their reasoning though. If it's a business environment, some IT Admins like to test the updates first before deploying them to see if they break applications.

It's frustrating, but there's no win-win situation. You either have to go around to every computer manually and update all the third-party software, or give rights to users that they shouldn't have in order for them to do it themselves.

To me, there's only two ways to fix this. Either the Third-parties need to allow admin creds be entered as the update runs (so we don't have to log off the current user, log in as admin, install the update, then log off and back on as the user), OR, MS needs to integrate at least common third-party software updates, so that admins can authorize them and push them out as needed.

Quote

service installed and running or a Windows Task running with admin rights for all users.

Sounds too scary, and if it were exploited, it could cause all kinds of problems. It would work though.

Lisandro · « **Reply #882 on:** November 18, 2010, 05:29:23 PM »

Quote from: scythe944 on November 18, 2010, 04:35:15 PM

Sounds too scary, and if it were exploited, it could cause all kinds of problems. It would work though.

Life is scaring

Google already does it. Secunia PSI does it. Some defragmentation tools do it...
avast does it (service)

Pondus · « **Reply #883 on:** November 19, 2010, 01:24:55 AM »

Google Chrome tops 'Dirty Dozen' vulnerable apps list
http://www.networkworld.com/news/2010/111510-google-chrome-dirty-dozen.html?t51hb

Asyn · « **Reply #884 on:** November 19, 2010, 09:28:17 PM »

Free ClamWin virus scanner moves most of Windows into quarantine
http://www.h-online.com/open/news/item/Free-ClamWin-virus-scanner-moves-most-of-Windows-into-quarantine-1139430.html

Author Topic: SECURITY WARNINGS & Notices - Please post them here (Read 2888898 times)

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

Pondus

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

osants911

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

osants911

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here

scythe944

Re: SECURITY WARNINGS & Notices - Please post them here

Lisandro

Re: SECURITY WARNINGS & Notices - Please post them here

scythe944

Re: SECURITY WARNINGS & Notices - Please post them here

Lisandro

Re: SECURITY WARNINGS & Notices - Please post them here

Pondus

Re: SECURITY WARNINGS & Notices - Please post them here

Asyn

Re: SECURITY WARNINGS & Notices - Please post them here