Video Screencast Help
Search Video Help Close Back
to help

Security Response

Showing posts tagged with Vulnerabilities & Exploits
Showing posts in English
Microsoft Patch Tuesday – May 2013
Symantec Security Response | 14 May 2013 19:02:31 GMT | 0 comments

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing 10 bulletins covering a total of 33 vulnerabilities. Eleven of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the May releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms13-May

The following is a breakdown of the issues...

Read more
Microsoft Patch Tuesday – April 2013
Candid Wueest | 02 May 2013 19:58:12 GMT | 0 comments

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing nine bulletins covering a total of 14 vulnerabilities. Four of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the April releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms13-Apr

The following is a breakdown of the issues...

Read more
Microsoft Patch Tuesday – March 2013
Candid Wueest | 02 May 2013 19:58:51 GMT | 0 comments

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing seven bulletins covering a total of 20 vulnerabilities. Twelve of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the March releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms13-Mar

The following is a breakdown of the issues...

Read more
Microsoft Patch Tuesday – February 2013
Candid Wueest | 12 Feb 2013 18:26:39 GMT | 0 comments

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing 12 bulletins covering a total of 57 vulnerabilities. Eighteen of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the February releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms13-Feb

The following is a breakdown of the...

Read more
Microsoft Patch Tuesday - January 2013
Candid Wueest | 08 Jan 2013 17:24:26 GMT | 0 comments

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing seven bulletins covering a total of 12 vulnerabilities. Three of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the January releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms13-Jan

The following is a breakdown of the...

Read more
Microsoft Patch Tuesday - December 2012
Candid Wueest | 11 Dec 2012 17:10:35 GMT | 0 comments

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing seven bulletins covering a total of 12 vulnerabilities. Ten of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the December releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms12-Dec

The following is a breakdown of the issues...

Read more
Microsoft Patch Tuesday - November 2012
Candid Wueest | 13 Nov 2012 18:25:50 GMT | 0 comments

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing six bulletins covering a total of 19 vulnerabilities. Seven of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the November releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms12-Nov

The following is a breakdown of the issues...

Read more
Microsoft Patch Tuesday - October 2012
Candid Wueest | 09 Oct 2012 17:55:37 GMT | 0 comments

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing seven bulletins covering a total of 20 vulnerabilities. One of this month's issues is rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the October releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms12-Oct

The following is a breakdown of the issues...

Read more
Microsoft Patch Tuesday - September 2012
Candid Wueest | 11 Sep 2012 16:57:35 GMT | 0 comments

Hello, welcome to this month’s blog on the Microsoft patch release. This month the vendor is releasing two bulletins covering a total of two vulnerabilities. None of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available
  • Run all software with the least privileges required while still maintaining functionality
  • Avoid handling files from unknown or questionable sources
  • Never visit sites of unknown or questionable integrity
  • Block external access at the network perimeter to all key systems unless specific access is required

Microsoft's summary of the September releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms12-Sep

The following is a breakdown of the issues...

Read more
The Elderwood Project
Symantec Security Response | 06 Sep 2012 23:00:00 GMT | 0 comments

In 2009, we saw the start of high profile attacks by a group using the Hydraq (Aurora) Trojan horse. We've been monitoring the attacking group's activities for the last three years as they've consistently targeted a number of industries. These attackers have used a large number of zero-day exploits against not just the intended target organization, but also on the supply chain manufacturers that service the company in their cross hairs. These attackers are systematic and re-use components of an infrastructure we have termed the "Elderwood Platform". The term "Elderwood" comes from the exploit communication used in some of the attacks. This attack platform enables them to quickly deploy zero-day exploits. The attacking methodology has always used spear phishing emails but we are now seeing an increased adoption of "watering hole" attacks (...

Read more