Video Screencast Help
Security Response
Showing posts tagged with Vulnerabilities & Exploits
Showing posts in English
Candid Wueest | 08 Jan 2013 17:24:26 GMT

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing seven bulletins covering a total of 12 vulnerabilities. Three of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the January releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms13-Jan

The following is a breakdown of the...

Candid Wueest | 11 Dec 2012 17:10:35 GMT

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing seven bulletins covering a total of 12 vulnerabilities. Ten of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the December releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms12-Dec

The following is a breakdown of the issues...

Candid Wueest | 13 Nov 2012 18:25:50 GMT

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing six bulletins covering a total of 19 vulnerabilities. Seven of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the November releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms12-Nov

The following is a breakdown of the issues...

Candid Wueest | 09 Oct 2012 17:55:37 GMT

Hello, welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing seven bulletins covering a total of 20 vulnerabilities. One of this month's issues is rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft's summary of the October releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms12-Oct

The following is a breakdown of the issues...

Candid Wueest | 11 Sep 2012 16:57:35 GMT

Hello, welcome to this month’s blog on the Microsoft patch release. This month the vendor is releasing two bulletins covering a total of two vulnerabilities. None of this month's issues are rated ’Critical’.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available
  • Run all software with the least privileges required while still maintaining functionality
  • Avoid handling files from unknown or questionable sources
  • Never visit sites of unknown or questionable integrity
  • Block external access at the network perimeter to all key systems unless specific access is required

Microsoft's summary of the September releases can be found here:
http://technet.microsoft.com/en-us/security/bulletin/ms12-Sep

The following is a breakdown of the issues...

Symantec Security Response | 06 Sep 2012 23:00:00 GMT

In 2009, we saw the start of high profile attacks by a group using the Hydraq (Aurora) Trojan horse. We've been monitoring the attacking group's activities for the last three years as they've consistently targeted a number of industries. These attackers have used a large number of zero-day exploits against not just the intended target organization, but also on the supply chain manufacturers that service the company in their cross hairs. These attackers are systematic and re-use components of an infrastructure we have termed the "Elderwood Platform". The term "Elderwood" comes from the exploit communication used in some of the attacks. This attack platform enables them to quickly deploy zero-day exploits. The attacking methodology has always used spear phishing emails but we are now seeing an increased adoption of "watering hole" attacks (...

Symantec Security Response | 06 Sep 2012 23:00:00 GMT

Symantec Security Response have published a research paper revealing details about a series of attacks perpetrated by a highly organized and well funded group using the “Elderwood” Attack Platform. This platform is a series of tools and infrastructure used by this group to perform attacks against targets in a speedy and efficient manner. The group behind this platform used it to carry out a multitude of attacks against targets primarily in the defense industry and other organizations within its supply chain. This group demonstrates a dogged persistence and tenacity, along with a high degree of technical expertise as shown by the seemingly unlimited supply of zero-day exploits that they have employed in the past. This research examines a time window of at least three years in which numerous attacks were conducted and still continues to take place to this day. The paper covers the attack methods used, the possible motives, the scale of the attacks and what to do to stay...

Bhaskar Krishna | 21 Aug 2012 21:12:17 GMT

As we are all aware, Adobe released security updates for Adobe Flash Player 11.3.300.270 and earlier versions for Windows, Macintosh, and Linux. These security updates address the Adobe Flash Player CVE-2012-1535 Remote Code Execution Vulnerability that could cause the application to crash and potentially allow an attacker to take control of the compromised computer. Adobe has also stated that there are reports of the vulnerability being exploited in the wild in limited targeted attacks distributed through malicious Word documents.

We have observed these threats since August 10, 2012, and to-date we have successfully blocked more than 1,300 samples. The first sample...

Candid Wueest | 14 Aug 2012 17:42:43 GMT

Hello, welcome to this month’s blog on the Microsoft patch release. This month the vendor is releasing nine bulletins covering a total of 26 vulnerabilities. Twenty-one of this month's issues are rated ’Critical’. The Critical issues affect Windows common controls, Internet Explorer, Remote Desktop Protocol (RDP), Print Spooler service, Remote Administration Protocol (RAP), and Microsoft Exchange Server.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available
  • Run all software with the least privileges required while still maintaining functionality
  • Avoid handling files from unknown or questionable sources
  • Never visit sites of unknown or questionable integrity
  • Block external access at the network perimeter to all key systems unless specific access is required

Microsoft's summary of the August releases can be found here...

Candid Wueest | 10 Jul 2012 17:27:26 GMT

Hello and welcome to this month's blog on the Microsoft patch release. This month the vendor is releasing nine bulletins covering a total of 16 vulnerabilities. Four of this month's issues are rated 'Critical' affecting Microsoft Data Access Components, Internet Explorer, and XML Core Services.

As always, customers are advised to follow these security best practices:

  • Install vendor patches as soon as they are available.
  • Run all software with the least privileges required while still maintaining functionality.
  • Avoid handling files from unknown or questionable sources.
  • Never visit sites of unknown or questionable integrity.
  • Block external access at the network perimeter to all key systems unless specific access is required.

Microsoft’s summary of the July releases can be found here:
http://technet.microsoft.com/en-...