Previous%20Gnews - PowerPoint PPT Presentation

About This Presentation
Title:

Previous%20Gnews

Description:

Title: PowerPoint Presentation Created Date: 1/1/1601 12:00:00 AM Document presentation format: On-screen Show (4:3) Other titles: Arial Ravie Default Design Slide 1 ... – PowerPoint PPT presentation

Number of Views:190
Avg rating:3.0/5.0
Slides: 12
Provided by: dc2120
Learn more at: https://dc214.org
Category:
Tags: 20gnews | previous | voip

less

Transcript and Presenter's Notes

Title: Previous%20Gnews


1
Previous Gnews
2
Patch Tuesday
  • 13 Patches 8 Critical, Affects pretty much
    everything
  • Other updates, MSRT, Defender Definitions, Junk
    Mail Filter
  • MS09-050 - SMBv2 Remote Code Execution
  • MS09-051 - Windows Media Runtime Remote Code
    Execution
  • MS09-052 - Vulnerability in Windows Media Player
    Remote Code Execution
  • MS09-053 - FTP Service for Internet Information
    Services Remote Code Execution
  • MS09-054 - Cumulative Security Update for
    Internet Explorer
  • MS09-055 - Cumulative Security Update of ActiveX
    Kill Bits
  • MS09-056 - Windows CryptoAPI Spoofing
  • MS09-057 - Vulnerability in Indexing Service
    Remote Code Execution
  • MS09-058 - Windows Kernel Elevation of Privilege
  • MS09-059 - Vulnerability in Local Security
    Authority Subsystem Service Denial of Service
  • MS09-060 - Microsoft Active Template Library
    (ATL) ActiveX Controls for Microsoft Office
    Remote Code Execution
  • MS09-061 - the Microsoft .NET Common Language
    Runtime Remote Code Execution
  • MS09-062 - GDI Remote Code Execution

3
Holes / Patches
  • Oracle Patches are due Oct 20th.
  • Apple iTunes 9.0.1
  • Apple Xsan 2.2
  • Apple Security Update 2009-005
  • Mac OS X 10.6
  • Bug in 10.6 wipes user data
  • VLC Plyer, multiple buffer overflows
  • googleapps.exe mishandles googleapps.url.mailto
  • Adobe Reader
  • Browsers - Chrome, Firefox

4
Hacking
  • Skulpt and Pyjamas Python in a browser
  • Twitter direct messaging worm
  • Phishing attempt
  • variance-based radio tomographic imaging
  • X-Ray vision via wireless
  • PayPal null prefix SSL certificate
  • Moxie Marlispike SSLsniff and SSLstrip
  • Office Starter 2010
  • Ad Based Office Lite

5
Corp. Hell
  • Facebook to shutdown Beacon
  • Microsoft Essentials goes live, blocked on
    unofficial OSes
  • Next version of Firefox will fix XSS
  • Content Security Policy (CSP)
  • iPhone to allow VOIP

6
Books
7
Games
  • Wii upgrade attempts to block home-brew

8
Papers
A Spotlight on Security and Privacy Risks with
Future Household Robots Attacks and
Lessons University of Washington INSECURE
Magazine 22
9
Updates
snort.2.8.5 Websecurify flawfinder source code
review NST v2.11.0 Emerging threats changes
rule sets, config update needed John the ripper
1.7.3.4 samhain 2.5.9c file integrity
10
Con
  • ToorCon, 23-25 Oct / San Diego
  • http//toorcon.org/

11
All images scavenged without permission
All images scavenged without permission
Write a Comment
User Comments (0)
About PowerShow.com