Besides all the Windows and Windows component-related bulletins from today, Microsoft also released a relatively minor bulletin about two cross-site scripting (XSS) vulnerabilities that affect Microsoft System Center Operations Manager (SCOM) 2007. For those unaware of this specialized product, SCOM is a centralized, cross-platform management system for 0perating systems and … [Read more...]
Windows Updates Include .NET and MSXML Fixes
Severity: High Summary: These vulnerabilities affect: All current versions of Windows and components that often ship with it (like XML Core Services and the .NET Framework). Some vulnerable components also affect Office and Server Software products. How an attacker exploits them: Multiple vectors of attack, including sending malicious print jobs to luring victims to … [Read more...]
Microsoft Black Tuesday: Updates Correct .NET and MSXML Flaws
Are you ready for the first Patch Day of 2013? If you run a Microsoft shop (Mac users need not apply this month), get ready as you'll want to install some of today's updates as soon as you can. As promised, Microsoft released seven security bulletins and software updates today, two of which they rate as Critical. The seven updates fix 12 vulnerabilities in products like … [Read more...]
WatchGuard Security Week in Review: Episode 46 – IE 0day
IE 0day, Fraudulent Certs, and Damaged Drivers Happy New Year everyone, and welcome back to 2013's first episode of WatchGuard Security Week in Review (WSWiR). If you are new to our blog, the WSWiR vlog is a weekly video podcast designed to keep busy IT admins up-to-date with the latest security news and events every week. I cover big breaches, zero day flaws, software … [Read more...]
Ring in the New Year with Seven Microsoft Patches
If you, like me, are still basking in the afterglow of a relaxing holiday respite, the relentless re-introduction of Microsoft Patch Day may seem like a harsh reminder of some of the drudgery suffered by an InfoSec professional. Don't get me wrong! Patching is one of the most effective ways of keeping your systems safe. Yet, its ceaseless nature can't help but put me into … [Read more...]