While there's lots of interesting security stories I could share today, one of the most practical infosec actions you can take is to keep your software patched. Yesterday was Microsoft and Adobe patch day, and Mozilla also recently released a pretty important Firefox update. Watch the video to learn about these important fixes, and more importantly, follow the links below to … [Read more...]
Microsoft Corrects Lync Server and .NET Framework DoS Flaws
Severity: Medium Summary: These vulnerabilities affect: Lync Server and .NET Framework How an attacker exploits them: Various, including by sending maliciously crafted packets or launching specially crafted calls Impact: An attacker could slow down or disrupt connections to the server, or stop it from responding at all. What to do: Install the appropriate Microsoft patches … [Read more...]
Microsoft Black Tuesday: Windows, IE, Lync, and .NET Patches
As you may know, today was Microsoft Patch Day. If you manage a Windows-based network, it's time to get the latest updates. According to Microsoft's summary post, the Redmond-based software company released four security bulletins fixing 41 vulnerabilities in many of their popular products. The affected software includes, Windows, Internet Explorer (IE), Lync Server, and the … [Read more...]
Microsoft Service Bus DoS Mostly Affects Enterprise Web Developers.
Among this week's Microsoft security bulletins is one that likely only affects a small subset of Microsoft customers, and thus not worth a full security alert. Microsoft Service Bus is a messaging component that ships with server versions of Windows, providing enterprise developers with the means to create message-driven applications. According to Microsoft's bulletin, Service … [Read more...]
TweetDeck XSS – WSWiR Episode 111
Patch Day, P.F. Changs Hack, and TweetDeck XSS This week delivered a lot of infosec news and a ton of software security updates. If you didn't have time to follow it all, check out our weekly computer security video to fill in the blanks. During today's episode, I cover the critical patches from Microsoft, Adobe and Mozilla, mention the latest credit card breach against a U.S. … [Read more...]