In a few days Apple will release their latest iteration of the Mac OS X. The latest version, Leopard, will have some changes to the way Mac users do things. There are some great apps that have been added in like Time Machine.
Here is a summary of the security features such as Time Machine in the new Apple OS X.
From TidBITS.com:
With the release last week of the feature list for Mac OS X 10.5 Leopard, the security world is buzzing about some extremely important updates that should, if they work as expected, significantly improve Mac security and will make me less nervous about connecting to wireless networks in Internet cafes.
Time Machine — Before we dig into Leopard’s advanced anti-exploitation technologies, we need to start with the biggest security feature that’s not listed with the rest: Time Machine. Information security is based on the principles of CIA. No, not the Central Intelligence Agency or the Culinary Institute of America. In the security world, CIA stands for Confidentiality, Integrity, and Availability. While we tend to focus on keeping people from seeing things we don’t want them to see (confidentiality) and changing things we don’t want changed (integrity), having our data and systems available to us is just as important.
A very nice run down of the upcoming features for the release available this Friday.
Read on.
Tags: Apple Security, Mac OS X Security, Leopard Security
Here’s the run down from yesterday’s patch Tuesday announcement from Microsoft.
Critical
- Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810)
- Security Update for Outlook Express and Windows Mail (941202)
- Cumulative Security Update for Internet Explorer (939653)
- Vulnerability in Microsoft Word Could Allow Remote Code Execution (942695)
Important
- Vulnerability in RPC Could Allow Denial of Service (933729)
- Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007 Could Result in Elevation of Privilege Within the SharePoint Site (942017)
Tags: Patch Tuesday, Microsoft Patch Tuesday, Patch Management
From Adrian Kingsley-Huges blog over on ZDNet:
I can now confirm that the stealth Windows Update that I blogged about yesterday actually exists – because I’ve detected its presence on a machine at the PC Doc HQ.
At the PC Doc HQ we have several systems set not to update. This is so that they are kept at a specific patch level for testing duties. Many of these systems are virtual machines but some are physical. When I heard about this stealth update I decided to take a look at one of these systems that don’t update automatically – and within seconds I found what I was looking for.
Wow, this is truly sucktastic. I have seen apps go completely sideways after some Microsoft patches were applied. Now, factor in this “stealth” update function. Now ponder those systems in your production environment.
Not cool.
For the full posting read on.
Tags: Windows Updates, Windows Stealth Updates, Stealth Updates
The September advance bulletin for Microsoft’s Patch Tuesday is out. It falls on September 11th this year.
Quick highlights:
1 Critical (remote code execution)
4 Important (2 remote code execution, 2 elev priv)
Affected Software:
Windows (critical)
Visual Studio (important)
Windows Services for UNIX (important)
MSN Messenger (important)
Windows, SharePoint Server (important)
Tags: Patch Tuesday, September 11, Microsoft September Patch Release
Well, the Microsoft patches for August are out and there are 6 critical and 3 important.
Critical:
- MS07-042: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227)
- MS07-043: Vulnerability in OLE Automation Could Allow Remote Code Execution (921503)
- MS07-044: Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940965)
- MS07-045: Cumulative Security Update for Internet Explorer (937143)
- MS07-046: Vulnerability in GDI Could Allow Remote Code Execution (938829)
- MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127)
Important:
- MS07-047: Vulnerability in Windows Media Player Could Allow Remote Code Execution (936782)
- MS07-048: Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution (938123)
- MS07-049: Vulnerability in Virtual PC and Virtual Server Could Allow Elevation of Privilege (937986)
The overarching catch phrase here…remote code execution.
Tags: MS07-042, MS07-043, MS07-044, MS07-045, MS07-046, MS07-047, MS07-048, MS07-049, MS07-050
From MSRC:
Next Tuesday, we’re currently planning to release nine security bulletins:
- Six Microsoft Security Bulletins affecting Microsoft Windows with a Maximum Severity rating of Critical. These updates will require a restart and will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool.
- One Microsoft Security Bulletins affecting Microsoft Office with a Maximum Severity rating of Critical. These updates will not require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
- One Microsoft Security Bulletin affecting Microsoft Office and Microsoft Windows a Maximum Severity rating of Critical. This update will require a restart and will be detectable using the Microsoft Baseline Security Analyzer.
- One Microsoft Security Bulletin affecting Microsoft Virtual PC and Microsoft Virtual Server with a Maximum Severity rating of Important. This update will require a restart and will be detectable using the Microsoft Baseline Security Analyzer and the Enterprise Scan Tool.
Tags: Microsoft Patch Tuesday, Microsoft Advance Notice, Patch Tuesday
Well its that time again and for this installment there are 6, count em, 6 new advisories.
Enjoy
- MS07-036: This security update resolves three vulnerabilities that could allow remote code execution if a user opens a specially crafted Excel file.
- MS07-039: This security update resolves two vulnerabilities in implementations of Active Directory on Windows 2000 Server and Windows 2003 Server that could allow remote code execution.
- MS07-040: This security update resolves two vulnerabilities that could allow remote code execution and one information disclosure vulnerability on client systems with .NET Framework installed.
Two bulletins have a maximum severity of Important:
- MS07-037: This security update resolves a vulnerability that could allow remote code execution if a user viewed a specially crafted Microsoft Office Publisher 2007 file.
- MS07-041: This security update resolves a vulnerability which could allow remote code execution if an attacker sent specially crafted URL requests to a Web page hosted by Internet Information Services (IIS) 5.1 on Windows XP Professional Service Pack 2.
One bulletin has a maximum severity of Moderate:
- MS07-038: This security update resolves a vulnerability that could allow an attacker could to gather system-specific information about the affected host.
Tags: Microsoft Patch Tuesday, OS Patches, Microsoft Patches, Patch Tuesday
Here we go again…
From Computer Weekly:
Microsoft will release six security updates on Tuesday 10 July to address flaws attackers could exploit to launch malicious code and access sensitive information on victims’ machines.
Affected products range from Office to multiple versions of Windows, including Vista, and according to the advance bulletin Microsoft released on 5 July , three of the updates will be rated critical, two important and one as moderate.
All the critical updates are for remote execution flaws and affect Windows, Office, Excel and the .Net Framework. The two important updates will fix remote code execution flaws in Windows XP Professional, Office and Publisher, and the one moderate bulletin will fix an information disclosure flaw in Vista.
As it does every month, Microsoft will also update its Malicious Software removal tool and hold a Webcast Wednesday at 11 a.m. Pacific Time. Microsoft will also release five non-security, high-priority updates.
Tags: Microsoft Patch Tuesday, Microsoft Security Updates, Patch Tuesday
From Secunia:
Description:
Sun has acknowledged a vulnerability in Solaris, which can potentially be exploited by malicious people to compromise a vulnerable system.For more information:
SA25800The vulnerability affects Sun Solaris 8, 9, and 10 for both the SPARC and x86 platforms.
Solution:
Apply patches.– SPARC Platform –
Solaris 8:
Apply patch 126928-01.
http://sunsolve.sun.com/search/docume…setkey=urn:cds:docid:1-21-126928-01-1Solaris 9:
Apply T-patch T113318-31.Solaris 10:
Apply patch 123809-02.
http://sunsolve.sun.com/search/docume…setkey=urn:cds:docid:1-21-123809-02-1– x86 Platform –
Solaris 8:
Apply patch 126929-01.
http://sunsolve.sun.com/search/docume…setkey=urn:cds:docid:1-21-126929-01-1Solaris 9:
Apply T-patch T117468-17.Solaris 10:
Apply patch 126837-01.
http://sunsolve.sun.com/search/docume…setkey=urn:cds:docid:1-21-126837-01-1Preliminary T-patches are available from:
http://sunsolve.sun.com/tpatchesA final resolution is reportedly pending completion.
Original Advisory:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1
Tags: Sun, Solaris, Kerberos Vulnerability
OK, the good bad news is out. Here are the four critical patches. There is also one important and one moderate. Right, hop to it.
MS07-031 Windows Schannel Security Package Could Allow Remote Code Execution
This critical security update resolves a privately reported vulnerability in the Secure Channel (Schannel) security package in Windows. The Schannel security package implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols. This vulnerability could allow remote code execution if a user viewed a specially crafted Web page using an Internet Web browser or used an application that makes use of SSL/TLS. However, attempts to exploit this vulnerability would most likely result in the Internet Web browser or application exiting. The system would not be able to connect to Web sites or resources using SSL or TLS until a restart of the system.
MS07-033 Cumulative Security Update for Internet Explorer
This critical security update resolves five privately reported vulnerabilities and one publicly disclosed vulnerability. All but one of these vulnerabilities could allow remote code execution if a user viewed a specially crafted Web page using Internet Explorer. One vulnerability could allow spoofing, and also involves a specially crafted Web page. In all remote code execution cases, users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. For the spoofing case, exploitation requires user interaction.
