|
| May 2007 Cisco Unpatched Vulnerability in IPS and IOS |
|---|
Cisco is reporting that a malicious user could utilize an unpatched flaw
in Cisco's Intrusion Prevention System (IPS) and Internetwork Operating
System (IOS) with Firewall/IPS Feature Set to evade security restrictions
and launch attacks. |
| |
| Feb. 2007 Microsoft Pre-Patch Notification |
|---|
Tuesday, Feb. 13, 2007, at roughly 1000 PT, Microsoft will be releasing
their next set of patches. There will be twelve...
|
| |
| MSIE VML Vulnerability |
|---|
We are seeing a large uptick in activity meant to drive users to
compromised servers that are serving malicious sites aimed at exploiting
the latest MS Internet ... |
| |
| Multiple Patch Releases: MS, Apple, Adobe
|
|---|
|
There are multiple patch related issues that network administrators should be aware of and prepared to address:
MS has re-issued MS06-... |
| |
| Microsoft Word Remote Code Execution Vulnerability |
|---|
We are aware of a Microsoft Word vulnerability that is currently being
actively exploited. This vulnerability allows for remote code execution
via a Word documen... |
| | | Cisco Unauthorized Access Flaw |
|---|
We have noted a Cisco advisory concerning a vulnerability that has the
potential to allow unauthorized users EXEC access to an affected Cisco
device. Authorize... |
| | | Microsoft Issues Updated Patch |
|---|
Microsoft has issued an update to their recent MS06-042 patch that fixed
the issues it was made for, but also opened up an additional remote code
execution vulner... |
| | | MS06-034 Installation Failures |
|---|
Microsoft has issued a notice to Windows 2003 SP1 administrators regarding
silent failures of the MS06-034 patch released last week. Based on the
information supp... |
| | | July Microsoft Patch Release |
|---|
The releases by Microsoft yesterday included patches for several MS Office
vulnerabilities as well as one in particular that involves the "Server"
service.
|
| |
| |
| Microsoft Warns IE Under Attack on Patch Tuesday |
|---|
As Microsoft pushed out two Patch Tuesday security updates for Windows and Microsoft Office Excel, the company warned that attackers are targeting a new vulnerability in Internet Explorer that can be used to hijack machines.
- Microsoft issued a warning today for Internet Explorer users as the company pushed out its monthly round of patches to cover security holes in Windows and Microsoft Office Excel. In an advisory, the company warned that a new vulnerability was being targeted in attacks against Internet Explo | | |
| Apple iPad Security Considerations for the Enterprise |
|---|
The Apple iPad is scheduled to hit U.S. stores April 3. Though a consumer device, it's a safe bet that like the iPhone and iPod before it, the iPad will make its way into the enterprise. Before it does, enterprises need to think about the security implications of yet another consumer device touching their networks. What security features should they ask for from Apple? What about protecting data accessed on the device? These questions and more should be on the minds of administrators planning ahead for the device, security pros say. At eWEEK, we have gathered ideas on what enterprises should consider regarding the iPad, and what should be on their Apple security wish list.
- | | |
| Google Apps Premier Adds Mobile Device Managment |
|---|
Google Apps Premier and Education now offer limited security and policy controls over ActiveSync enabled mobile devices, allowing companies using Gmail services to enforce a little bit of control over devices in their field. Policy controls are extremely limited and reporting capabilities are practically nil, but things that are in there work adequately and the price is right.
- | | |
| Cloud Computing's 7 Deadliest Security Risks |
|---|
At the RSA security conference, cloud security was top of mind for many, and none more so than the Cloud Security Alliance. Founded last year, the CSA is promoting best practices for securing cloud environments and educating users as to how the cloud can help secure other forms of computing. To that end, the CSA has a list of the seven biggest security hurdles for enterprises looking to adopt cloud technologies. Though not quite the seven deadly sins, any of these can send an enterprise to a purgatory of data breaches, notifications and lawsuits. Here is the CSA's list of the security challenges and what do to about them.
- | | |
| Energizer Duo Trojan May Have Infected PCs for 3 Years |
|---|
A Trojan hidden within software for the Energizer Duo USB battery charger may have been around since May 2007, according to Symantec. The software, which affects Windows machines, has been taken off the market by Energizer. Fortunately, the Trojan can be fought with a few easy fixes.
- The backdoor Trojan bundled with software for the Energizer Duo USB battery charger may have been active for nearly three years, security researchers have found. According to Symantec's analysis, there is evidence that the Trojan dates back to May 10, 2007. quot;It's really impossible to say | | |
|
