Hackin9

Oracle is no longer supporting Java for Windows XP and will only support Windows Vista or later. Java 8 is not supported for Windows XP and users will be unable to install on their systems. Oracle warns "Users may still continue to use Java 7 updates on Windows XP at their own risk" [1]

[1] https://www.java.com/en/download/faq/winxp.xml
[2] http://www.oracle.com/us/support/library/057419.pdf

-----------

Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
php-gd 'gdxpm.c' NULL Pointer Dereference Denial of Service Vulnerability
 

InfoSec Skills launches cyber security skills programme
SC Magazine UK
The National Crime Agency, GCHQ and InfoSec Skills Ltd are embarking on a new scheme to help close the national 'skills gap' in information security. Together they have produced an ISM Skills Draft which opened to the UK public yesterday. It will train ...

and more »
 
There are many times when your iPhone camera flash just isn't up for the job. Either you need light from a different angle (ever notice how phone-based flashes tend to wash out the subject?) or you need a warmer or cooler flash than your iPhone provides. You, my friend, might be interested in the Nova, a Bluetooth LE flash.
 
Two SQL injection vulnerabilities were patched in Ruby on Rails, a popular open-source Web development framework used by some high-profile websites.
 
Lunar CMS Cross Site Request Forgery and Multiple HTML Injection Vulnerabilities
 
Xen CVE-2014-4021 Information Disclosure Vulnerability
 
Debian Apt-Cacher NG CVE-2014-4510 Cross Site Scripting Vulnerability
 

Microsoft have published the 'heads-up' for this months patching party, with six bulletins two of which are flagged as being critical in nature.

 

For more details, go their notification, but for a quick look, I've reproduced their table below:

Bulletin ID

Maximum Severity Rating and Vulnerability Impact

Restart Requirement

Affected Software

Bulletin 1

Critical 
Remote Code Execution

Requires restart

Microsoft Windows, 
Internet Explorer

Bulletin 2

Critical 
Remote Code Execution

May require restart

Microsoft Windows

Bulletin 3

Important 
Elevation of Privilege

Requires restart

Microsoft Windows

Bulletin 4

Important 
Elevation of Privilege

Requires restart

Microsoft Windows

Bulletin 5

Important 
Elevation of Privilege

May require restart

Microsoft Windows

Bulletin 6

Moderate 
Denial of Service

Does not require restart

Microsoft Server Software

 

 

Steve Hall ISC Handler www.tarkie.net

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
[security bulletin] HPSBMU03051 rev.2 - HP System Management Homepage running OpenSSL on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information
 
WordPress Simple Share Buttons Adder Plugin Multiple Security Vulnerabilities
 
Thomson TWG87OUIR Router '/goform/RgSecurity' Cross Site Request Forgery Vulnerability
 
Cisco NX-OS Software CVE-2013-6975 Directory Traversal Vulnerability
 
Microsoft has begun rolling out the one terabyte of storage it promised to users of OneDrive for Business two months ago.
 
Samsung Electronics has asked a court in California to hold invalid claims of two Apple patents in the wake of a U.S. Supreme Court decision that tightened standards for patentability.
 
A NSA spying tool is configured to snoop on an array of privacy programs used by journalists and dissidents, according to an analysis of never-before-seen code leaked by an unknown source.
 
Internet Storm Center Infocon Status