Hackin9

InfoSec News

(c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
A dangerous flaw in Windows Common Controls affects multiple systems and software, including Office, SQL Server and Visual Basic 6.0 Runtime.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
Mozilla Firefox CVE-2012-1950 Address Bar URI Spoofing Vulnerability
 
Google Chrome Prior to 20.0.1132.57 Multiple Security Vulnerabilities
 
Google is hoping that when you go on your next vacation, you'll be relying not only on Google search and Maps but on Google's own content to go with you.
 
Siemens COMOS Remote Privilege Escalation Vulnerability
 
RETIRED: Adobe Acrobat and Reader APSB12-16 Advance Multiple Remote Vulnerabilities
 
Microsoft Windows Remote Administration Protocol (RAP) Remote Heap Buffer Overflow Vulnerability
 
Microsoft Windows Remote Administration Protocol (RAP) Remote Denial of Service Vulnerability
 
Microsoft Windows Common Controls ActiveX Control CVE-2012-1856 Remote Code Execution Vulnerability
 
While Samsung and Apple thrive in the overall smartphone market, the situation is uncertain, perhaps dire, for several cell-phone vendors, including Research In Motion, Nokia and Motorola. Which of the smartphone rivals is most endangered?
 
Skyera, a Silicon Valley startup, says it can make high-speed flash storage for enterprises cheaper than hard disks by using the low-grade chip technology found in thumb drives.
 
Apple dominated the global tablet market last quarter on the back of record sales, a research firm said today, and reclaimed a massive lead over rivals.
 
Microsoft has fixed 26 vulnerabilities in its software products, including several considered critical, the company said on Tuesday in its monthly security patch report.
 
IBM is opening its first research center in Africa, capping several years of international marketing by the Kenyan government and visits by IBM officials.
 
Data analytics firm Atigeo has released an online tool designed to help voters quickly research the positions of the two major U.S. presidential candidates on a wide range of election issues.
 
Microsoft's Surface for Windows RT tablet will sell for $199 when it ships on Oct. 26, according to an unnamed source in Engadget report.
 
Adobe Acrobat and Reader CVE-2012-4150 Memory Corruption Vulnerability
 
Adobe Acrobat and Reader CVE-2012-4151 Memory Corruption Vulnerability
 
-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Boundary is trying to reach more customers for its application performance monitoring service with a free version that has all the same features as the existing offering.
 
With the Mars rover's software successfully upgraded, Curiosity is a big step closer to beginning its mission of finding out whether life has ever existed on Mars.
 
Toshiba today confirmed what Microsoft intimated yesterday: It won't be delivering a Windows RT-based tablet anytime soon.
 
Overview of the August 2012 Microsoft patches and their status.



#
Affected
Contra Indications - KB
Known Exploits
Microsoft rating(**)
ISC rating(*)


clients
servers







MS12-052
Cumulative Security Update for Internet Explorer - Layout Memory Corruption Vulnerability
(Replaces MS12-037)



MSIE

CVE-2012-1526



KB 2722913
No publicly known exploits.
Severity:Critical

Exploitability: 1
Critical
Important





MS12-053
Vulnerability in Remote Desktop Could Allow Remote Code Execution
(Replaces MS12-036)



Remote Desktop

CVE-2012-2526



KB 2723135
No publicly known exploits.
Severity:Critical

Exploitability: 2
Critical
N/A





MS12-054
Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution
(Replaces MS08-067 MS09-022)



Windows Networking

CVE-2012-1850
CVE-2012-1851
CVE-2012-1852
CVE-2012-1853



KB 2733594
No publicly known exploits.
Severity:Critical

Exploitability: 1
Critical
Critical





MS12-055
Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevatin of Privilege
(Replaces MS12-047)



Windows Kernel Mode Drivers

CVE-2012-2527



KB 2731847
No publicly known exploits.
Severity:Important

Exploitability: 1
Important
Important





MS12-056
Vulnerability in JScript and VBScript Engines Could Allow Remote Code Execution
(Replaces MS11-031)



JScript and VBScript

CVE-2012-3408



KB 2706045
No publicly known exploits.
Severity:Important

Exploitability: 2
Critical
Important





MS12-057
Vulnerability in Microsoft Office Could Allow Remote Code Execution
(Replaces MS11-073 MS10-105)



Office

CVE-2012-2524



KB 2731879
No publicly known exploits.
Severity:Important

Exploitability: 3
Important
N/A





MS12-058
Vulnerability in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution


Exchange

CVE-2012-2525

CVE-2012-1767

CVE-2012-1773



KB 2740358
No publicly known exploits.
Severity:Critical

Exploitability: 1
N/A
Critical





MS12-059
Vulnerability in Microsoft Visio Could Allow Remote Code Execution
(Replaces MS11-089 MS12-031)



Visio

CVE-2012-1888



KB 2733918
No publicly known exploits.
Severity:Important

Exploitability: 1
Important
N/A






MS12-060
Vulnerability in Windows Common Controls Could Allow Remote Code Execution
(Replaces MS12-027)



MSCOMCTL.OCX

CVE-2012-1856



KB 2720573
No publicly known exploits. Threatpost indicates being actively exploited.
Severity:Critical

Exploitability: 1
Critical
Critical





We will update issues on this page for about a week or so as they evolve.

We appreciate updates

US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY

(*): ISC rating

We use 4 levels:

PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
Critical: Anything that needs little to become interesting for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
Important: Things where more testing and other measures can help.
Less Urgent: Typically we expect the impact if left unpatched to be not that big a deal in the short term. Do not forget them however.


The difference between the client and server rating is based on how you use the affected machine. We take into account the typical client and server deployment in the usage of the machine and the common measures people typically have in place already. Measures we presume are simple best practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threat for affected systems. The rating does not account for the number of affected systems there are. It is for an affected system in a typical worst-case role.
Only the organization itself is in a position to do a full risk analysis involving the presence (or lack of) affected systems, the actually implemented measures, the impact on their operation and the value of the assets involved.
All patches released by a vendor are important enough to have a close look if you use the affected systems. There is little incentive for vendors to publicize patches that do not have some form of risk to them.

(**): The exploitability rating we show is the worst of them all due to the too large number of ratings Microsoft assigns to some of the patches.

--

-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Microsoft has given a makeover to its SkyDrive cloud storage service, including a new Web interface, as well as improvements to its desktop applications and developer API, the company announced on Tuesday.
 
IBM Rational Directory Server Multiple Security Vulnerabilities
 
The Certification Authority Browser Forum will temporarily have to do without members such as RSA and RIM. Their exit is in response to the organisation's new intellectual property rights policy, which prioritises license-free standards for the certification market


 
[security bulletin] HPSBUX02805 SSRT100919 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
 
[security bulletin] HPSBMU02803 SSRT100926 rev.1 - HP Service Manager and HP Service Center Web Tier, Remote Cross Site Scripting (XSS)
 
[security bulletin] HPSBMU02800 SSRT100921 rev.1 - HP Service Manager and HP Service Center Server, Remote Denial of Service (DoS)
 
[security bulletin] HPSBMU02802 SSRT100923 rev.1 - HP Fortify Software Security Center, Remote Disclosure of Privileged Information
 
A survey by SearchSecurity.com shows that 64% of companies have a written mobile device security policy.

Add to digg Add to StumbleUpon Add to del.icio.us Add to Google
 
While Samsung and Apple thrive in the overall smartphone market, the situation is uncertain, perhaps dire, for several cell-phone vendors, including Research In Motion, Nokia and Motorola.
 
Kaspersky Lab today appealed for help from top-notch cryptographers to help it break the encryption of a still-mysterious warhead delivered by the Gauss cyber-surveillance malware
 
Despite their best efforts, the security researchers at Kaspersky have so far been unable to crack an encrypted payload used by the Gauss trojan. The team is now asking for help from the cryptography community to decrypt the module


 
TCExam Edit SQL Injection
 
[Announcement] ClubHack Magazine's Aug 2012 Issue Released
 
GreHack 2012 - LAST Call For Papers (Grenoble, France) till 15th August 2012
 
Google Currents, the free news-reading app for iPhone and iPad, is elegant and useful. But the app from Google suffers from a perplexing failure to integrate more fully with Google's RSS-reading service.
 
IT has always feared risk and uncertainty. But to get BI right, it is going to have to embrace them.
 
Yammer has upgraded its cloud-based enterprise social networking software with new and improved features designed to make it easier for end users to manage their content.
 
Calligra has published the second stable release of its open source suite that includes word processing, spreadsheets and a sketching program.
 
-- Rick Wanner - rwanner at isc dot sans dot org - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected) (c) SANS Internet Storm Center. http://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
 
Hewlett-Packard is readying three new software capabilities that are designed to help enterprises pool their computing and storage resources across a network.
 
NSS Labs, which tests security products, today introduced what it's calling the 'Security Value Map,' a graphical evaluation of security gear based on the relative merit of each product's technical and cost advantage.
 
A critical vulnerability in the Zend Framework can be exploited by remote attackers to read private information such as customer data including complete order histories from online shops using the eBay-owned Magento eCommerce platform


 
The lastest release of the security-oriented Linux distribution adds over 60 new tools to its collection. For the first time, it also includes tools for "physical exploitation" through Arduinos and other development boards


 
Fetchmail NTLM Authentication Debug Mode Remote Denial of Service Vulnerability
 
Competition Commission of India, the country's antitrust agency, is investigating Google for alleged anti-competitive practices following a complaint by a consumer watchdog group.
 
Mac owners want Microsoft to update Office for Mac so it supports Retina-equipped MacBook Pros because they say the suite is unusable as it is
 
Android continued to increase its dominance of the smartphone market during the second quarter, powered by Samsung's success. Competitor Apple in contrast struggled somewhat as consumers held out for the next iteration of the iPhone, Gartner said on Tuesday.
 
A security vulnerability in Oracle's database servers which was recently revealed at the Black Hat conference has been fixed by a patch released outside of the normal four-monthly patch cycle


 
NASA's Mars Curiosity rover is three-quarters of the way through a major software upgrade NASA has dubbed a "brain transplant."
 

Posted by InfoSec News on Aug 14

http://www.washingtontimes.com/news/2012/aug/10/executive-branch-porn-problem/

By Lori Handrahan
The Washington Times
August 10, 2012

Allen W. Dulles, former director of the Central Intelligence Agency
(CIA) wrote in “The Craft of Intelligence,” “sex and hard-headed
intelligence operations rarely mix well.” Perhaps the boys at the
Pentagon need a refresher course.

This past week, the Pentagon's Missile Defense Agency warned its...
 

Posted by InfoSec News on Aug 14

http://www.technologyreview.com/news/428477/the-iphone-has-passed-a-key-security-threshold/

By Simson L. Garfinkel
Technology Review
August 13, 2012

Less than a month after Apple first shipped the iPhone in June 2007, a
group called Independent Security Evaluators documented deep security
design flaws in the device. Apple's most embarrassing flub: every iPhone
application that Apple had written ran with so-called root privileges,...
 

Posted by InfoSec News on Aug 14

http://www.bloomberg.com/news/2012-08-14/hong-kong-exchanges-denies-report-of-printer-hacking-attack-1-.html

By Nick Gentle
Bloomberg.com
Aug 13, 2012

Hong Kong Exchanges & Clearing Ltd. (BNWEXCH), the second-largest bourse
operator by market value, said errors at a printer, not hackers, were
behind the erroneous filing of three documents under the wrong
companies’ tickers on Sunday.

Lijun International Pharmaceutical Holding Ltd....
 

Posted by InfoSec News on Aug 14

http://www.nypost.com/p/news/local/beach_of_security_myuqHts7oxoZxoQWFyljyJ

By PHILIP MESSING and ERIN CALABRESE
NYPOST.com
August 12, 2012

Some safety net.

A stranded jet-skier seeking help effortlessly overcame the Port
Authority’s $100 million, supposedly state-of-the-art security system at
JFK Airport — walking undetected across two runways and into a terminal,
The Post has learned.

Motion sensors and closed-circuit cameras of the...
 

Posted by InfoSec News on Aug 14

http://www.networkworld.com/news/2012/081312-fidelis-george-261593.html

By John Dix
Network World
August 13, 2012

Fidelis Security Systems has an interesting perspective on the world of
security, working, as it does, with the U.S. government to keep other
countries from prying into some of our nation's most critical networks.
Now that many of those same countries are after intellectual property
housed by enterprise shops, commercial...
 
Quick Post Widget Plugin Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
 
Cyclope Employee Surveillance Solution 'username' Parameter SQL Injection Vulnerability
 
Salesforce.com plans to announce a new application on Tuesday that lets companies create enterprise social networks where they can interact with customers and partners.
 
Internet Storm Center Infocon Status