[월:] 2016년 02월

No Image

MS15-015 – Critical: Security Update for Microsoft Office to Address Remote Code Execution (3134226) – Version: 1.0

2016-02-09 KENNETH 0

Severity Rating: CriticalRevision Note: V1.0 (February 9, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Source: ms-security

No Image

MS16-017 – Important: Security Update for Remote Desktop Display Driver to Address Elevation of Privilege (3134700) – Version: 1.0

2016-02-09 KENNETH 0

Severity Rating: ImportantRevision Note: V1.0 (February 9, 2016): Bulletin published.Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an authenticated attacker logs on to the target system using RDP and sends specially crafted data over the connection. By default, RDP is not enabled on any Windows operating system. Systems that do not have RDP enabled are not at risk. Source: ms-security

No Image

USN-2880-2: Firefox regression

2016-02-09 KENNETH 0

Ubuntu Security Notice USN-2880-2 8th February, 2016 firefox regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary USN-2880-1 introduced a regression in Firefox. Software description firefox – Mozilla Open Source web browser Details USN-2880-1 fixed vulnerabilities in Firefox. This update introduced aregression which caused Firefox to crash on startup with some configurations.This update fixes the problem. We apologize for the inconvenience. Original advisory details: Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman, Carsten Book, Randell Jesup, Nicolas Pierron, Eric Rescorla, Tyson Smith, and Gabor Krizsanits discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges [ more… ]