2016년 03월 – 페이지 39 – 지락문화예술공작단

USN-2904-1: Thunderbird vulnerabilities

2016-03-08 KENNETH 0

USN-2904-1: Thunderbird vulnerabilities Ubuntu Security Notice USN-2904-1 8th March, 2016 thunderbird vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 15.10 Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in Thunderbird. Software description thunderbird – Mozilla Open Source mail and newsgroup client Details Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectlyallowed MD5 to be used for TLS 1.2 connections. If a remote attacker wereable to perform a man-in-the-middle attack, this flaw could be exploited toview sensitive information. (CVE-2015-7575) Yves Younan discovered that graphite2 incorrectly handled certain malformedfonts. If a user were tricked into opening a specially crafted website in abrowsing context, an attacker could potentially exploit this to cause adenial of service via application crash, or execute arbitary code with theprivileges of the user invoking Thunderbird. (CVE-2016-1523) Bob Clary, Christian Holler, [ more… ]

MS16-023 – Critical: Cumulative Security Update for Internet Explorer (3142015) – Version: 1.0

2016-03-08 KENNETH 0

MS16-023 – Critical: Cumulative Security Update for Internet Explorer (3142015) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (March 8, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Internet Explorer. The more severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Source: MS16-023 – Critical: Cumulative Security Update for Internet Explorer (3142015) – Version: 1.0

MS16-MAR – Microsoft Security Bulletin Summary for March 2016 – Version: 1.0

2016-03-08 KENNETH 0

MS16-MAR – Microsoft Security Bulletin Summary for March 2016 – Version: 1.0 Revision Note: V1.0 (March 8, 2016): Bulletin Summary published. Summary: This bulletin summary lists security bulletins released for March 2016. Source: MS16-MAR – Microsoft Security Bulletin Summary for March 2016 – Version: 1.0

MS16-027 – Critical: Security Update for Windows Media to Address Remote Code Execution (3143146) – Version: 1.0

2016-03-08 KENNETH 0

MS16-027 – Critical: Security Update for Windows Media to Address Remote Code Execution (3143146) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (March 8, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote code execution if a user opens specially crafted media content that is hosted on a website. Source: MS16-027 – Critical: Security Update for Windows Media to Address Remote Code Execution (3143146) – Version: 1.0

MS16-034 – Important: Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145) – Version: 1.0

2016-03-08 KENNETH 0

MS16-034 – Important: Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (March 8, 2016): Click here to enter text.Summary: This security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow elevation of privilege if an attacker logs on to the system and runs a specially crafted application. Source: MS16-034 – Important: Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege (3143145) – Version: 1.0