2017년 01월 – 페이지 34 – 지락문화예술공작단

신규 Price List API 서비스 확대 및 알림 기능 추가

2017-01-11 KENNETH 0

신규 Price List API 서비스 확대 및 알림 기능 추가 AWS 고객 및 파트너로 부터 AWS 서비스 가격 정보를 자동으로 얻기 위한 방법에 대한 요구가 많았습니다. 이러한 고객 요구에 대해 지난해 12 월 13가지 AWS 서비스 요금을 대상으로 AWS Price List API를 발표했습니다. 본 API는 JSON 및 CSV 형식으로 요금표 데이터를 제공 및 다운로드 가능하며, AWS 서비스 요금을 상세하게 문의하실 수 있습니다. 본 요금표 API는 Amazon SNS 알림을 통해 요금 변경의 업데이트 정보를 받을 수 있습니다. AWS Price List API 서비스 확대 지난 3 개월 동안 AWS Price List API 서비스를 확장하고 모든 AWS 서비스에 대한 요금표 데이터를 제공합니다. 클라우드 기반 솔루션을 구축하거나 온프레미스에서 마이그레이션하기 위한 비용 분석이 필요한 고객은 AWS 서비스 요금표에 보다 쉽게 액세스 할 수 있습니다. 이를 통해 고객과 파트너는 클라우드 솔루션 예산, 예측 및 계획을 효율적으로 관리 할 수 있습니다. AWS Price List API 확장 뿐만 [ more… ]

USN-3166-1: WebKitGTK+ vulnerabilities

2017-01-11 KENNETH 0

USN-3166-1: WebKitGTK+ vulnerabilities Ubuntu Security Notice USN-3166-1 10th January, 2017 webkit2gtk vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in WebKitGTK+. Software description webkit2gtk – JavaScript engine library from WebKitGTK+ – GObject introspection Details A large number of security issues were discovered in the WebKitGTK+ Web andJavaScript engines. If a user were tricked into viewing a maliciouswebsite, a remote attacker could exploit a variety of issues related to webbrowser security, including cross-site scripting attacks, denial of serviceattacks, and arbitrary code execution. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.04 LTS: libwebkit2gtk-4.0-37 2.14.2-0ubuntu0.16.04.1 libjavascriptcoregtk-4.0-18 2.14.2-0ubuntu0.16.04.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. This update uses a new upstream release, which includes additional bugfixes. After a standard [ more… ]

Introducing support for Content Security Policy Level 2

2017-01-11 KENNETH 0

Introducing support for Content Security Policy Level 2 We are happy to introduce support for Content Security Policy Level 2 (CSP2) in Microsoft Edge, another step in our ongoing commitment to make Microsoft Edge the safest and most secure browser for our customers. CSP2, when used correctly, is an effective defense-in-depth mechanism against cross site scripting and content injection attacks. This is available in the Insider Fast ring now starting with EdgeHTML 15.15002, and will ship to stable builds with the Windows 10 Creators Update. Microsoft Edge 15.15002 on the CSP Browser Test Content Security Policy, supported in all versions of Microsoft Edge, lets web developers lock down the resources that can be used by their web application, helping prevent cross-site scripting attacks that remain a common vulnerability on the web. However, the first version of Content Security Policy was [ more… ]

January 2017 security update release

2017-01-11 KENNETH 0

January 2017 security update release Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC team Source: January 2017 security update release

MS17-003 – Critical: Security Update for Adobe Flash Player (3214628) – Version: 1.0

2017-01-11 KENNETH 0

MS17-003 – Critical: Security Update for Adobe Flash Player (3214628) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (January 10, 2017): Bulletin published.Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10. Source: MS17-003 – Critical: Security Update for Adobe Flash Player (3214628) – Version: 1.0