[월:] 2019년 09월

No Image

MSRC is going to ROOTCON!

2019-09-24 KENNETH 0

MSRC is going to ROOTCON! The Microsoft Security Response Center (MSRC) works with partners all over the world to protect Microsoft customers. This week we’re headed to the Philippines to meet security researchers and bounty hunters at ROOTCON 13! Planning on attending ROOTCON? If you want to learn more about how you can earn rewards for reporting vulnerabilities to Microsoft … MSRC is going to ROOTCON! Read More » The post MSRC is going to ROOTCON! appeared first on Microsoft Security Response Center. Source: MSRC is going to ROOTCON!

No Image

WordPress 5.3 Beta 1

2019-09-24 KENNETH 0

WordPress 5.3 Beta 1 WordPress 5.3 Beta 1 is now available! This software is still in development, so we don’t recommend running it on a production site. Consider setting up a test site to play with the new version. You can test the WordPress 5.3 beta in two ways: Try the WordPress Beta Tester plugin (choose the “bleeding edge nightlies” option) Or download the beta here (zip). WordPress 5.3 is slated for release on November 12, 2019, and we need your help to get there. Here are some of the big items to test, so we can find and resolve as many bugs as possible in the coming weeks. Block Editor: features and improvements Twelve releases of the Gutenberg plugin are going to be merged into 5.3 which means there’s a long list of exciting new features.  Here are just [ more… ]

No Image

USN-4137-1: Mosquitto vulnerability

2019-09-24 KENNETH 0

USN-4137-1: Mosquitto vulnerability Mosquitto vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Summary Mosquitto could be made to crash or run programs if it received specially crafted network traffic. Software Description mosquitto – MQTT version 3.1⁄3.1.1 compatible message broker Details It was discovered that Mosquitto incorrectly handled certain specially crafted input and network packets. A remote attacker could use this to cause a denial of service. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 libmosquitto1 – 1.5.7-1ubuntu0.1 libmosquittopp1 – 1.5.7-1ubuntu0.1 mosquitto – 1.5.7-1ubuntu0.1 mosquitto-clients – 1.5.7-1ubuntu0.1 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2019-11779 Source: USN-4137-1: Mosquitto vulnerability

Windows 10 Tip: Text suggestions expands language support

2019-09-24 KENNETH 0

Windows 10 Tip: Text suggestions expands language support Editor’s note: We’re back with the latest batch of weekly Windows 10 tips posts, which highlight some of the many helpful features that come with the Windows 10 May 2019 Update. We’ve been working hard behind the scenes to make your daily life easier with a streamlined update process, as well as clean and simple experiences for your desktop. Text suggestions for the hardware keyboard is a learning tool originally introduced in RS4, and with RS5 it has expanded language support. If you’d like to try it out in one of the supported languages, you can do so by enabling the  “Show text suggestions as I type”  feature under  Settings > Devices > Typing. Check it out in action, in Hungarian: Here is the list of languages added in this update: Afrikaans (South [ more… ]

No Image

USN-4134-2: IBus regression

2019-09-23 KENNETH 0

USN-4134-2: IBus regression ibus regression A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 19.04 Ubuntu 18.04 LTS Ubuntu 16.04 LTS Summary USN 4134-1 introduced a regression in IBus. Software Description ibus – Intelligent Input Bus – core Details USN-4134-1 fixed a vulnerability in IBus. The security fix introduced a regression when being used with Qt applications. This update reverts the security fix pending further investigation. Original advisory details: Simon McVittie discovered that IBus did not enforce appropriate access controls on its private D-Bus socket. A local unprivileged user who discovers the IBus socket address of another user could exploit this to capture the key strokes of the other user. Update instructions The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04 ibus – 1.5.19-1ubuntu2.2 Ubuntu 18.04 LTS ibus – 1.5.17-3ubuntu5.2 [ more… ]