No Image

Announcing General Availability of Microsoft Edge WebView2 for .NET and Fixed Version distribution mode

2020-11-21 KENNETH 0

Announcing General Availability of Microsoft Edge WebView2 for .NET and Fixed Version distribution mode Today, we are excited to announce that Microsoft Edge WebView2 is now generally available for use in production .NET 5, .NET Core, and .NET Framework WinForms and WPF applications on existing Windows versions! Additionally, we are thrilled to announce that WebView2’s Fixed Version distribution mode is also generally available for production applications. Previously, at Build, we introduced the .NET preview of WebView2, Microsoft’s latest browser control built on the new Chromium-based Microsoft Edge that renders web content (HTML / CSS / JavaScript) in .NET applications. In October, we announced that WebView2 would be generally available for Win32 C/C++ applications. We want to thank all of our early users and developers that engaged with us throughout the WebView2 Preview period. The tremendous amount of support and enthusiasm [ more… ]

AWS Network Firewall — VPC 기반 새로운 관리형 방화벽 서비스 출시

2020-11-21 KENNETH 0

AWS Network Firewall — VPC 기반 새로운 관리형 방화벽 서비스 출시 AWS 고객은 클라우드에서 가상 네트워크를 보호하기 위해 가용성과 확장성이 뛰어난 방화벽 서비스를 원합니다. AWS는 보안을 최우선으로 하며, Amazon Elastic Compute Cloud(EC2) 인스턴스를 보호하는 보안 그룹, Amazon Virtual Private Cloud(VPC) 서브넷을 보호하는 네트워크 ACL, Amazon CloudFront에서 실행되는 웹 애플리케이션을 보호하는 AWS 웹 애플리케이션 방화벽(WAF), Application Load Balancer(ALB) 또는 Amazon API Gateway, DDoS(분산 서비스 거부) 공격으로부터 보호하는 AWS Shield 등 AWS에서 특정한 보안 요구 사항을 해결하는 다양한 방화벽 기능을 제공합니다. 사용하는 AWS 서비스에 관계없이 워크로드의 모든 리소스에서 네트워크 보안을 보다 쉽게 확장할 수 있는 방법을 원한다는 고객들의 요구가 많았습니다. 또한 고객들은 고유한 워크로드를 보호하거나 정부 규정 또는 상업 규정을 준수하기 위해 맞춤형 보호 기능을 원합니다. 이러한 고객은 아웃바운드 흐름에 대한 URL 필터링, IP/포트/프로토콜 이외의 패킷 데이터에 대한 패턴 일치, HTTP/S 이외의 프로토콜에 대한 특정 취약성에 대해 경고하는 기능 등을 사용할 수 [ more… ]

No Image

USN-4637-2: Firefox vulnerabilities

2020-11-20 KENNETH 0

USN-4637-2: Firefox vulnerabilities USN-4637-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubuntu 16.04 LTS. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks, conduct cross-site scripting (XSS) attacks, bypass Content Security Policy (CSP) restrictions, conduct DNS rebinding attacks, or execute arbitrary code. Source: USN-4637-2: Firefox vulnerabilities

Finish up that holiday shopping with new features from Microsoft Edge and Bing

2020-11-20 KENNETH 0

Finish up that holiday shopping with new features from Microsoft Edge and Bing The end of the year is almost here and for me it’s a time to reflect on everything our team has accomplished, celebrate successes and prepare for the year ahead. We launched the new Microsoft Edge last January and since that time we’ve come a long way – but we’re just getting started. With the new Microsoft Edge we’re challenging the status quo when it comes to the web and the browser, focusing on better privacy, stronger performance, saving time and providing value back. With December only two weeks away, there’s no more putting off the decorating, the cooking and the holiday shopping. This holiday, many of us are trying to keep our family traditions alive, even at a distance, while saving money where we can (myself [ more… ]

No Image

USN-4639-1: phpMyAdmin vulnerabilities

2020-11-20 KENNETH 0

USN-4639-1: phpMyAdmin vulnerabilities It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. (CVE-2018-19968) It was discovered that phpMyAdmin incorrectly handled user input. An attacker could possibly use this for an XSS attack. (CVE-2018-19970) It was discovered that phpMyAdmin mishandled certain input. An attacker could use this vulnerability to execute a cross-site scripting (XSS) attack via a crafted URL. (CVE-2018-7260) It was discovered that phpMyAdmin failed to sanitize certain input. An attacker could use this vulnerability to execute an SQL injection attack via a specially crafted database name. (CVE-2019-11768) It was discovered that phpmyadmin incorrectly handled some requests. An attacker could possibly use this to perform a CSRF attack. (CVE-2019-12616) It was discovered that phpMyAdmin failed to sanitize [ more… ]