No Image

USN-3232-1: ImageMagick vulnerabilities

2017-03-15 KENNETH 0

USN-3232-1: ImageMagick vulnerabilities Ubuntu Security Notice USN-3232-1 14th March, 2017 imagemagick vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in ImageMagick. Software description imagemagick – Image manipulation programs and library Details It was discovered that ImageMagick incorrectly handled certain malformedimage files. If a user or automated system using ImageMagick were trickedinto opening a specially crafted image, an attacker could exploit this tocause a denial of service or possibly execute code with the privileges ofthe user invoking the program. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: libmagick++-6.q16-5v5 8:6.8.9.9-7ubuntu8.5 imagemagick 8:6.8.9.9-7ubuntu8.5 libmagickcore-6.q16-2-extra 8:6.8.9.9-7ubuntu8.5 imagemagick-6.q16 8:6.8.9.9-7ubuntu8.5 libmagickcore-6.q16-2 8:6.8.9.9-7ubuntu8.5 Ubuntu 16.04 LTS: libmagick++-6.q16-5v5 8:6.8.9.9-7ubuntu5.6 imagemagick 8:6.8.9.9-7ubuntu5.6 libmagickcore-6.q16-2-extra 8:6.8.9.9-7ubuntu5.6 imagemagick-6.q16 8:6.8.9.9-7ubuntu5.6 libmagickcore-6.q16-2 8:6.8.9.9-7ubuntu5.6 [ more… ]

No Image

March 2017 security update release

2017-03-15 KENNETH 0

March 2017 security update release Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide.  Security bulletins were also published this month to give customers extra time to ensure they are ready to transition their processes. MSRC team       Source: March 2017 security update release

No Image

MS17-016 – Important: Security Update for Windows IIS (4013074) – Version: 1.0

2017-03-15 KENNETH 0

MS17-016 – Important: Security Update for Windows IIS (4013074) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (March 14, 2017): Click here to enter text.Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker with access to the local system executes a malicious application. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Source: MS17-016 – Important: Security Update for Windows IIS (4013074) – Version: 1.0

No Image

MS17-014 – Important: Security Update for Microsoft Office (4013241) – Version: 1.0

2017-03-15 KENNETH 0

MS17-014 – Important: Security Update for Microsoft Office (4013241) – Version: 1.0 Severity Rating: ImportantRevision Note: V1.0 (March 14, 2017): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Source: MS17-014 – Important: Security Update for Microsoft Office (4013241) – Version: 1.0

No Image

MS17-023 – Critical: Security Update for Adobe Flash Player (4014329) – Version: 1.0

2017-03-15 KENNETH 0

MS17-023 – Critical: Security Update for Adobe Flash Player (4014329) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (March 14, 2017): Bulletin published.Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10. Source: MS17-023 – Critical: Security Update for Adobe Flash Player (4014329) – Version: 1.0