No Image

USN-3156-1: APT vulnerability

2016-12-14 KENNETH 0

USN-3156-1: APT vulnerability Ubuntu Security Notice USN-3156-1 13th December, 2016 apt vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.10 Ubuntu 16.04 LTS Ubuntu 14.04 LTS Summary An attacker could trick APT into installing altered packages. Software description apt – Advanced front-end for dpkg Details Jann Horn discovered that APT incorrectly handled InRelease files.If a remote attacker were able to perform a man-in-the-middle attack, thisflaw could potentially be used to install altered packages. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 16.10: apt 1.3.2ubuntu0.1 Ubuntu 16.04 LTS: apt 1.2.15ubuntu0.2 Ubuntu 14.04 LTS: apt 1.0.1ubuntu2.17 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. In general, a standard system update will make all the necessary changes. References CVE-2016-1252 Source: USN-3156-1: APT vulnerability

New features arrive in Microsoft Photos on Windows 10

2016-12-14 KENNETH 0

New features arrive in Microsoft Photos on Windows 10 Focusing on the Creators in all of Us Since I was a kid, I have been drawn to computers because of what they enable each of us to make, to create. Recently Microsoft announced new hardware such as the Surface Studio and Dial, the Windows 10 Creators update, and new software such as Paint 3D, all focused on creators. Creation is a theme that extends across our suite of experiences, including the Photos app that comes with Windows 10. We have now made available the next step in this creator’s journey with an update to Microsoft Photos. We’re making it fun to view all your digital memories in photo or video form, with a refreshed user experience that makes it pleasant to browse your collection. We’ve updated the way you edit [ more… ]

No Image

December 2016 security update release

2016-12-14 KENNETH 0

December 2016 security update release Today we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to apply security updates as soon as they are released. More information about this month’s security updates and advisories can be found in the Security TechNet Library. MSRC team Source: December 2016 security update release

No Image

MS16-146 – Critical: Security Update for Microsoft Graphics Component (3204066) – Version: 1.0

2016-12-14 KENNETH 0

MS16-146 – Critical: Security Update for Microsoft Graphics Component (3204066) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (December 13, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if a user either visits a specially crafted website or opens a specially crafted document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Source: MS16-146 – Critical: Security Update for Microsoft Graphics Component (3204066) – Version: 1.0

No Image

MS16-144 – Critical: Cumulative Security Update for Internet Explorer (3204059) – Version: 1.0

2016-12-14 KENNETH 0

MS16-144 – Critical: Cumulative Security Update for Internet Explorer (3204059) – Version: 1.0 Severity Rating: CriticalRevision Note: V1.0 (December 13, 2016): Bulletin published.Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Source: MS16-144 – Critical: Cumulative Security Update for Internet Explorer (3204059) – Version: 1.0