Unsolved
This post is more than 5 years old
3 Apprentice
•
15.3K Posts
0
30395
Updates - 10/12/2010: "Patch Tuesday", Opera, Java
Today is "Microsoft Tuesday" (aka "Patch Tuesday") --- the SECOND Tuesday of the month --- on which Microsoft is expected to release its monthly cycle of Windows/critical security updates. Based on past history, they should become available at 1 P.M. (Eastern USA Daylight Saving Time).
Please use Microsoft (or Automatic) updates to determine precisely which updates --- if any --- are applicable to your particular system.
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
October 12th, 2010 06:00
The following has been copied/pasted from http://secunia.com/advisories/41740/
Description
Multiple [highly critical] vulnerabilities have been reported in Opera, which can be exploited by malicious people to bypass certain security restrictions or conduct spoofing and cross-site scripting attacks.
1) A combination of cross-domain content inclusion being allowed and the manner in which the CSS parser is fault-tolerant when processing content can be exploited to bypass cross-domain checks and obtain sensitive information from a web page in another domain.
2) An error when altering the size of the browser window may cause the wrong part of the URL of a web page to be displayed.
3) An error in the handling of reloads and redirects combined with caching may result in scripts executing in the wrong security context. This can be exploited to spoof the address bar or conduct cross-site scripting attacks.
Successful exploitation of this vulnerability allows manipulating Opera's configuration with minimal user interaction to execute arbitrary code.
4) In certain cases the origin of video content may not be checked, which may result in videos from unrelated sites being used as HTML5 canvas content without protecting it from scripts. This can be exploited to intercept private video streams.
Successful exploitation of this vulnerability requires that the address is known and that a user is tricked into opening a specially crafted web page.
5) An error when handling invalid URLs may in certain cases be exploited to execute arbitrary script code in the context of another domain if a linked, invalid URL displayed in an error page runs script code.
Successful exploitation of this vulnerability requires that a user interacts with a specially crafted error page.
The vulnerabilities are reported in versions prior to 10.63.
Solution
Update to version 10.63.
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
October 12th, 2010 06:00
the Opera change-log, copied/pasted from http://www.opera.com/docs/changelogs/windows/1063/
User interface
Fixed
wmode="transparent"
Display and scripting
Improved
Content-Disposition
extended parametersFixed
element
data
orsrc
attribute on a focused and highlightedelement with dirty layout
Miscellaneous
Improved
Fixed
Content-Disposition: attachment
directly in OperaSecurity
Fixes
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
October 12th, 2010 06:00
Windows Malicious Software Removal Tool (MSRT) for October, version 3.12
32-bit version, for Win 7/Vista/Server 2003/ XP http://www.microsoft.com/downloads/en/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356
x64-bit version http://www.microsoft.com/downloads/en/details.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
October 12th, 2010 11:00
the following updates are rated CRITICAL:
MS10-071 Cumulative Security Update for Internet Explorer (2360131)
MS10-075 Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679)
MS10-076 Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132)
MS10-077 Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841)
----------------
The following updates are rated IMPORTANT:
MS10-072 Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048)
MS10-073 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957)
MS10-078 Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986)
MS10-079 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194)
MS10-080 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211)
MS10-081 Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011)
MS10-082 Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111)
MS10-083 Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882)
MS10-085 Vulnerability in SChannel Could Allow Denial of Service (2207566)
--------
the following updates are rated MODERATE:
MS10-074 Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149)
MS10-086 Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255)
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
October 12th, 2010 11:00
As should be apparent, we have a WHOPPER of an update today...
on this first PC i'm updating (XP SP3), it found 15 updates ---- totaling 47.4 MEG (including 5 updates for Office 2003/2007)
EDIT: on a 2nd PC (also XP SP3), found 10 updates --- 24.2 MEG (without anything for Office).
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
October 12th, 2010 13:00
This month's MSRT (cited above) adds detection/removal of Win32/Zbot ,
joe53
2 Intern
2 Intern
•
5.8K Posts
0
October 12th, 2010 15:00
Sun Java (JRE) Security Update v1.6.0_22 available
v1.6.0_22 Release Notes: http://www.oracle.com/technetwork/java/javase/6u22releasenotes-176121.html
Full Updating instructions are here: http://aumha.net/viewtopic.php?f=26&t=44617
Note: I do not need or use Sun Java (JRE), nor do I recommend it for those that don't need it, as it is a frequent target for hackers. Most people have it installed, and if you use it, should keep it up to date.
Bugbatter
3 Apprentice
3 Apprentice
•
20.5K Posts
0
October 13th, 2010 12:00
Some details from Kaspersky Lab Security News Service on the Sun Java (JRE) update:
http://threatpost.com/en_us/blogs/oracle-fixes-29-bugs-huge-java-update-101310
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
October 13th, 2010 12:00
Sound advice, with which the experts certainly agree. I've also uninstalled Java long ago.
Java: Should it stay or should it go?
Java: A Gift to Exploit Pack Makers
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
October 13th, 2010 13:00
I'm also on record ---- along with Joe & Red Dawn --- as a former Java "user" who has removed it from my systems.
That's not to say I never found a use for Java... a primary example is the Secunia OSI (ONLINE System Inspector)... which will NOT run without Java. However, Secunia's PSI (PERSONAL Software Inspector) does everything the Online version does ---- and MORE ---- withOUT using Java. (The PSI uses Flash, and that's another matter).
As an experiment, I first disabled java for a few weeks... and ultimately, removed it... after I realized that my routine surfing patterns did NOT access any sites that made any significant use of Java. I typically visit secure online banking / credit-card / brokerage sites, forums (like DELL, Avast), and yes, Facebook :emotion-4:... ALL of which work just fine withOUT java. [If memory serves me, I did ultimately stumble upon two sites that in fact used Java... but as these were "one-time" visits, and the information therein wasn't really critical to me, I saw no reason to re-install Java for these "flukes".] In short, I have no regrets about removing Java... and have in fact "gained", in that (1) my system is no longer subject to java exploits, and (2) I am no longer "burdened" to keep Java up-to-date every time Oracle/Sun releases a new version.
I cannot assert unequivocally that all java "users" will be as fortunate... perhaps YOUR bank site might in fact invoke java. Some people may indeed find essential uses for Java. For example, after following my lead for several months, my wife attempted to do something on Ebay (or maybe it was Half.com ) that wouldn't proceed until she (re-)installed Java... which she easily did at that point. I'll also mention that certain aspects of OpenOffice ... an OFFLINE program suite (cloning Microsoft Office)... uses Java for SOME of its features (such as its "wizards"). In particular, its (data)BASE module allegedly uses java extensively. But much of its WRITER and CALC modules can run withOUT java.
So I am glad to see Brian Krebs article (cited by Red Dawn above) suggesting people consider removing java... unless/until they have an actual need for it.
Before concluding, let me emphasize that java is completely separate/different from [the "sound-alike"] javaSCRIPT. Virtually all websites you visit make use of javaSCRIPT. Its omnipresence makes its use/functioning essential to do most things on the web. javaSCRIPT will continue to work, 100%, after java is uninstalled.
-----------------
On the matter of programs people keep around but don't use, let me also mention SHOCKWAVE player. Aside from some gamers, I don't know that anyone needs it. I got rid of it months ago.
Note: Do NOT confuse Shockwave PLAYER with "Shockwave FLASH" --- which is an older name for what's now referred to as Adobe Flash (or even more simply, Flash). While Flash itself is all-too-often the target of exploits, I find its presence on the web to be so overwhelmingly common that I could not enjoy "the full web experience" without out. So i *do* keep Flash around... and in use.
ky331
3 Apprentice
3 Apprentice
•
15.3K Posts
0
October 18th, 2010 06:00
Concerning ZBOT, and this month's MSRT:
Since the release of MSRT on Tuesday we have removed Zbot 281,491 times from 274,873 computers and is the #1 family of malware removed (which is not uncommon the month a family is added). Of the 1,344,669 computers cleaned, this is about 1 in 5, a ratio that’s higher than we typically see even when accounting for the normal, first-month spike which results from adding a new family but not exceptionally so.
To put this in greater perspective the removals of Zbot are almost as many as the removals of the #2 and #3 malware families this month combined (Win32/Vundo and Win32/Bubnix respectively). Approximately 86 million computers have run this version of MSRT as we compile this data so we should expect this number to increase as the month continues.
http://www.facebook.com/notes/microsoft-malware-protection-center/an-early-look-at-the-impact-of-msrt-on-zbot/447838758925
deepak khatri
1 Message
0
March 9th, 2014 09:00