Upload File

previous gnews. jan 4 patches – 0 critical – 6 cves 9 patches – 4 critical – 31+ cves...

  • Home
  • Documents
  • PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006
10
PREVIOUS GNEWS

Upload: rosaline-doyle

Post on 14-Dec-2015

221 views

Category:

Documents


2 download

Report

Tags:

TRANSCRIPT

Page 1: PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006

PREVIOUS GNEWS

Page 2: PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006

• Jan 4 Patches – 0 Critical – 6 CVEs

• 9 Patches – 4 Critical – 31+ CVEs

• MS14-005 - Microsoft XML Core Services, Info Disclosure

• MS14-006 - IPv6 Could Allow, DoS

• MS14-007 - Direct2D, Remote Code

• MS14-008 - Microsoft Forefront Protection for Exchange, Remote Code

• MS14-009 - .NET Framework, Privilege Escalation

• MS14-010 - Cumulative Security Update for Internet Explorer

• MS14-011 - VBScript Scripting Engine, Remote Code

Other updates, MSRT, Defender Definitions, Junk Mail Filter

Patch Tuesday

Page 3: PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006

• Oracle, – Jan - 144 fixes

• Adobe– APSB14-04 – Flash Player– APSB14-06 – Shockwave Player

• Apple,– iTunes 11.1.5– Pages 5.1 and 2.1– Boot Camp 5.1

• Cisco– Secure Access Control System, Multiple Vulns– Unified Communications Manager, Multiple Vulns / SQL Injects– NX-OS, Multiple Vulns– TelePresense, Multiple Vulns– MediaSense. Multiple Vulns

Holes / Patches

Page 4: PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006

• POS Malware??

• Something about ATMs

• Windows XP end of support (oh you didn’t know?!) MSRT supported for one year

• Windows 8 on usb – “enterprise license and certified device required”

• Windows 9 “threshold” rumors hitting the streets

• Japenese Nuke Reactor, now with malware

• Starbuck iPhone app stores creds in plaintext

• OpenBSD gets bitcoin donation, keeps lights on

• ThrustVPS gets owned, sends spam

• VPN bypass in JellyBean and KitKat

• Mask

Random

Page 5: PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006

• Vmware buys AirWatch

• AMD 8 core ARM

• Lenovo buys Motorola Mobility

• EU to back door cars by 2020

• CCC sues German Govt

• Tumblr drops transparency report

Corp

Page 6: PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006

Detect Malware Phone Homehttps://www.sans.org/reading-room/whitepapers/detection/approach-detect-malware-call-home-

activities-34480

Google + Integration Opt-Outhttps://www.eff.org/deeplinks/2014/01/how-opt-out-gmails-google-plus-integration

NIST Cyber Security Frameworkhttp://www.nist.gov/cyberframework/upload/cybersecurity-framework-021214.pdf

  

Papers

Page 7: PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006

Discuss

Tools

Page 8: PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006

• CanSecWest – Mar

• B-Sides Austin – Mar

• Source Boston - Apr

• InfoSec SouthWest – Apr

• ThotCon – Apr

• Hope X - Jul

• Defcon – Aug

• ToorCon - Oct

• B-Sides DFW – Nov

• CCC - Dec

Cons

Page 9: PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006

DC214

TX2600

NAISG

DHA

Crypto Party

LockPick DFW

The Lab.MS

Dallas MakerSpace

ISSA North Texas

ISSA Cowtown

Local

Page 10: PREVIOUS GNEWS. Jan 4 Patches – 0 Critical – 6 CVEs 9 Patches – 4 Critical – 31+ CVEs MS14-005 - Microsoft XML Core Services, Info Disclosure MS14-006

All images scavenged without permission

All images scavenged without permission


Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches

PREVIOUS GNEWS. 6 Patches – 4 Critical – 19 CVEs Affected – Kernel, SQL, Kerberos, Word, HTML, SharePoint Other updates, MSRT, Defender Definitions, Junk

PREVIOUS GNEWS. July - 6 Patches – 2 Critical - 27 CVEs MS14-037 - Cumulative Security Update for IE, Remote Code MS14-038 – Windows Journal, Remote Code

PREVIOU S GNEWS. May 7 Patches – 2 Critical - 70 CVEs MS14-030 - Remote Desktop, Allow Tampering MS14-031 - TCP Protocol, DoS MS14-032 - Microsoft Lync

9 Patches – 2 Critical – 12 CVEs Affected – IE, Kernel, SharePoint, Remote Desktop, AD….. Other updates, MSRT, Defender Definitions, Junk Mail Filter

AHRQ Learning Network for Chartered Value Exchanges (CVEs)

Apr - 8 Patches – 2 Critical - 45 CVEs MS15-056 - Cumulative Security Update for IE, Remote Code MS15-057 - Windows Media Player, Remote

RSF Electronik MS14 Series Catalog

CVES 2016 - 2019 Strategic Plan for Continuous Improvement...CVES is committed to moving forward with our Strategic Plan during the 2016-17 school year. The CVES 2016-2019 Strategic

Place Metaphors in Educational CVEs

FixO3 - Milestone MS14: Second round of TNA projects ...MS14-Second round of TNA projects information disseminated online 5 Opening of the call: 1st May 2015 Signed submission forms

From Patches to Honey-Patches: Lightweight Attacker Misdirection

PREVIOUS GNEWS. 7 Patches – 3 Critical – 20 CVEs Affected – IE, Kernel, Visio, Silverlight Sarepoint,….. Other updates, MSRT, Defender Definitions, Junk

PatchDroid: Third Party Security Patches for Android · PatchDroid: Third Party Security Patches for Android ... third-party security patches for Android ... – Inject patches into

PREVIOUS GNEWS. Aug - 4 Patches – 1 Critical - 42 CVEs MS14-052 – IE Cumulative Security Update, Remote Code MS14-053 –.NET Framework, DoS MS14-054 –

PREVIOUS GNEWS. Patches – ? Critical – ? CVEs Affected – ? Other updates, MSRT, Defender Definitions, Junk Mail Filter –MS12-052+ - NEXT WEEK FOOL Patch

Chartered Value Exchanges (CVEs) September 2008 CVEs may wish to tailor this slide deck for use with stakeholders in your community

Custom embroidered patches | Hand embroidery designs| Patches for clothes

Models: MS09, MS12, MS11, MS14, MS18 OPERATOR’S … · Mini-Skid Hydraulic Earth Auger Attachments Models: MS09, MS12, MS11, MS14, MS18 OPERATOR’S MANUAL Serial Number _____ Model

VA40 | VA45 | VA45 Technical Datasheet Variable-area flowmeter • Robustly built for many uses ... G 14.06 - N 21.13 MS14/I TG21 G 14.08 - N 21.18 MS14/I TG21

PREVIOUS GNEWS. Apr 4 Patches – 2 Critical – 11 CVEs MS14-017 - Microsoft Word and Office Web Apps, Remote Code MS14-018 - Cumulative Security Update

PREVIOUS GNEWS. 3 Patches – 4 Critical – 53+ CVEs Affected – Kernel, AD, SharePoint, Office, and more MS13-067 - Microsoft SharePoint Server, Remote Code

Week1 Feb y5 Sci Irna 1 1 Ms14

Jul - 15 Patches – 5 Critical - 60 CVEs MS15-058 - SQL Server, Remote Code MS15-065 - Security Update for IE MS15-066 - VBScript Scripting

GNEWS PREVIOUS. Feb - 14 Patches – 5 Critical - 45 CVEs MS15-018 - Cumulative Security Update for IE MS15-019 - VBScript Scripting, Remote Code MS15-020

Apr - 11 Patches – 4 Critical - 26 CVEs MS15-032 - Cumulative Security Update for IE MS15-033 - Office, Remote Code MS15-034 - HTTP.sys,

Chartered Value Exchanges (CVEs)

PREVIOUS GNEWS. 6 Patches – 1 Critical – 22 CVEs Affected – IE. Kernel, Print, Office MS13-047 - Cumulative Security Update for Internet Explorer MS13-048

Activision Patches | Activision Patches for Sale

Quantum Key Distribution [VV12, MS14, AVR16]2018.qcrypt.net/wp-content/uploads/2018/slides... · Quantum Key Distribution [VV12, MS14, AVR16] 101010100… 010.. 000.. 111011100…

Cves lada naciona

NASA Mission Patches. History of Mission Patches

Scalp Acupuncture - MS1 to MS14 -Ok -Ok -Ok

Cves lada nacional

MS14 Add near doubles and compensate - Numeracy Ninjas