skip to main | skip to sidebar
Security4all - Dedicated to digital security, enterprise 2.0 and presentation skills

Saturday

5 in a row: Multiple Zero day and patch releases



It's been a busy week with a lot of (zero day) attack vectors appearing together with some patch releases:
  • IE users beware: RealPlayer zero-day flaw under attack (Zero day blog)
  • Firefox 2.0.0.8 released (SANS ISC)
  • Security vulnerabilities in Cisco hardware and software products (heise security)
  • Oracle releases 51 patches, unveils new vulnerability rating system (SC magazine)
  • Apple iPod touch / iPhone TIFF Image Processing Vulnerability (Secunia)

Posted by Security4all at 20.10.07

Labels: application vulnerabilities

0 comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)

Interesting events

About this blog

This Blog's main focus is to have a place to keep an overview on recent and useful information security news combined with a small interest in presentation skills, productivity and other random thoughts. You can contact us through email here

"Without Knowledge, Skill cannot be focused. Without Skill, Strength cannot be brought to bear and without Strength, Knowledge may not be applied."

Proud member of Security Bloggers Network, a FeedBurner Network.

Fingerprint:
9766 EEF4 C437 C64C 5C69
4902 F98E 8DED 4CF0 1C40

Me 2.0

LinkedIN
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Delicious
Flickr

Add to Technorati Favorites TwitterCounter for @security4all

Subscribe to this blog

Security4all

↑ Grab this Headline Animator

Upcoming Security Events (in Belgium)

Security Database Tools Watch

Loading...

Security Bloggers Network

Loading...

digg / security4all / history

Loading...

Blog Archive

  • ►  2010 (11)
    • ►  March 2010 (7)
      • International day against censorship
      • Internet-able touchscreens for Belgian Hospitalbed...
      • IE6 & IE7 zero day published in Microsoft Security...
      • Some great whitepapers on the Aurora attacks
      • Time to step up your Acrobat Reader patching. Atta...
      • Hackerspace Ghent (Whitespace or 0x20) will have t...
      • The Icelandic Modern Media Initiative addresses th...
    • ►  February 2010 (2)
      • Call for Papers: BruCON 2010, 24-25 September
      • Hackerspace Antwerp in bootstrap mode
    • ►  January 2010 (2)
      • The date for the Hackerspace Antwerp Startup Meeti...
      • Download the #26C3 videos and bonus material
  • ►  2009 (95)
    • ►  December 2009 (2)
      • Discussing about Hackerspace Antwerp
      • #26C3 Mobile Schedule for Android and iPhone
    • ►  October 2009 (6)
      • Ways to bypass the Big Belgian firewall
      • Sign against Dataretention - bewaarjeprivacy.be
      • Automated Social Networking Surveillance Systems
      • Privacy and the 'Belgian Mobility Card' (BMC)
      • Flu epidemic already announced in Belgium
      • Null character MITM Certificate released
    • ►  September 2009 (4)
      • Security bloggers meetup London @ RSA
      • SMBv2 exploit for Vista and Server 2008 released
      • CERT.be is hiring
      • International Action Day “Freedom not Fear 2009 – ...
    • ►  August 2009 (4)
      • Possible 0-day in IIS5 and IIS6 FTP (updated x3)
      • HAR2009: where to get the presentation videos
      • Collection of Defcon 17 articles, videos, pictures...
      • Get the #DEFCON 17 CD Archive (updated x2)
    • ►  July 2009 (15)
      • Day 2: A collection of #Blackhat articles: keeping...
      • BlackHat slides available and first blogposts
      • IE Killbits don't work, or why MS released an OOB ...
      • Microsoft July 2009 Out-of-Band Releases
      • How to follow Blackhat/Defcon without being there
      • Preparing your laptop (or iPhone) for a security/h...
      • Remote root exploit in DD-WRT httpd daemon.
      • 0-Day in Adobe Flash, also executable from Acrobat...
      • Nmap 5.00 Released with new additions: ndiff, ncat...
      • According to Child Support groups, Net filtering i...
      • Oracle & Microsoft Patch Tuesday and a Firefox 0-d...
      • Fake OpenSSH 0-day, don't run 0pen0wn.c
      • Active exploitation of Office Web Component Active...
      • HostileWRT: the misconceptions about the Hadopi Ro...
      • Big Brother 2009: Has the rebellion started?
    • ►  June 2009 (6)
      • Phrack magazine is still alive. Issue #66 released...
      • NAT is not a security feature. RSNAKE releases RFC...
      • Patch apocalypse: Patch tuesday for Microsoft, Ado...
      • Malware: the iPhone 3.0 firmware jailbreak. Be war...
      • After 2 years, the German hacker-tool law has prov...
      • Why I stopped blogging
    • ►  April 2009 (1)
      • Business continuity and useful resources about the...
    • ►  March 2009 (11)
      • BBC Click decided to rent a botnet
    • ►  February 2009 (27)
    • ►  January 2009 (19)
  • ►  2008 (583)
    • ►  December 2008 (22)
    • ►  November 2008 (49)
    • ►  October 2008 (31)
    • ►  September 2008 (39)
    • ►  August 2008 (41)
    • ►  July 2008 (67)
    • ►  June 2008 (51)
    • ►  May 2008 (70)
    • ►  April 2008 (76)
    • ►  March 2008 (53)
    • ►  February 2008 (46)
    • ►  January 2008 (38)
  • ▼  2007 (571)
    • ►  December 2007 (42)
    • ►  November 2007 (45)
    • ▼  October 2007 (74)
      • Hackers and suits: 10 Tips for bridging the gap
      • NIST drafts guidance on risk management
      • ExploitMe: Free Firefox Plug-Ins Test Web Apps
      • The Best Security Books to have in your library
      • How to pentest a VOIP enabled LAN
      • Striptease award for solving captchas
      • PDF URI exploitation and the RBN
      • Hack.lu was pwned in 15 minutes and a small review...
      • Ultimate Geek Shirt
      • Podcast: Audioparasitics Episode 19: Is 'security ...
      • Sometime you have to be faster
      • Phishing Trends Activity Report for July 2007
      • The (real) reason I want a big videocard is to ......
      • Video: Chinese Cyberwarriors
      • Adobe Acrobat and Reader security patch finally re...
      • A Hacker's Holiday Shopping List
      • Reverse engineering 101
      • First batch of CCCamp 2007 videos online
      • Tracking the Russian Business Network Part 2
      • MITMing a room full of security people @ Hack.lu
      • Capture The Flag @ Hack.lu 2007
      • 5 in a row: Multiple Zero day and patch releases
      • New spam wave using MP3
      • Presentation skills & Pecha Kucha Brussels
      • Avoid social engineering and identity theft
      • Hack.lu day 1: honeypots, voip pentesting and expl...
      • Hack.lu: start of day 1
      • Protect your browser: Browser rootkits, Virtual ap...
      • Stormworm mutates: it is expanding and dividing
      • Zero day exploit for Adobe Acrobat is now in the w...
      • Testing the Sunbelt Network Security Inspector
      • The Russian Business Network denies allegations
      • 90% of all Belgian email is spam.
      • Event: Barcamp Brussels #4
      • Tracking the Russian Business Network
      • More details on the "in the wild" MS07-060 exploit...
      • Analysis of the BlackEnergy DDoS Bot
      • Hack.lu conference in just a few days
      • Microsoft Word exploit in the wild
      • Stopping targeted attacks, why signatures are not ...
      • Hoax murder story scares off spammers
      • BackTrack 3 In Testing
      • Microsoft acknowledges security problem with URI b...
      • Podcast: Blue Box #69: Linksys SPA-941 vulnerabili...
      • Cartoon: Drop your tables
      • Public CCTV cameras: effective measures or money d...
      • SCADA HoneyNet Project: Building Honeypots for Ind...
      • Global Technology Audit Guide 8: Auditing Applicat...
      • Report: WhiteHat Website Security Statistics Repor...
      • Podcast: Audioparasitics Episode 18: Patch Tuesday...
      • SSA Version 1.5.2 - OVAL Vulnerability Assessment ...
      • Firefox Plugin: WhoAmI
      • Malware simulators needed
      • Four critical in MS Patch Tuesday and watch out fo...
      • Zero-day Flaw in Safari 3.0.03 Web Browser for Win...
      • 'Storm' Superworm Poses Grave Threat to Internet
      • Inguma: A Free Penetration Testing Toolkit
      • Newsflash: Russian maffia cracks three Belgian Ban...
      • Video: Hak5 Episode 3×03 Released
      • The Internet is full of wide open CITRIX gateways
      • QuickTime update closes security hole
      • Does Checkpoint's Secureplatform deserve an EAL4+ ...
      • BlueHat v6: The Vuln Behind The Curtain
      • The October State of Spam report
      • Podcast: Blue Box #68: Top 14 VoIP Vulnerabilities...
      • Podcast: AudioParasitics Episode 17
      • Crime does pay
      • CCWAPSS : Pentest and score the security level of ...
      • Chinese hit India 3-4 times a day
      • Workshop Presentations on Mitigation of Massive Cy...
      • Latest issue of ENISA Quarterly Magazine
      • Stay sharp with this Honeynet reporting site
      • Book: Metasploit Toolkit for Penetration Testing
      • Default passwords are still out there (and really ...
    • ►  September 2007 (94)
    • ►  August 2007 (69)
    • ►  July 2007 (72)
    • ►  June 2007 (53)
    • ►  May 2007 (47)
    • ►  April 2007 (46)
    • ►  March 2007 (29)

Disclaimer

This is a personal blog. The views and opinions expressed here are those of myself only and in no way represent the views or positions or opinions of my former, current, or future employers, clients, or associates.

All content provided is for the purpose of general information and for educational purposes only. It should NOT be construed as professional advice or guidance, and is not an offer of service or products. The information in this weblog is provided “AS IS” with no warranties. Use at own risk.

All trademarks and copyrights on this blog are owned by their respective owners.

Feel free to disagree with me, but I reserve the right to refuse any comment for any reason whatsoever.

This blog is licensed under a Creative Common Attribution-NonCommercial-ShareAlike License.


Bloggers' Rights at EFF


Bezoek Eerlijk en Legaal Bloggen


Hacker for Charity
 
This blog is licensed under a Creative Common Attribution-NonCommercial-ShareAlike License .