Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Corrine

Pages: [1] 2 3 ... 78
1
Microsoft released Security Advisory ADV200001 for a remote code execution vulnerability with limited active attacks in Internet Explorer.  The issue is described as the way that the scripting engine handles objects in memory in Internet Explorer. As described in the advisory:

Quote
The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

In the event you use Internet Explorer, it is strongly advised that you follow the instructions at the bottom of the Advisory to restrict access to JScript.dll as a workaround.

Security Advisory ADV200001

2
As announced previously, the long-awaited new Microsoft Edge Chromium-based browser has been released. For consumers, it will be installed in a future update to Windows 10, following a measured roll-out via Windows Update over the next several months.  The Windows Update schedule for Windows 10 versions is available at Windows updates for Microsoft Edge | Microsoft Docs.

Having daily used the development version of Microsoft Edge since it was initially made available, the Chromium-based version has proved to be a definite improvement. Learn about the new features by following the "Learn More" links at Microsoft Edge Browser Features.

If you don't want to wait for Windows Update, you can download the new Edge browser today. It is available for Windows 10, Windows 8.1, Windows 8, Windows 7, macOS, iOS and Android from the download page at Download New Microsoft Edge Browser | Microsoft. Click the arrow to select the version for your device.

References:

3
Security Alerts & Briefings / Oracle Java SE JRE Security Updates
« on: January 14, 2020, 10:27:38 PM »
Oracle released the scheduled critical security updates for its Java SE Runtime Environment software. This Critical Patch Update contains 12 new security patches for Oracle Java SE. All of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

Update :  If Java is still installed on your computer, it is recommended that this update be applied as soon as possible due to the threat posed by a successful attack.

Download Information:  Java SE Runtime Environment Version 8u241: https://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html

UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional. Preferably, see the instructions below on how to handle "Unwanted Extras".

4
Web News / Windows 7 Gets Final Monthly Rollup Update Before End Of Life
« on: January 14, 2020, 06:36:20 PM »
If you are still running Windows 7, note that it reaches EoL (End of Life) today.  Starting tomorrow (15 January 2020) all versions of Windows 7 (except Professional if the Extended Security Update has been purchased) will display a full-screen upgrade warning notification which will remain on the screen until you interact with the device.

For information about rollup update as well as how you can upgrade to Windows 10 today for free see the article at Bleeping Computer, Windows 7 Gets Final Monthly Rollup Update Before End Of Life.

5
Security Alerts & Briefings / Microsoft January 2020 Security Updates
« on: January 14, 2020, 04:52:48 PM »
The Microsoft January security updates have been released and consist of 49 CVEs. Of these 8 CVEs, 7 are rated Critical and 41 are rated Important in severity. None of the patches released this month are listed as publicly known, but one is listed as being actively exploited at the time of release.

The updates apply to the following:  Microsoft Windows, Internet Explorer, Microsoft Office and Microsoft Office Services and Web Apps, ASP.NET Core, .NET Core, .NET Framework, OneDrive for Android, and Microsoft Dynamics.

Reminder:  After today (14 January 2020) Windows 7 and Windows Server 2008 R2 will be out of extended support and no longer getting security updates.

Recommended Reading:  See Dustin Childs review and analysis in Zero Day Initiative — The January 2020 Security Update Review.

January Security Updates Guide

6
Adobe released Version 32.0.0.314 of Adobe Flash Player for Windows, macOS, Linux and Chrome OS. Once again, the update contains assorted functional fixes.

Release date:  January 14, 2020
Vulnerability identifier: None
Platform:  Windows, Macintosh, Linux and Chrome OS

Update:
Release Notes

7
Pale Moon has been updated to version 28.8.1.  This is an important security and stability release. In addition to fixes identified as "DiD*, the update addresses CVE-2019-17026, which is being actively exploited.  Please update your browser to this version as soon as possible.

*A fix identified as "DiD" ("Defense-in-Depth") means that it is a fix that does not apply to a (potentially) actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered. 

Release Notes

8
Mozilla sent Firefox Version 72.0 to the release channel today.  The update included twelve (12) security updates of which five (5) are high, six (6) are moderate and one (1) rated low.

Also released was Firefox ESR Version 68.4.

Update:  To get the update now, select "Help" from the Firefox menu, then pick "About Firefox."  Mac users need to select "About Firefox" from the Firefox menu. If you do not use the English language version, Fully Localized Versions are available for download.

Security Updates
Release Notes

9
Meet & Greet! / Happy Birthday, ky331!
« on: January 07, 2020, 01:49:59 AM »
Wishing you a very Happy Birthday 🎂!  Have a great day!

10
Web News / Microsoft Products Reaching End of Life in 2020
« on: January 03, 2020, 07:35:39 PM »
From Microsoft Products Reaching End of Life in 2020:
Quote
Several major Microsoft products will reach their end of support during 2020, with Office 2010, Visual Studio 2010, Windows 7, Windows Server 2008 (including 2008R2), and multiple Windows 10 versions including 1803 and 1903 being some of the most important ones.

Reference to check any Microsoft programs not included in the article:  Products Reaching End of Support for 2020.


11
Meet & Greet! / Happy New Year!
« on: December 31, 2019, 05:33:44 PM »

12
Meet & Greet! / Happy Birthday, DR M!
« on: December 26, 2019, 04:06:23 PM »
Wishing you the very happiest of birthdays and a wonderful and productive 2020, Panos!



13
Meet & Greet! / Celebrate The Season!
« on: December 21, 2019, 07:16:59 PM »
There are many special celebrations this time of the year, which is why some people say "Season's Greetings" or "Happy Holidays".  Whatever you celebrate, whether it be the Winter Solstice, Hanukkah, Christmas or Kwanzaa, best wishes to each of you and health and happiness in the New Year!

Since I celebrate Christmas, Merry Christmas!  🎄

14
Meet & Greet! / Happy Birthday, winchester73!
« on: December 18, 2019, 03:27:05 AM »
Wishing you the best of everything and a very happy birthday! 🎂

15
Web News / Windows updates to support the next version of Microsoft Edge
« on: December 17, 2019, 02:00:05 PM »
From Windows updates for Microsoft Edge | Microsoft Docs:
Quote
The next version of Microsoft Edge features more frequent and more flexible updating capabilities. Because browser releases aren't bound to the Windows major releases, changes will be made to the operating system to ensure that the next version of Microsoft Edge fits seamlessly into Windows. As a result, feature updates will be released on a 6-week cycle (approximately.) Security and compatibility updates will be shipped as needed.

The timeline in the article lists the Windows Updates needed for different versions of Windows, the changes that will take effect on the system after all the updates are applied and the Stable channel of the next version of Microsoft Edge is installed.

Pages: [1] 2 3 ... 78