Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - Corrine

Pages: [1] 2 3 ... 69
1
Windows Insider Build 18836 (20H1) Released to Skip Ahead: Announcing Windows 10 Insider Preview Build 18836 | Windows Experience Blog.

Edit Note:  Subject edited and adding the following explanation from the referenced blog:

Quote
Hello Windows Insiders, today we are releasing a new build to Insiders who have opted into Skip Ahead. These builds are from the 20H1 development branch. Some things we are working on in 20H1 require a longer lead time. We will begin releasing 19H2 bits to Insiders later this spring after we get 19H1 nearly finished and ready; once 19H1 is “nearly finished and ready” we’ll also use the Release Preview ring for previews of drivers and quality updates on 19H1.

2
Mozilla sent Firefox Version 65.0.1 to the release channel today.  Firefox ESR has been updated to Version 60.5.1.  The update included three (3) security updates rated high.

Release Notes

3
Security Alerts & Briefings / Microsoft Security Updates for February, 2019
« on: February 12, 2019, 05:27:52 PM »
The February security updates have been released and consist of 77 CVE's and three security advisories in which 20 are rated Critical, 54 are rated Important, and three are rated Moderate in severity. Four are listed as publicly known and one is listed as being under active attack at the time of release.

In addition to defense-in-depth updates, the updates address Remote Code Execution, Security Feature Bypass, Information Disclosure, Elevation of Privilege, Spoofing, and Security Feature Bypass  and apply to the following:  Adobe Flash Player, Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, ChakraCore, .NET Framework, Microsoft Exchange Server, Microsoft Visual Studio, Azure IoT SDK, Microsoft Dynamics, Team Foundation Server, and Visual Studio Code.

Important:  A Servicing Stack Update has been released for the following operating systems.  Windows 10 Version 1607, Windows Server 2016, and Windows Server 2016 (Server Core installation); Windows 10 Version 1703; Windows 10 Version 1709 and Windows Server, version 1709 (Server& Core Installation); Windows 10 Version 1803, and Windows Server, version 1803 (Server Core Installation). A list of the latest servicing stack updates for each operating system can be found in ADV990001.

Release Notes
Windows 10 Update history

4
Security Alerts & Briefings / Adobe Flash Player Updates Released
« on: February 12, 2019, 01:07:07 PM »
Adobe has released Version 32.0.0.142 of Adobe Flash Player and AIR for Windows, macOS, Linux and Chrome OS. Successful exploitation could lead to information disclosure in the context of the current user.  

Release date:  February 12, 2019
Vulnerability identifier: APSB19-06
Platform:  Windows, Macintosh, Linux and Chrome OS

Update:
Security Bulletin
Release Notes

5
 Adobe has released security updates for Adobe Acrobat and Reader for Windows and MacOS to address critical  vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. The update addresses forty-six (46) CVE's!

Release date:  February 12, 2019
Vulnerability identifier: APSB19-07
Platform: Windows and MacOS

Update or Complete Download
:

Reader DC and Acrobat DC were updated to version 2019.010.20069. Update checks can be manually activated by choosing Help & Check for Updates.
Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Security Bulletin

6
LandzDown Lounge / Oh, the weather outside is . . .
« on: January 30, 2019, 11:05:09 PM »
The major news in the U.S. the past couple days is the "polar vortex".  This is the best definition from a 2014 description, What is a polar vortex?:

Quote
A polar vortex is a large pocket of very cold air, typically the coldest air in the Northern Hemisphere, which sits over the polar region during the winter season.

The frigid air can find its way into the United States when the polar vortex is pushed farther south, occasionally reaching southern Canada and the northern Plains, Midwest and northeastern portions of the United States.

It has really hit central U.S. and has been moving into Western NY today.  Unlike Minnesota, Wisconsin, Illinois, the temperature here isn't quite as cold (currently -3F, feels like -17F with the wind chill) although it is forecast to be colder overnight. 

Hope any LzD friends in the path of this cold are staying safe and warm. 

With friends from around the world, what is your weather like?

7
Mozilla sent Firefox Version 65.0 to the release channel today.  Firefox ESR has been updated to Version 60.5.
The update included seven (7) security updates of which three (3) are critical, three (3) are high, and one (1) is rated low.

Release Notes
Security Updates

8
Oracle released the scheduled critical security updates for its Java SE Runtime Environment software.  This Critical Patch Update contains 5 new security fixes for Oracle Java SE, all of which may be remotely exploitable without authentication.

Update

If Java is still installed on your computer, it is recommended that this update be applied as soon as possible due to the threat posed by a successful attack.
Download Information
Java SE 8u201 or 8u202

    Release Notes:
    8u201:  https://www.oracle.com/technetwork/java/javase/8u201-relnotes-5209271.html
    8u202:  https://www.oracle.com/technetwork/java/javase/8u202-relnotes-5209339.html

    Downloadhttps://www.oracle.com/technetwork/java/javase/downloads/index.html

Java SE 11.0.2  (x64-bit only)

Note:  JDK only.

    Release Notes: http://www.oracle.com/technetwork/java/javase/10-0-2-relnotes-4477557.html
    Download:  https://www.oracle.com/technetwork/java/javase/downloads/index.html

UNcheck any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.  Preferably, see the instructions below on how to handle "Unwanted Extras". 

9
Security Alerts & Briefings / Pale Moon Version 28.3.0 Released
« on: January 15, 2019, 01:42:44 PM »
Pale Moon has been updated to version 28.3.0.  This is a major development and bugfix release.

The release includes DiD ("Defense-in-Depth") changes.  This means that a fix does not apply to a (potentially)actively exploitable vulnerability in Pale Moon, but prevents future vulnerabilities caused by the same code, e.g. when surrounding code changes, exposing the problem, or when new attack vectors are discovered.

The Linux versions will follow.

Release Notes

10
Forever In Our Hearts / RIP onDvine
« on: January 14, 2019, 06:31:30 PM »

It is with sadness that I learned today that Joyce passed away last month.  Joyce had been a member here for five years and was most active in the WinPatrol topics.  She was a long-time member of DSLReports and a member of the former Security Updates Committee at DSLR.  She went by jayzzz at Wilders.

Joyce and I spent a lot of time sharing stories about our common friend, Janie (CalamityJane).  I suspect that the two of them have already connected and are sharing stories.




11
The January security updates have been released and consist of 49 security patches and two advisories in which 7 are listed as Critical , 40 are rated Important and 2 are listed as Moderate in severity. One is listed as publicly known at the time of release but none are reported as being actively exploited.

The updates address Remote Code Execution, Information Disclosure, Elevation of Privilege, Denial of Service and Spoofing and apply to the following: Internet Explorer (IE), Edge, ChakraCore, Microsoft Windows, Office and Microsoft Office Services and Web Apps, Visual Studio, and the .NET Framework.

See Dustin Childs review and analysis in Zero Day Initiative — The January 2019 Security Update Review.

Release Notes
Windows 10 update history


12
Security Alerts & Briefings / Adobe Flash Player Updates Released
« on: January 08, 2019, 01:29:29 PM »
Adobe has released Version 32.0.0.114 of Adobe Flash Player and AIR for Windows, macOS, Linux and Chrome OS. These updates address feature and performance bugs, and do not include security fixes. 

Release date:  January 8, 2019
Vulnerability identifier: APSB19-01
Platform:  Windows, Macintosh, Linux and Chrome OS

Update:
Security Bulletin
Release Notes

13
Adobe has released security updates for Adobe Acrobat and Reader for Windows and MacOS to address critical vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. 

Release date:  January 3, 2019
Vulnerability identifier: APSB19-02
Platform: Windows and MacOS

Update or Complete Download
:

Reader DC and Acrobat DC were updated to version 2019.010.20069. Update checks can be manually activated by choosing Help & Check for Updates.
Note: UNcheck any pre-checked additional options presented with the update. They are not part of the software update and are completely optional.

Security Bulletin

14
Web News / Reminder: Securing New Devices
« on: January 02, 2019, 06:45:22 PM »
Quote
During the holidays, internet-connected devices also known as Internet of Things (IoT) are often popular gifts—such as smart TVs, watches, toys, phones, and tablets. This technology provides a level of convenience to our lives, but it requires that we share more information than ever. The security of this information, and the security of these devices, is not always guaranteed.

The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), recommends these important steps you should consider to make your Internet of Things more secure:
Quote

Article here:  Securing New Devices | US-CERT

15
Microsoft released an out-of-band security update for Internet Explorer 11 on Windows 10, Internet Explorer 11 on Windows 8.1 Update, Internet Explorer 11 on Windows 7 SP1, Internet Explorer 10 on Windows Server 2012, Internet Explorer 9, Windows Embedded Standard 2009 and Windows Embedded POSReady 2009.

The update addresses  remote code execution vulnerability CVE-2018-8653 that exists in the way that the scripting engine handles objects in memory in Internet Explorer.

It is strongly advised that this update be installed as soon as possible. (Note: For Windows RT and Windows RT 8.1, this update is available through Microsoft Update only.)

CVE-2018-8653
Security Advisory

Pages: [1] 2 3 ... 69