A previously unknown security flaw in Bugzilla — a popular online bug-tracking tool used by Mozilla and many of the open source Linux distributions — allows anyone to view detailed reports about unfixed vulnerabilities in a broad swath of software. Bugzilla is expected today to issue a fix for this very serious weakness, which potentially exposes a veritable gold mine of vulnerabilities that would be highly prized by cyber criminals and nation-state actors
W32/Kryptik.AX!tr – A Masterful FTP Trojan
A few days ago I received an interesting email message: Just your typical phishing email. Normally, I would just dump it into our signature automation processors and move on to the next piece of malicious code.
April 2013 Patch Tuesday Bulletins are now Supported by Desktop Central
Microsoft April 2013 Patch Tuesday bulletins are now supported by Desktop Central. The patch assessment team at Desktop Central has tested the patches and have updated their online patch database on April 10, 2013 at 08:00 EDT
March 2013 Patch Tuesday Bulletins are now Supported by Desktop Central
Microsoft March 2013 Patch Tuesday bulletins are now supported by Desktop Central. The patch assessment team at Desktop Central has tested the patches and have updated their online patch database on March 13, 2013 at 09:00 EDT. Update your vulnerability database to install the patches pertaining to the Security Bulletins: MS13-021 – Cumulative Security Update for Internet Explorer (2809289) MS13-022 – Vulnerability in Silverlight Could Allow Remote Code Execution (2814124) MS13-023 – Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2801261) MS13-024 – Vulnerabilities in SharePoint Could Allow Elevation of Privilege (2780176) MS13-025 – Vulnerability in Microsoft OneNote Could Allow Information Disclosure (2816264) MS13-027 – Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2807986) Update your vulnerability database to install the below Third Party updates Google Chrome (25.0.1364.172) Mozilla Thunderbird (17.0.4) Adobe AIR (3.6.0.6090) Real Player (16.0.1.18) Adobe Flash Player Plugin 11.6.602.180 (APSB13-09) Adobe Flash Player for IE 11.6.602.180 (APSB13-09) Update your vulnerability database to install the patches pertaining to the Non Security Updates Windows Malicious Software Removal Tool – March 2013 (KB890830) Description of the Outlook 2003 Junk E-mail Filter update: March 12, 2013 (KB2768024) Description of the Outlook 2007 Junk E-mail Filter update: March 12, 2013 (KB2768025) Description of the Outlook 2010 Junk E-mail Filter update: March 12, 2013 (KB982726) Description of the Outlook 2013 Junk E-mail Filter update: March 12, 2013 (KB2760587) Description of the 2007 Office system update(KB2687493) Description of the Office 2010 update(KB2687503) Description of the SharePoint Designer 2010 update(KB2553382) [when installed with office] Description of the SharePoint Designer 2010 update(KB2553459) [when installed with office] Description of the Word 2010 update(KB2767886) Microsoft Security Advisory: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10: March 12, 2013(KB2824670) Description of the OneNote 2013 update(KB2768011) System may restart and not display the “Choose an option” screen in Windows RT, Windows 8, or Windows Server 2012(KB2812822) Description of the PowerPoint 2013 update(KB2727013) Description of the SkyDrive Pro update(KB2768356) [when installed with office] Description of the SkyDrive Pro update(KB2768016) [when installed with office] Description of the Outlook 2013 update(KB2727079) Description of the Lync 2013 update(KB2760556) [when installed with office] Description of the Office 2013 update(KB2768333) Windows 8 and Windows Server 2012 cumulative update: March 2013 (KB2800088) Description of the Office 2013 update(KB2752094) Incorrect results when you run AD Windows PowerShell cmdlets on a Windows Server 2008 R2-based domain controller(KB2806748) Application compatibility update for Windows 7 and Windows Server 2008 R2: March 2013 (KB2791765) Compatibility update is available for Windows 8 and Windows Server 2012 (KB2790907) Anti-malware platform update for Windows Defender is available in Windows 8(KB2781197) Deployment Priority (Courtesy: MSRC blog ) For any assistance on patching feel free to contact desktopcentral-support@manageengine.com Happy Patching
Introducing SolarWinds Patch Manager
You’ll change your tune about patch management after you experience how much time SolarWinds Patch Manager can save you! We even provide you with pre-built, pre-tested, third-party patches and make them super easy for you to deploy to your Windows servers and workstations. • Automate patching applications across tens of thousands of servers and workstations • Receive automatic notifications of new third-party patches from leading vendors like Adobe®, Apple®, Google®, Mozilla®, and Sun Microsystems®; then deploy our pre-built, pre-tested patches to save tons of time • Use PackageBoot™ technology to execute custom actions before and after patches are deployed so that you can rest assured that even the peskiest of patches gets deployed correctly (and doesn’t break anything in the process) • Manage updates dynamically, pushing the right patches to the right machines at the right time • Perform enterprise-wide discovery and inventory quickly and identify rogue, unauthorized, and unpatched computers instantly • Get visibility into patch compliance with an extensive collection of simple, built-in reports • Leverage your existing WSUS and System Center Configuration Manager (SCCM) deployments
Public ACC V1.9 BETA released
Astaro is pleased to announce the availability of the Astaro Command Center V1.9 BETA release and invites you to participate in the Astaro BETA Test Program, where you have the chance to win Amazon Gift Certificates ! The ACC V1.9 BETA will run from July 31th through August 29th. The results will be of huge value in order to discover possible malfunctions at a very early stage and hence significantly increase the stability and reliability of the final software release.
Up2Date and ISO ASG V7.100
Astaro is pleased to announce that Astaro Security Gateway V7.1 GA is available now.
ACC 1.400 released [Middle]
This new ISO and Up2Date changes the GUI to the new look&feel to the ASG V7 style and it adds V7 support.
ACC Up2Date 1.201 [low]
Version 1.201 is a bug fix update which fixes seven bugs, including the limitation that Webadmin Single-Sign-On only works if ASG uses webadmin port tcp/443. – read on to get the details… WebAdmin Single-Sign-On (SSO) now also works on non-standard tcp ports ACC now supports WebAdmin SSO also for ports other than tcp/443