blog trackingRealtime Web Statistics fixes Archives - Gregory D. Evans | Worlds No. 1 Security Consultant

Posts Tagged ‘fixes’

BMW fixes security flaw that left locks open to hackers

_80724006_478390649

Source: National Cyber Security - Produced By Gregory Evans

The flaw affected models fitted with BMW’s ConnectedDrive software, which uses an on-board Sim card. The software operated door locks, air conditioning and traffic updates but no driving firmware such as brakes or steering, BMW said. No cars have actually been hacked, but the flaw was identified by German motorist association ADAC. ADAC’s researchers found the cars would try to communicate via a spoofed phone network, leaving potential hackers able to control anything activated by the Sim. The patch, which would be applied automatically, included making data from the car encrypted via HTTPS (HyperText Transfer Protocol Secure) – the same security commonly used for online banking, BMW said. “On the one hand, data are encrypted with the HTTPS protocol, and on the other hand, the identity of the BMW Group server is checked by the vehicle before data are transmitted over the mobile phone network,” it said in a statement. This should have already been in place, said security expert Graham Cluley. “You would probably have hoped that BMW’s engineers would have thought about [using HTTPS] in the first place,” he wrote on his blog. “If you are worried that your vehicle may not have received the update (perhaps because […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post BMW fixes security flaw that left locks open to hackers appeared first on National Cyber Security.

View full post on National Cyber Security

Its time for change , MOZILLA redisgn firefox design after fixes security Vulnerabilities

1

Mozilla yesterday discharged the considerably upgraded variant 29 of its Firefox program. The most recent cycle incorporates fixes for various basic and very evaluated security vulnerabilities. Around the five discriminating vulnerabilities are client without after bugs in nshostresolve, imgloader while resizing pictures, and the Text Track Manager for HTML features. The remaining two discriminatingly appraised patches resolve a benefit heightening weakness in the Web warning provision programming interface and an assortment of memory security dangers. Settles that get discriminating appraisals apply to vulnerabilities that could be misused to run assaulter code and introduce programming without any client cooperation past typical …continue reading

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Its time for change , MOZILLA redisgn firefox design after fixes security Vulnerabilities appeared first on National Cyber Security.

View full post on National Cyber Security

Microsoft Fixes Critical Vulnerability in Windows Common Controls

April’s Patch Tuesday update delivers six bulletins — including a critical fix for a core flaw that affects a long list of Microsoft applications.

View full post on eSecurityPlanet RSS Feed

View full post on National Cyber Security

Flash Player 11.2 fixes critical vulnerabilities and adds silent updates

Adobe have released Flash Player 11.2, addressing two critical arbitrary code execution vulnerabilities and introducing a silent update option.

One of the patched vulnerabilities stems from how older versions of Flash Player checks URL security domains, and only affects the Flash Player ActiveX plug-in for Internet Explorer on Windows 7 or Vista.

Both vulnerabilities can trigger memory corruptions and can be exploited to execute arbitrary code remotely. However, Adobe is not aware of any exploits for these flaws being used in online attacks at this time, said Wiebke Lips, Adobe’s senior manager of corporate communications.

Users of Adobe Flash Player 11.1.102.63 and earlier versions for Windows, Macintosh, Linux and Solaris are advised to update to the new Adobe Flash Player 11.2 for their respective platforms. Users of Adobe Flash Player 11.1.111.7 for Android are advised to update to Flash Player 11.1.111.8.

Flash Player 11.2 also introduces a new updating mechanism that can be configured to check for and deploy updates in the background automatically, without requiring user interaction. The feature has been in Adobe’s plans for a long time and is expected to decrease the number of outdated Flash Player installations that attackers can target.

“The new background updater will provide a better experience for our customers, and it will allow us to more rapidly respond to zero-day attacks,” said Peleus Uhley, platform security strategist at Adobe. “This model for updating users is similar to the Google Chrome update experience, and Google has had great success with this approach. We are hoping to have similar success.”

The move was welcomed by Thomas Kristensen, chief security officer at Secunia, which develops the popular Personal Software Inspector (PSI) patch management program.

“A silent and automatic updating mechanism for Flash would help the majority of users. A more consistent and rapid updating of the user base is likely to impact the attackers’ preferences for Flash,” he said.

Of course, this will only happen after the vast majority of users upgrade to Flash Player 11.2 or a later version using the old method that requires explicit approval.

When Adobe Flash Player 11.2 is installed, users are asked to choose an update method. The available choices are: install updates automatically when available (recommended), notify me when updates are available, and never check for updates (not recommended).

The silent updater will try to contact Adobe’s update server every hour until it succeeds. If it receives a valid response from the server that no update is available, it will wait 24 hours before checking again.

For now, the automatic update option is only available for Flash Player on Windows, but Adobe is working on implementing it for Mac versions as well, Uhley said.

However, even if the automatic update option is enabled, Adobe will decide on a case-by-case basis which updates will be deployed silently and which won’t. Those that change the Flash Player default settings will require user interaction.

The new updater will update all Flash Player browser plug-ins installed on the system at the same time. “This will solve the problem of end-users having to update Flash Player for Internet Explorer separately from Flash Player for their other open source browsers,” Uhley said.

In addition to keeping the Flash Player install base up to date more easily and reducing the time required to effectively respond to zero-day attacks – attacks that exploit previously unknown vulnerabilities – the new silent updater could also reduce the number of scams that distribute malware as Flash Player updates.

“The pretext of a Flash Player update has been intensively used by cyber-crooks to lure users into downloading malicious content,” said Bogdan Botezatu, a senior e-threat analyst at antivirus vendor BitDefender. “By eliminating the update wizard, users will likely get more difficult to con on the pretext of a legitimate update required by an application they trust.”

Unfortunately, this silent update model can’t be applied to all applications, Botezatu said. He gave the example of Internet Explorer 6, which Microsoft is trying to phase out, but that companies still widely use because their business applications are dependent on it and don’t work on newer versions.

Adobe is doing its part to convince users to move away from Internet Explorer 6 by dropping support for the browser from upcoming Flash Player versions. “We will no longer include testing on Internet Explorer 6 in our certification process and strongly encourage users to upgrade to the newest version of Internet Explorer,” Uhley said.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1de731e0/l/0Lnews0Btechworld0N0Csecurity0C33478370Cflash0Eplayer0E1120Efixes0Ecritical0Evulnerabilities0Eadds0Esilent0Eupdates0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Google Chrome update fixes 12 vulnerabilities and patches Flash Player

Google released a new version of its Chrome browser in order to update the bundled Flash Player plug-in and address serious security vulnerabilities.

Google Chrome 17.0.963.56 fixes 12 security flaws, seven of which are considered high severity, four of medium severity and one of low severity.

Security researcher Jüri Aedla received a special $1,337 reward for discovering and reporting an integer overflow vulnerability in libpng, the library used by Chrome to process PNG images.

Other high-severity flaws were identified in the browser’s PDF codecs, its subframe loading, h.264 parsing and path rendering components, as well as its MKV, database, column and counter node handling code.

In theory these vulnerabilities should be considered critical because they could facilitate the remote execution of arbitrary code on the targeted systems.

However, because Google Chrome has a sandboxed architecture, exploiting these vulnerabilities alone would not provide attackers with the necessary level of access to run malicious code.

Six vulnerabilities patched in this release were discovered with the help of an open-source tool called AddressSanitizer, Google Chrome engineer Jason Kersey said in a blog post on February 15.

Chrome 17.0.963.56 also includes a new Flash Player version that Adobe released earlier this week, Kersey said. The Flash Player update addresses seven critical security flaws.

Google paid a total of $6,837 to security researchers who reported vulnerabilities patched in this release. The company recently expanded its Chromium Security Rewards Program to also cover vulnerabilities found in Chrome OS.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1cb7e4c7/l/0Lnews0Btechworld0N0Csecurity0C3338140A0Cgoogle0Echrome0Eupdate0Efixes0E120Evulnerabilities0Epatches0Eflash0Eplayer0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

OpenSSL patch fixes DoS vulnerability introduced by last patch

The OpenSSL Project has released new versions of the popular OpenSSL library in order to address a denial-of-service (DoS) vulnerability that was introduced by a critical patch issued on Jan. 6.

“A flaw in the fix to CVE-2011-4108 can be exploited in a denial of service attack,” the OpenSSL developers warned in a newly published advisory. The issue has been addressed in the new OpenSSL 1.0.0g and 0.9.8t versions.

CVE-2011-4108 refers to a serious vulnerability in OpenSSL’s implementation of the DTLS (Datagram Transport Layer Security) protocol, which allows attackers to decrypt secured communications without knowing the encryption key.

The vulnerability was discovered by Nadhem Alfardan and Kenny Paterson of the Information Security Group at Royal Holloway, University of London (RHUL), while investigating weaknesses in the CBC (Cipher-block chaining) mode of operation.

The researchers plan to present their “padding oracle attack” against DTLS at the 19th Annual Network Distributed System Security (NDSS) Symposium in February. Padding oracle attacks work by analyzing timing differences that arise during the decryption process in order to recover plain text from encrypted communications.

Users who have not yet upgraded to OpenSSL 1.0.0f or 0.9.8s in order to protect their DTLS applications against CVE-2011-4108, are advised to upgrade directly to the newly released OpenSSL 1.0.0g or 0.9.8t.

OpenSSL is available for a wide variety of platforms, including Linux, Solaris, Mac OS X, BSD, Windows and OpenVMS. Some of these operating systems include OpenSSL by default and deliver updates for it through their own channels.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1c0e6e98/l/0Lnews0Btechworld0N0Csecurity0C33318520Copenssl0Epatch0Efixes0Edos0Evulnerability0Eintroduced0Eby0Elast0Epatch0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

PHP fixes hash collision DoS vulnerability in PHP 5.3.9

The PHP development team has released version 5.3.9 of the popular Web development platform in order to address a recently disclosed denial-of-service (DoS) vulnerability, as well as other security issues and bugs.

The DoS vulnerability was disclosed in December 2011 at the Chaos Communication Congress, Europe’s largest hacker conference, by security researchers Alexander Klink and Julian Wälde. It affects a number of development platforms including PHP, ASP.NET, Java and Python.

Identified as CVE-2011-4885, the vulnerability allows an attacker to perform what is known as a hash collision attack by forcing the server to process a specially crafted form that contains thousands of values.

This type of HTTP request can trigger a computationally intensive routine, resulting in a denial-of-service condition. For ASP.NET, a request of approximately 100KB in size can consume 100 percent of a CPU core for 90 to 110 seconds.

Sending multiple requests can have an impact on the responsiveness of even a cluster of servers that use multicore processors. The newly released PHP 5.3.9 fixes this issue by adding a max_input_vars directive to the configuration file.

A separate DoS vulnerability that can be exploited to read arbitrary memory locations was also addressed in this release. Identified as CVE-2011-4566, the flaw stems from a bug in the PHP function that parses exif headers. Attackers can exploit the vulnerability by tricking the server into processing JPEG files with specially crafted offset_val values in their Exif headers.

In addition to patching these two vulnerabilities, PHP 5.3.9 contains fixes for a large number of non-security-related bugs, as well as various enhancements.

This stable release comes after the development team made available the fifth release candidate for the upcoming PHP 5.4. “The next and probably last release candidate will be released in 14 days,” the developers said at the time.

Earlier this week, a user affiliated with the Anonymous hacktivist movement released working attack code for the hash collision DoS vulnerability in ASP.NET. A similar exploit for the PHP version would not be hard to produce. “All users are strongly encouraged to upgrade to PHP 5.3.9,” the platform’s developers said.

Article source: http://rss.feedsportal.com/c/270/f/3551/s/1bc9ebaf/l/0Lnews0Btechworld0N0Capplications0C332990A70Cphp0Efixes0Ehash0Ecollision0Edos0Evulnerability0Ein0Ephp0E5390C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Microsoft fixes .NET security holes

Microsoft has released an out-of-band update that fixes four security holes in .NET, one of which could allow privilege…

View full post on could security – Yahoo! News Search Results

View full post on National Cyber Security

Microsoft fixes Duqu hole, but not BEAST problem

Microsoft pulls patch to protect IE users from flaw in SSL protocol after running into compatibility issue.

View full post on bank security hacker – Yahoo! News Search Results

View full post on National Cyber Security

Facebook denies file-sharing vulnerability, then quietly fixes it

Facebook has apparently fixed a vulnerability in its social-networking site after insisting it wasn’t a weakness and didn’t need to be remedied.

Nathan Power, who works for the technology consultancy CDW, updated his blog on Tuesday to reflect that the flaw had been fixed. The problem allowed a user to send another user an executable attachment by using Facebook’s “Message” feature.

The sender and the recipient did not have to be confirmed friends. Power, who notified Facebook on Sept. 30, found that Facebook parses part of a POST request to the server to see if the file being sent should be allowed. Usually, executable files are rejected.

But Power found that if he modified the POST request with an extra space after the file name for the attachment, it would go through. If a victim accepted the file, the person would still need to launch it in order for malicious software to be installed.

The danger is that Facebook could be used for so-called spear phishing, or targeted attacks with the intention of loading malware on a victim’s machine. The style of attack has been successful against companies such as RSA, which leaked information related to its SecurID authentication and disclosed the issue in March.

At least one defense contractor was subsequently attacked following the RSA breach.

Facebook’s security manager, Ryan McGeehan, said in a statement last week that a successful attack using the vulnerability would require social engineering and also would only allow the attacker to send an obfuscated renamed file to another user one at a time. Facebook this week continued to insist that a fix was not necessary.


Article source: http://rss.feedsportal.com/c/270/f/3551/s/19c29522/l/0Lnews0Btechworld0N0Csecurity0C33151740Cfacebook0Edenies0Efile0Esharing0Evulnerability0Ethen0Equietly0Efixes0Eit0C0Dolo0Frss/story01.htm

View full post on National Cyber Security » Computer Hacking

Page 1 of 212»

Get The New Book By Gregory Evans

Everyone Is Talking About!

Are You Hacker Proof?
$15.95

Find Out More, Click Here!