ep's blog

Apple Updates for Multiple Vulnerabilities 2007-004

http://docs.info.apple.com/article.html?artnum=305391 - This is the second security update in as many months from Apple targetting Mac OS 10.3.9 through 10.4.9. This update fixes various vulnerabilities in the Macintosh operating system and related applications. There has been one IAS related report of difficulty with this update that required multiple reboots to resolve. It is recommended that this patch be tested and your users updated about the issues.

Microsoft Windows Animated Cursor Handling Vulnerability

http://www.kb.cert.org/vuls/id/191609 - It appears that a buffer overflow vulnerability is exploitable in using animated cursors that can be found on various websites and in emails. This affects versions of Microsoft Windows 2000, XP and Vista. The vulnerability allows for automatic opening of malicious websites and exection of code. Active exploitation of the vulnerability is currently ongoing.

Linux Kernel Multiple, Local, Denial of Service Vulnerabilities under v2.6.20.4

http://secunia.com/advisories/24618/. There exist multiple, local, IPv6 vulnerabilities in the Linux kernel prior to 2.6.20.4. These vulnerabilities could lead to local Denial of Service (DoS) attacks, including kernel crash. This can be exploited locally, no remote exploitation has been reported at this time.

Pages