Welcome to the Network Security website at the IAS
This website is intended to bring you the latest news, how to's, tools and resources in Information Security. Security Awareness of our Faculty, Members and Staff is key in creating a safer computing environment.
The three major Principles of Information Security, Availability, Integrity and Confidentiality, will be covered throughout the security awareness program at the Institute. For a description of these principles, please see our About section.
In keeping with the spirit of the Institute, I encourage questions and open discussions about security. And if you discover anything out of the ordinary, please feel free to bring it to my attention so that we can work together to create a more productive, safer environment.
Brian Epstein <firstname.lastname@example.org>
Multiple vulnerabilities in Mac OS X v10.6 through v10.6.6 are fixed
with this patch to v10.6.7.
It is recommended that Mac OS X v10.6.x users update to v10.6.7.
"A man-in-the-middle attacker may be able to cause an unexpected
application termination or arbitrary code execution"
This vulnerability specifically targets PackageKit. It is recommended
that Mac OS X 10.6 users upgrade to 10.6.6.
"Google Chrome is prone to multiple vulnerabilities.
Attackers can exploit these issues to execute arbitrary code in the
context of the browser, cause denial-of-service conditions, gain access
to sensitive information, and bypass intended security restrictions;
other attacks are also possible.
Versions prior to Chrome 8.0.552.215 are vulnerable. "
It is recommended that Google Chrome users upgrade to the latest
"The Opera web browser is prone to a vulnerability that may aid in
convincing a victim to download malicious content, an
information-disclosure vulnerability, and multiple unspecified
vulnerabilities with high severity.
An attacker can exploit these issues to trick users into downloading
malicious content or to gain potentially sensitive information; other
attacker are also possible.
Opera versions prior to 11.00 are vulnerable. "
On August 20th, VSR identified multiple memory corruption
vulnerabilities in OpenOffice.org. By convincing a victim to open a
maliciously crafted RTF or Word document, arbitrary code may be executed
on the victim's machine. "
Users should install updates provided by downstream distributions or
upgrade to version 3.3. "