Welcome to the Network Security website at the IAS

This website is intended to bring you the latest news, how to's, tools and resources in Information Security.  Security Awareness of our Faculty, Members and Staff is key in creating a safer computing environment.

The three major Principles of Information Security, Availability, Integrity and Confidentiality, will be covered throughout the security awareness program at the Institute.  For a description of these principles, please see our About section.

In keeping with the spirit of the Institute, I encourage questions and open discussions about security.  And if you discover anything out of the ordinary, please feel free to bring it to my attention so that we can work together to create a more productive, safer environment.

Thanks,
Brian Epstein <security@ias.edu>
twitter: @epepepep


APPLE-SA-2010-03-29-1 Security Update 2010-002 / Mac OS X v10.6.3 fixes 69 vulnerabilities

http://support.apple.com/kb/HT1222

Apple has released Mac OS X v10.6.3 which addresses several security
vulnerabilities. This includes arbitrary code execution with spell
check, firewall rule inactivation, non-authorized AFP mounting,
directory traversal, and more.

In all, 69 vulnerabilities were patched.

It is recommended that Mac OS X v10.6.x users update to v10.6.3 to
mitigate these risks.

Thanks,
Brian

HP Small Form Factor or Microtower PC with Broadcom Integrated NIC Firmware, Remote Execution of Arbitrary Code

http://permalink.gmane.org/gmane.comp.security.bugtraq/42791

"A potential vulnerability (CVE-2010-0104) has been identified with
certain HP Small Form Factor and Microtower PCs with Broadcom
Integrated NIC Firmware [in versions earlier than v1.40.0.0 and
earlier than v8.08]. The vulnerability could be remotely exploited to
execute arbitrary code."

MFSA 2010-08 Firefox 3.6.2 released early

http://www.mozilla.com/en-US/firefox/3.6.2/releasenotes/

Mozilla was originally going to release 3.6.2 on March 30.

"Firefox 3.6.2 fixes the following issues found in previous versions of
Firefox 3.6:

* Fixed a critical security issue that could potentially allow
remote code execution (see bug 552216).
* Fixed several additional security issues.
* Fixed several stability issues."

It is recommended that all Firefox 3.6.x users update to 3.6.2.

MFSA 2010-08 Firefox 3.6.2 released early

http://www.mozilla.com/en-US/firefox/3.6.2/releasenotes/

Mozilla was originally going to release 3.6.2 on March 30.

"Firefox 3.6.2 fixes the following issues found in previous versions of
Firefox 3.6:

* Fixed a critical security issue that could potentially allow
remote code execution (see bug 552216).
* Fixed several additional security issues.
* Fixed several stability issues."

It is recommended that all Firefox 3.6.x users update to 3.6.2.

Opera 10.51 for Windows Released

http://my.opera.com/desktopteam/blog/2010/03/22/opera-10-51-for-windows-...

" Opera 10.51 for Windows changelog
Release notes

Release date: March 22, 2010

Opera 10.51 is a recommended security and stability upgrade. Opera
highly recommends all users to upgrade to Opera 10.51 to take advantage
of these improvements. "

http://www.opera.com/docs/changelogs/windows/1051/

HP Small Form Factor or Microtower PC with Broadcom Integrated NIC Firmware, Remote Execution of Arbitrary Code

http://permalink.gmane.org/gmane.comp.security.bugtraq/42791

"A potential vulnerability (CVE-2010-0104) has been identified with
certain HP Small Form Factor and Microtower PCs with Broadcom
Integrated NIC Firmware [in versions earlier than v1.40.0.0 and
earlier than v8.08]. The vulnerability could be remotely exploited to
execute arbitrary code."

MFSA 2010-08 Firefox 3.6.2 released early

http://www.mozilla.com/en-US/firefox/3.6.2/releasenotes/

Mozilla was originally going to release 3.6.2 on March 30.

"Firefox 3.6.2 fixes the following issues found in previous versions of
Firefox 3.6:

* Fixed a critical security issue that could potentially allow
remote code execution (see bug 552216).
* Fixed several additional security issues.
* Fixed several stability issues."

It is recommended that all Firefox 3.6.x users update to 3.6.2.

Pages