Information Security all in one place!

Posts tagged “code execution

Microsoft Showing it’s Love – in Advance


Microsoft Security Bulletin Advance Notification for February 2012:

Microsoft has blessed us again with another Patch Tuesday. Here is advanced notification of 9 Bulletins for Valentine’s Day.

IE update likely the one users will want to apply ASAP, say researchers


9 Security related bulletins have been issued to close 21 Vulnerabilities

  • 4 Critical – Microsoft Windows (2) – Remote Code Execution,  Microsoft Windows – Internet Explorer (1) – Remote Code Execution, Microsoft .NET Framework (1) – Remote Code Execution, Microsoft Silverlight (1) – Remote Code Execution
    English: M in blue square (similar to seen on )
  • 5 Important –  Microsoft Windows (2) – Remote Code Execution,  Microsoft Windows (1) – Elevation of Privilege, Microsoft Office – Windows Server Software (1) – Elevation of Privilege,  Microsoft Office  (1) – Elevation of Privilege

The full version of the Microsoft Security Bulletin Advance
Notification for February 2012 can be found at: http://technet.microsoft.com/security/bulletin/ms12-feb.

This bulletin advance notification will be replaced with the February bulletin summary on February 14, 2012. For more information about the bulletin advance notification service, see Microsoft Security Bulletin Advance Notification

Past Notifications:

February 10, 2012 | Categories: Exploit, General, General Security, Home Office, Home User, Network Management, Network Security, Patching, Remote Code Execution, Security, Security Advisory, Vulnerabilities | Tags: , , , , , , , , , , , , , | 2 Comments

php5 Security Update: Recent PHP security update is flawed


Debian Security Advisory DSA-2403-1

php5 remote code execution, after problems were patched.

The PHP logo displaying the Handel Gothic font.

Image via Wikipedia

Stefan Esser discovered that the implementation of the max_input_vars configuration variable in a recent PHP security update was flawed such that it allows remote attackers to crash PHP or potentially execute code.

  • For the oldstable distribution (lenny), no fix is available at this time.
  • For the stable distribution (squeeze), this problem has been fixed in version 5.3.3-7+squeeze7.
  • The testing distribution (wheezy) and unstable distribution (sid) will be fixed soon.

Recommended that you upgrade your php5 packages.

Further information about Debian Security Advisories,
found at: http://www.debian.org/security/

Related articles

February 3, 2012 | Categories: Malware, Patching, remote attackers, Remote Code Execution, Security, Security Advisory, Vulnerabilities, Zero-Day | Tags: , , , , , , , , , , , , , , , | Leave a comment

NSIT Patch Notification: Symantec PCAnywhere Local Privilege Escalation, Remote Code


Edward Torkington of NGS Secure has discovered a high risk vulnerability in Symantec PCAnywhere

Impact: Local Privilege Escalation

Versions affected:

Symantec pcAnywhere 12.5.x
IT ManagementSuite 7.0 pcAnywhere Solution 12.5.x

IT Management Suite 7.1 pcAnywhere Solution 12.6.x

An updated version of the software has been released to address these vulnerabilities:
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00

Image representing Symantec as depicted in Cru...

Image via CrunchBase

NGS Secure is going to withhold details of this flaw for three months. This three month window will allow users the time needed to apply the patch before the details are released to the general public. This reflects the NGS Secure approach to responsible disclosure.

Edward Torkington of NGS Secure has discovered a critical vulnerability in Symantec PCAnywhere

Impact: Remote Code Execution (pre-auth) as SYSTEM

Versions affected:
Symantec pcAnywhere 12.5.x
IT Management Suite 7.0 pcAnywhere Solution 12.5.x
IT Management Suite 7.1 pcAnywhere Solution 12.6.x

An updated version of the software has been released to address these vulnerabilities:
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120124_00

NGS Secure is going to withhold details of this flaw for three months. This three month window will allow users the time needed to apply the patch before the details are released to the general public. This reflects the NGS Secure approach to responsible disclosure.

NGS Secure Research
http://www.ngssecure.com

Related articles

January 26, 2012 | Categories: Anonymous, Cryptography, Encryption, General Security, Network Management, Network Security, Networking, PCAnywhere, Security, Security Advisory, source code, Vulnerabilities, Zero-Day | Tags: , , , , , , , , , , , , , , | 1 Comment