| Index | Recent Threads | Unanswered Threads | Who's Active | Guidelines | Search |
 |
World Community Grid Forums
Category: Community
Forum: Chat Room
Thread: Security advisories thread: Those that may interest you. |
| No member browsing this thread |
|
Thread Status: Active Total posts in this thread: 53
|
|
| Author |
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
Just post them here, but please do some checking first and verify posted links are genuine [don't click on any link here or anywhere unless you see it going to a source you know... right click on link or hover over to see before you believe!]
----------------------------------------!) Big news, Adobe warned, and Symantec too , to disable Flash in your web browser [and it's hard to come by without]. An Italian company had their data hacked and all sorts of exploits were stolen from this 'security research' company and put out on the internet... all told 400GB worth of data. The page at Symantec explains for some browser how to disable. Here using NoScript, which by default is set to block Flash, with option to either temp or permanently allow flash -for that site only- 2) An OpenSSL bug was discovered, so that one needs updating, lest you choose to live dangerously: http://www.eweek.com/blogs/security-watch/ope...ing-certificate-risk.html. In amongst various Android versions are at risk. [Edit 1 times, last edit by Former Member at Jul 10, 2015 12:57:22 PM] |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
Great idea for a thread Rob!
I like the security stream on The Register: www.theregister.co.uk/security/ . They are pretty good at picking up on anything of relevance to folks like us. They reported both of the items you mention above. |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
For spanish-speaking members of the forums, I recommend Hispasec's "Una al Día" service and/or twitter account for up-to-date security alerts and information:
----------------------------------------Para los miembros que hablan español, les recomiendo el servicio "Una al Día" de Hispasec y/o su cuenta de Twitter para estar al día sobre alertas e información general de seguridad informática: http://unaaldia.hispasec.com/ https://twitter.com/unaaldia You can subscribe to their daily e-mail newsletter. I found out about the security problems described by SekeRob from them. Se pueden suscribir a su lista diaria de correo. Yo me enteré de los problemas de seguridad descritos por SekeRob a través de ellos. [Edit 2 times, last edit by Former Member at Jul 10, 2015 5:55:33 PM] |
||
|
|
theodolite
Advanced Cruncher Joined: Apr 11, 2014 Post Count: 119 Status: Offline |
The patch for Adobe was released 2 days ago, I believe.
----------------------------------------[Edit 1 times, last edit by theodolite at Jul 10, 2015 9:11:10 PM] |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
Mozilla does not 'believe' so... Firefox 39 is still blocking the flash plugins. So happens, more zero day hacks are underway and 2 more being patched as of today: http://www.eweek.com/security/adobe-to-patch-...o-day-flaws-in-flash.html
|
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
New zero-day found in Java -- not yet patched. See ElReg for details.
|
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
Hello again. There's a new new Adobe Flash/Shockwave plug-in, now 18.0.0.209 [.194 through .202 and anything before are not secure!]. Mozilla Firefox on their plug-in warning page at https://www.mozilla.org/en-US/plugincheck/?ut...mpaign=plugincheck-update link to https://get.adobe.com/flashplayer/
----------------------------------------Go and get it, if you need it. Be safe! (And again McAfee Scan gets dumped on you... rins and repeat: If you don't want it, uninstall it) [Edit 1 times, last edit by Former Member at Jul 18, 2015 4:02:29 PM] |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
More... 1.2GB worth of patches to my W7-64+Office2010/2013 system. The one that caught the eye was about the Windows RPC vulnerability... it's what BOINC uses to talk between the BOINC Manager and the (core) client.
----------------------------------------https://technet.microsoft.com/en-us/library/security/ms15-jul.aspx https://support.microsoft.com/en-us/kb/3077012 If it gets that far with system(s), BOINC will be the least of the worries. [Edit 1 times, last edit by Former Member at Jul 18, 2015 5:59:02 PM] |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
Some more background on the latest flasdh release 18.0.0.209... a bit more robust with help of the top search engine maker: http://www.eweek.com/security/adobe-secures-flash-with-help-from-google.html
|
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
|
||
|
|
|