Posts tagged as:

Update

MS10-015 security update re-released

by certifiedbug on March 3, 2010

in Microsoft

The Microsoft Security Response Center (MSRC)
Jerry Bryant
Sr. Security Communications Manager Lead

I am writing to let you know that we have revised the installation packages for MS10-015 with new logic that prevents the security update from being installed on systems if certain abnormal conditions exist. Such conditions could be the result of an infection with a computer virus such as the Alureon rootkit. If these conditions are detected, the update will not be installed and the result will be a standard Windows Update error. If a user receives this error, they should go to the following landing page for additional help:

http://www.microsoft.com/security/updates/015

At this time, we have resumed offering the update to all affected systems via Automatic Updates.

We have also released a Microsoft Fix It as a standalone scanning tool that reports on the compatibility of a system with the MS10-015 update. The scanning tool can also be deployed through enterprise deployment systems allowing administrators to detect compatibility with the update before deploying broadly. The Fix It and deployment information are available at Microsoft Knowledge Base Article 980966.

Customers who believe they have experienced a restart issue after installing MS10-015, are encouraged to visit our Customer Service and Support page at https://consumersecuritysupport.microsoft.com or call 1-866-PCSafety (1-866-727-2338). International customers can find local support contact numbers here: http://support.microsoft.com/common/international.aspx.

Update: note that the update will not be re-offered to those who have already successfully installed the update.

http://blogs.technet.com/msrc/archive/2010/03/02/update-ms10-015-security-update-re-released-with-new-detection-logic.aspx

{ 0 comments }

Adobe Flash Player Security update available

by certifiedbug on February 11, 2010

in Internet Security

All Platforms
Vulnerability identifier: APSB10-06
CVE number: CVE-2010-0186, CVE-2010-0187

A critical vulnerability (CVE-2010-0186) could subvert the domain sandbox and make unauthorized cross-domain requests.

Affected software versions
Adobe Flash Player 10.0.42.34 and earlier versions
Adobe AIR 1.5.3.1920 and earlier versions

To verify the Adobe Flash Player version number installed on your system, access the About Flash Player page, or right-click on content running in Flash Player and select “About Adobe (or Macromedia) Flash Player” from the menu. If you use multiple browsers, perform the check for each browser you have installed on your system.

To verify the Adobe AIR version number installed on your system, access the Adobe AIR TechNotefor instructions.

Use the auto-update mechanism within the product and upgrade to version 10.0.45.2 when prompted or go to the Adobe Flash Player Download Center

This update also resolves a potential Denial of Service issue (CVE-2010-0187).

http://www.adobe.com/support/security/bulletins/apsb10-06.html

{ 0 comments }

Firefox 3.6 Released

January 21, 2010

Notable Firefox 3.6 features include:

Available in more than 70 languages – get your local version.
Support for a new type of theme called Personas, which allow users to change Firefox’s appearance with a single click.
Protection from out-of-date plugins to keep users safer as they browse.
Open, native video can now be displayed full [...]

Read the full article →

Advance Notification for Out-of-Band Bulletin Release

January 20, 2010

The Microsoft Security Response Center (MSRC)
Today we issued our Advanced Notification Service (ANS) to advise customers that we will be releasing MS10-002 tomorrow, January 21st, 2010. We are planning to release the update as close to 10:00 a.m. PST (UTC -8) as possible. This is a standard cumulative update, accelerated from our regularly scheduled [...]

Read the full article →

Firefox 3.5.7 released

January 5, 2010

Fixed in Firefox 3.5.7

A common stability issue.

A problem with how updates were being presented to users.

If you don’t receive the update notice when using the program select “Check for Updates” from the Help menu.
Firefox 3.5.7
Download
Release Notes

Read the full article →

Update released for MS09-054

November 3, 2009

Microsoft released the update Monday, November 02, 2009.
976749 addresses two issues with MS09-054 that a limited number of customers reported.
These two issues can affect the proper display of web pages. For additional details, please refer to Microsoft Knowledge Base article 976749.
Security update MS09-054 was released as part of the October Security Bulletin Release [...]

Read the full article →

Firefox 3.5.1 available

July 17, 2009

Known Issues: Release Notes
Firefox v3.5.1: Download
The upgrade fixes: Firefox 3.5 Critical JavaScript vulnerability

Read the full article →

Apple patches security holes in iTunes QuickTime

June 2, 2009

About the security content of iTunes 8.2
Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution.
Fixes a stack buffer overflow.
About the security content of QuickTime 7.6.2
Fixes a number of security vulnerabilities.
Apple Security Updates

Read the full article →

Firefox 3.0.10 Released

April 27, 2009

What’s New in Firefox 3.0.10
Firefox 3.0.10 fixes two issues found in Firefox 3.0.9. (released April 21, 2009. I held off on that one).

Fixed: a Critical security issue

MFSA 2009-23 Crash in nsTextFrame::ClearTextRun

Fixed: a major stability issue

See the Firefox 3.0.9 release notes for changes in previous releases.
Update from within browser. Help > Check for Updates, or [...]

Read the full article →

Firefox 3.0.8 Released

March 27, 2009

Firefox 3.0.8 fixes two critical security issues found in Firefox 3.0.7.
MFSA 2009-13 Arbitrary code execution through XUL element
MFSA 2009-12 XSL Transformation vulnerability
Reference: CVE-2009-1044
Update from within browser or download from Mozilla

Read the full article →

← Previous Entries