Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2008-06-20 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Safari 3.1.2 for Windows released to address vulnerabilities

Published: 2008-06-20
Last Updated: 2008-06-21 04:29:50 UTC
by Patrick Nolan (Version: 2)
0 comment(s)

Safari 3.1.2 for Windows was released to address;

CVE-ID: CVE-2008-1573
Available for: Windows XP or Vista
Impact: Viewing a maliciously crafted BMP or GIF image may lead to information disclosure

CVE-ID: CVE-2008-2540
Available for: Windows XP or Vista
Impact: Saving untrusted files to the Windows desktop may lead to the execution of arbitrary code

CVE-ID: CVE-2008-2306
Available for: Windows XP or Vista
Impact: Visiting a malicious website which is in a trusted Internet Explorer zone may lead to the automatic execution of arbitrary code

From - "About the security content of Safari 3.1.2 for Windows"

Safari 3.1.2 for Windows - "This update is recommended for all Safari Windows users and includes stability improvements and the latest security updates".

Thanks to all of the folks that submitted links!

Keywords:
0 comment(s)

BackTrack 3 Released

Published: 2008-06-20
Last Updated: 2008-06-20 21:11:31 UTC
by Patrick Nolan (Version: 1)
0 comment(s)

Over at Remote-Exploit.Org, BackTrack 3 has been released. Thanks Max, Muts, MjM! and Raul.
The download link is BackTrack 3.

BackTrack

Keywords:
0 comment(s)

MS08-030 has a new patch, for XP SP2 & XP SP3

Published: 2008-06-20
Last Updated: 2008-06-20 01:20:41 UTC
by Patrick Nolan (Version: 1)
0 comment(s)

Microsoft issued a new patch, for XP SP2 & XP SP3, for MS08-030: Vulnerability in Bluetooth stack could allow remote code execution. "Customers who are running Windows XP Service Pack 2 and Windows XP Service Pack 3 should download and deploy this new security update. Customers running Windows XP Professional x64 Edition and Windows XP Professional x64 Edition Service Pack 2 and all supported versions of Windows Vista who have already applied these original security updates do not need to take any further action".

MS08-030: Vulnerability in Bluetooth stack could allow remote code execution

The Technet Security Vulnerability Research & Defense blog on the vulnerability was "MS08-030: All bark and no bite? The case of the Bluetooth update".

Related update- KB KB951376 Security Update for Windows XP 

Thanks for the heads-up Guy

Keywords:
0 comment(s)
Diary Archives