Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2014-06-10 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Sampling Bias

Published: 2014-06-10
Last Updated: 2014-06-10 23:29:31 UTC
by Daniel Wesemann (Version: 1)
0 comment(s)

Today, I was researching a rather complex subject, and it brought me to dozens of web sites to catch up on the latest techie clue. And what felt like half of the web pages popped up that obnoxious
 

HI. CAN WE ASK YOU A COUPLE QUESTIONS ABOUT OUR WEB SITE?

[YES]  [NOT RIGHT NOW]


insert that seems to be all too common these days. Who on earth is clicking "yes" on these?? Or, put differently, how irrelevant must the results of such "surveys" be if the respondents probably all are bored loafers who have unlimited time on their hands, and don't mind to be distracted from their work by an (end|use|point)less survey that intrudes into the thought process, clamoring for attention?

It's what statisticians call "sampling bias". Something like going to a pub to determine if people like alcoholic beverages. Surprise surprise, many of them do :). I suspect the results of such web site "surveys" are similar: WOW!! 96% of the respondents say our web page is cool!!1)

 


1) n=18 / N=1'284'154

 

Keywords: survey web
0 comment(s)
Mozilla Patches - Firefox to 30, ESR to 24.6, Thunderbird to 24.6. See https://www.mozilla.org/security/known-vulnerabilities/

Microsoft Patch Tuesday June 2014

Published: 2014-06-10
Last Updated: 2014-06-10 18:08:54 UTC
by Alex Stanford (Version: 1)
1 comment(s)

Overview of the Jun 2014 Microsoft patches and their status.

# Affected Contra Indications - KB Known Exploits Microsoft rating(**) ISC rating(*)
clients servers
MS14-030 Vulnerability in Remote Desktop Could Allow Tampering
Microsoft Windows

CVE-2014-0296
KB 2969259 . Severity:Important
Exploitability: 1
Important Important
MS14-031 Vulnerability in TCP Protocol Could Allow Denial of Service
Microsoft Windows

CVE-2014-1811
KB 2962478 . Severity:Important
Exploitability: 1
Important Important
MS14-032 Vulnerability in Microsoft Lync Server Could Allow Information Disclosure
Microsoft Lync Server

CVE-2014-1823
KB 2969258 . Severity:Important
Exploitability: 1
N/A Important
MS14-033 Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure
Microsoft Windows

CVE-2014-1816
KB 2966061 . Severity:Important
Exploitability: 1
Important Important
MS14-034 Vulnerability in Microsoft Word Could Allow Remote Code Execution
Microsoft Office

CVE-2014-2778
KB 2969261 . Severity:Important
Exploitability: 1
Critical Important
MS14-035 Cumulative Security Update for Internet Explorer
Microsoft Windows, Internet Explorer
CVE-2014-0282 CVE-2014-1762 CVE-2014-1764 CVE-2014-1766 CVE-2014-1769 CVE-2014-1770 CVE-2014-1772 CVE-2014-1773 CVE-2014-1774 CVE-2014-1775 CVE-2014-1778 CVE-2014-1779 CVE-2014-1780 CVE-2014-1781 CVE-2014-1782 CVE-2014-1783 CVE-2014-1784 CVE-2014-1785 CVE-2014-1786 CVE-2014-1788 CVE-2014-1789 CVE-2014-1790 CVE-2014-1791 CVE-2014-1792 CVE-2014-1794 CVE-2014-1795 CVE-2014-1796 CVE-2014-1797 CVE-2014-1799 CVE-2014-1800 CVE-2014-1802 CVE-2014-1803 CVE-2014-1804 CVE-2014-1805 CVE-2014-2753 CVE-2014-2754 CVE-2014-2755 CVE-2014-2756 CVE-2014-2757 CVE-2014-2758 CVE-2014-2759 CVE-2014-2760 CVE-2014-2761 CVE-2014-2763 CVE-2014-2764 CVE-2014-2765 CVE-2014-2766 CVE-2014-2767 CVE-2014-2768 CVE-2014-2769 CVE-2014-2770 CVE-2014-2771 CVE-2014-2772 CVE-2014-2773 CVE-2014-2775 CVE-2014-2776 CVE-2014-2777 CVE-2014-0282 CVE-2014-1762 CVE-2014-1764 CVE-2014-1766 CVE-2014-1769 CVE-2014-1770 CVE-2014-1771 CVE-2014-1772 CVE-2014-1773 CVE-2014-1774 CVE-2014-1775 CVE-2014-1777 CVE-2014-1778 CVE-2014-1779 CVE-2014-1780 CVE-2014-1781 CVE-2014-1782 CVE-2014-1783 CVE-2014-1784 CVE-2014-1785 CVE-2014-1786 CVE-2014-1788 CVE-2014-1789 CVE-2014-1790 CVE-2014-1791 CVE-2014-1792 CVE-2014-1794 CVE-2014-1795 CVE-2014-1796 CVE-2014-1797 CVE-2014-1799 CVE-2014-1800 CVE-2014-1802 CVE-2014-1803 CVE-2014-1804 CVE-2014-1805 CVE-2014-2753 CVE-2014-2754 CVE-2014-2755 CVE-2014-2756 CVE-2014-2757 CVE-2014-2758 CVE-2014-2759 CVE-2014-2760 CVE-2014-2761 CVE-2014-2763 CVE-2014-2764 CVE-2014-2765 CVE-2014-2766 CVE-2014-2767 CVE-2014-2768 CVE-2014-2769 CVE-2014-2770 CVE-2014-2771 CVE-2014-2772 CVE-2014-2773 CVE-2014-2775 CVE-2014-2776 CVE-2014-2777
KB 2969262 . Severity:Critical
Exploitability: 1
Critical Critical
MS14-036 Vulnerabilities in Microsoft Graphics Component Could Allow Remote Code Execution
Microsoft Windows, Microsoft Office, Microsoft Lync

CVE-2014-1817
CVE-2014-1818
KB 2967487 . Severity:Critical
Exploitability: 1
Critical Critical
We will update issues on this page for about a week or so as they evolve.
We appreciate updates
US based customers can call Microsoft for free patch related support on 1-866-PCSAFETY
(*): ISC rating
  • We use 4 levels:
    • PATCH NOW: Typically used where we see immediate danger of exploitation. Typical environments will want to deploy these patches ASAP. Workarounds are typically not accepted by users or are not possible. This rating is often used when typical deployments make it vulnerable and exploits are being used or easy to obtain or make.
    • Critical: Anything that needs little to become "interesting" for the dark side. Best approach is to test and deploy ASAP. Workarounds can give more time to test.
    • Important: Things where more testing and other measures can help.
    • Less Urt practices for servers such as not using outlook, MSIE, word etc. to do traditional office or leisure work.
    • The rating is not a risk analysis as such. It is a rating of importance of the vulnerability and the perceived or even predicted threatatches.

-- 
Alex Stanford - GIAC GWEB & GSEC,
Research Operations Manager,
SANS Internet Storm Center

Keywords: mspatchday
1 comment(s)
Diary Archives