Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

F-Secure and Trend Micro Release Critical Patches

Published: 2008-10-22
Last Updated: 2008-10-22 17:14:58 UTC
by Mari Nichols (Version: 1)
0 comment(s)

US-CERT has released information on two critical patches for F-Secure and Trend Micro security software.  As one of our readers, Roseman put it, time to keep your "keep-you-safe" software safe!  
 
Today, Trend Micro released patches affecting Office Scan versions 7.3 and 8.0.  The patches address a stack-based buffer overflow via HTTP request to server CGI modules. You can get further information about the respective patches here:

http://www.trendmicro.com/ftp/documentation/readme/OSCE_7.3_CriticalPatch_B1374_readme.txt

http://www.trendmicro.com/ftp/documentation/readme/OSCE_8.0_sp1p1_CriticalPatch_B3110_readme.txt
 

Yesterday, F-Secure released Security Bulletin FSC-2008-3 which addresses a RPM parsing vulnerability in which specially-made compressed file archives cancause an integer overflow.  This would apply if your program scans compressed files.  Read more about it here.

Mari Nichols    iMarSolutions

Keywords: FSecure Trend Micro
0 comment(s)
Diary Archives