======================================================================== The Secunia Weekly Advisory Summary 2009-11-20 - 2009-11-27 This week: 40 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: If you have secured your Windows, what about your doors? Vulnerabilities do not only exist in MS based systems! The majority of "break-ins" are occurring through 3rd party applications such as, Adobe reader, Adobe flash player, plugins and browsers. Are you sure all your systems are updated? And if they are, how will you be able to verify it? Click here to learn more: http://secunia.com/vulnerability_scanning/corporate/ ======================================================================== 2) This Week in Brief: A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to compromise a user's system. For more information, refer to: http://secunia.com/advisories/37448/ -- A vulnerability has been discovered in the infoRSS extension for Firefox, which can be exploited by malicious people to compromise a user's system. For more information, refer to: http://secunia.com/advisories/37467/ -- A vulnerability has been discovered in the Sage extension for Firefox, which can be exploited by malicious people to compromise a user's system. For more information, refer to: http://secunia.com/advisories/37466/ -- VMware has issued updates for multiple packages. These fix vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, by malicious users to disclose sensitive information or manipulate certain data, and by malicious people to disclose sensitive information, conduct cross-site scripting attacks, manipulate certain data, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system. For more information, refer to: http://secunia.com/advisories/37460/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: For more information on how to receive alerts on these vulnerabilities, subscribe to the Secunia business solutions: http://secunia.com/advisories/business_solutions/ 1. [SA37448] Internet Explorer Layout Handling Memory Corruption Vulnerability 2. [SA37318] Microsoft Windows Win32k Kernel-Mode Driver Multiple Vulnerabilities 3. [SA24314] Internet Explorer Charset Inheritance Cross-Site Scripting Vulnerability 4. [SA35948] Adobe Flash Player Multiple Vulnerabilities 5. [SA37314] Windows Web Services on Devices API Memory Corruption Vulnerability 6. [SA37273] Google Chrome Two Vulnerabilities 7. [SA36983] Adobe Reader/Acrobat Multiple Vulnerabilities 8. [SA37313] Apple Mac OS X Security Update Fixes Multiple Vulnerabilities 9. [SA37277] Microsoft Office Word File Information Block Parsing Buffer Overflow 10. [SA37309] Microsoft Windows Win32k Kernel-Mode Driver Privilege Escalation ======================================================================== 4) This Week in Numbers During the past week 40 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Platforms: Windows : 3 Secunia Advisories Unix/Linux : 21 Secunia Advisories Other : 1 Secunia Advisory Cross platform : 15 Secunia Advisories Criticality Ratings: Extremely Critical : 0 Secunia Advisories Highly Critical : 14 Secunia Advisories Moderately Critical : 11 Secunia Advisories Less Critical : 11 Secunia Advisories Not Critical : 4 Secunia Advisories ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support_at_private Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Sun Nov 29 2009 - 23:43:08 PST
This archive was generated by hypermail 2.2.0 : Sun Nov 29 2009 - 23:49:19 PST