Welcome to the July edition of A Watchful UI.
Vulnerabilities and Patches
1. Microsoft Patch Tuesday addresses several actively exploited vulnerabilities
2. Google Chrome at version 20
3. HP Operations Agent updated to 11.03.12
1. Sophos for Mac now at version 8.0
2. Chrome to drop support for OS X 10.5
3. Mozilla to end new development on Thunderbird
4. Cross-platform web exploit gains popularity
5. Last months Java vulnerabilities are now being exploited
Microsoft has released nine security bulletins for Patch Tuesday. Three are rated as critical with the other six rated as important. The patches apply to Windows, Internet Explorer, and Office.
SANS Black Tuesday overview:
Pay special attention to the XML fix that was reported last month and has been responsible for public exploit of Internet Explorer – the patch is now available. Also, the VBA patch is critical as it could be exploited via Microsoft Office documents.
Google Chrome was updated to version 20. This fixed numerous vulnerabilities.
HP has updated their management software for multiple platforms because of a critical remote code execution vulnerability. If you have HP equipment, this may need quick attention.
Sophos for Mac has been updated to version 8 for most of campus. While the Home/Personal download still supplies version 7.3, machines should auto-update to version 8 at next update. The UI version will install directly as version 8.0.4. In addition to Mountain Lion (OSX 10.8) compatibility, version 8 now has scheduled scans.
Google will also soon be dropping Chrome support for OS X 10.5 (leopard). It plans on dropping support by version 22.
Mozilla announced that it would be cutting back on Thunderbird development. While it will still receive security updates through the extended support release process, it will no longer be getting “innovation updates and no further interface updates.”
Be aware that there is a new attack that has been spotted that determines which operating system the machine is running (whether Windows, OS X, or Linux) and will then deliver a Trojan based on the results. This just goes to show that just because you don’t run Windows doesn’t mean you are safe from cyber threats
The popular Blackhole Exploit Kit is reportedly exploiting the latest Java vulnerabilities. If you have not yet updated to Java 6.0 update 33 (or 7.0 update 5 if you are not a Banner user), you should do so immediately or stay off the Net.
Always let us know if we can make enhancements to A Watchful UI, or if you have any other feedback or contributions.
Desktop Security Analyst
Desktop Security Assistant