Microsoft Windows users and those with Adobe Flash Player or Java installed, it’s time to update again! Microsoft released 13 updates to address some three dozen unique security vulnerabilities. Adobe issued security fixes for its Flash Player software that plugs at least 22 security holes in the widely-used browser component
Original release date: February 09, 2016 Microsoft has released 13 updates to address vulnerabilities in Microsoft software.
Overview of the February 2016 Microsoft patches and their status. # Affected Contra Indications – KB Known Exploits Microsoft rating (**) ISC rating (*) clients servers MS15-009 Cumulative Security Update for Internet Explorer (Replaces MS16-001 ) Internet Explorer CVE-2016-0041 , CVE-2016-0059 , CVE-2016-0060 , CVE-2016-0061 , CVE-2016-0062 , CVE-2016-0063 , CVE-2016-0064 , CVE-2016-0067 , CVE-2016-0068 , CVE-2016-0069 , CVE-2016-0071 , CVE-2016-0072 ,”> MS15-011 Cumulative Security Update for Microsoft Edge (Replaces KB3124266 ) Microsoft Edge CVE-2016-0060 , CVE-2016-0061 , CVE-2016-0062 , CVE-2016-0077 , CVE-2016-0080 ,”> Critical : Anything that needs little to become interesting”> Less Urt practices for servers such as not using outlook, MSIE, word etc
Normally, Oracle only releases patches every three months. However, they broke that cycle to release an emergency Java update. Watch today’s video to learn what it fixes, (Episode Runtime: 1:58 ) Direct YouTube Link: https://www.youtube.com/watch?v=u3OjtxHzZFs EPISODE REFERENCES: Oracle’s out-of-cycle Java advisory – Oracle Story on Oracle’s emergency Java patch – V3.co.uk Old Java installer might install malware – Digital Trends — Corey Nachreiner, CISSP ( @SecAdept )
TaoBao, China’s Ebay, suffered a major account hijack where attackers accessed over 20M user accounts. However, the attack wasn’t the fault of the e-commerce site itself. Watch today’s video to learn how this happened, why it should concern everyone in the world, and what you can do about it. (Episode Runtime: 2:47 ) Direct YouTube Link: https://www.youtube.com/watch?v=DVFmSIz4ITQ EPISODE REFERENCES: Over 20M TaoBao accounts hijacked in China – The Stack — Corey Nachreiner, CISSP ( @SecAdept )
Ne’er-do-wells have long abused a feature in Skype to glean the Internet address of other users. Indeed, many shady online services that can be hired to launch attacks aimed at knocking users offline bundle so-called “Skype resolvers” that let customers find a target’s last known location online
First the NSA, and now GCHQ.