Tagged: secure

Apple Multiple Security Updates, (Mon, Oct 20th) 0

Apple Multiple Security Updates, (Mon, Oct 20th)

Apple released security update today for iOS 8 and Apple TV 7. iOS 8.1 (APPLE-SA-2014-10-20-1 iOS 8.1) is now available for iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later, to addresses the following: Bluetooth CVE-2014-4448 House Arrest CVE-2014-4448 iCloud Data Access CVE-2014-4449 Keyboards CVE-2014-4450 Secure Transport CVE-2014-3566 Apple TV 7.0.1 (APPLE-SA-2014-10-20-2 Apple TV 7.0.1) is now available for Apple TV 3rd generation and later, to address the following: Bluetooth CVE-2014-4428 Secure Transport CVE-2014-3566 [1] https://support.apple.com/kb/HT1222 ———– Guy Bruneau IPSS Inc.

Cisco Security Advisory: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability, (Thu, Oct 16th) 0

Cisco Security Advisory: SSL Padding Oracle On Downgraded Legacy Encryption (POODLE) Vulnerability, (Thu, Oct 16th)

Advisory ID: cisco-sa-20141015-poodle Revision 1.0 For Public Release 2014 October 15 17:30 UTC (GMT) +——————————————————————— Summary +====== On October 14, 2014, a vulnerability was publicly announced in the Secure Sockets Layer version 3 (SSLv3) protocol when using a block cipher in Cipher Block Chaining (CBC) mode. SSLv3 is a cryptographic protocol designed to provide communication security, which has been superseded by Transport Layer Security (TLS) protocols. By exploiting this vulnerability, an attacker could decrypt a subset of the encrypted communication

VU#960193: AVG Safeguard and Secure Search ActiveX controls provides insecure methods 0

VU#960193: AVG Safeguard and Secure Search ActiveX controls provides insecure methods

Vulnerability Note VU#960193 AVG Safeguard and Secure Search ActiveX controls provides insecure methods Original Release date: 07 Jul 2014 | Last revised: 07 Jul 2014 Overview The AVG Secure Search toolbar, also known as AVG Safeguard includes an ActiveX control that provides a number of unsafe methods, which may allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the user. Description AVG Secure Search is a toolbar add-on for web browsers that “… provides an additional security layer while searching and surfing to protect you from infected websites.” One of the components provided by AVG Secure Search is an ActiveX control called ScriptHelperApi , which is provided by ScriptHelper.exe