Original release date: February 17, 2016 GNU glibc contains a buffer overflow vulnerability in the DNS resolver. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Vulnerability Note VU#457759 and the glibc Project Notification for additional details and to refer to their respective Linux or Unix-based OS vendor for an appropriate patch
Glibc is the standard C library that ships with mosts version of Linux. It includes many functions that handle the common tasks programs might need, such as looking up IP addresses associated with domain names
A Hacker (likely Hacktivist) claims to have breached the Department of Justice’s network, and has dumped FBI and DHS employee records to prove it. If you think he used some advanced attack to crack the government’s systems, you’d be wrong
Original release date: February 09, 2016 Microsoft has released 13 updates to address vulnerabilities in Microsoft software.
Overview of the February 2016 Microsoft patches and their status. # Affected Contra Indications – KB Known Exploits Microsoft rating (**) ISC rating (*) clients servers MS15-009 Cumulative Security Update for Internet Explorer (Replaces MS16-001 ) Internet Explorer CVE-2016-0041 , CVE-2016-0059 , CVE-2016-0060 , CVE-2016-0061 , CVE-2016-0062 , CVE-2016-0063 , CVE-2016-0064 , CVE-2016-0067 , CVE-2016-0068 , CVE-2016-0069 , CVE-2016-0071 , CVE-2016-0072 ,”> MS15-011 Cumulative Security Update for Microsoft Edge (Replaces KB3124266 ) Microsoft Edge CVE-2016-0060 , CVE-2016-0061 , CVE-2016-0062 , CVE-2016-0077 , CVE-2016-0080 ,”> Critical : Anything that needs little to become interesting”> Less Urt practices for servers such as not using outlook, MSIE, word etc
Original release date: February 09, 2016 Adobe has released security updates to address vulnerabilities in Connect, Experience Manager, Flash Player, and Photoshop CC and Bridge CC. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletins APSB16-07 , APSB16-05 , APSB16-04 APSB16-03 , and apply the necessary updates.
Normally, Oracle only releases patches every three months. However, they broke that cycle to release an emergency Java update. Watch today’s video to learn what it fixes, (Episode Runtime: 1:58 ) Direct YouTube Link: https://www.youtube.com/watch?v=u3OjtxHzZFs EPISODE REFERENCES: Oracle’s out-of-cycle Java advisory – Oracle Story on Oracle’s emergency Java patch – V3.co.uk Old Java installer might install malware – Digital Trends — Corey Nachreiner, CISSP ( @SecAdept )