Sysinternals updates, a new blog post, and webcast

Published: 2011-04-14
Last Updated: 2011-04-14 19:57:53 UTC
by Adrien de Beaupre (Version: 1)
1 comment(s)

Process Monitor v2.95, TCPView v3.04, Autoruns v10.07 have updates here [1]

Of equal interest as the tools update is Part 1 of an analysis of a Stuxnet infection with Sysinternals tools here [2]

[1] http://blogs.technet.com/b/sysinternals/archive/2011/04/13/updates-process-monitor-v2-95-tcpview-v3-04-autoruns-v10-07-and-a-new-blog-post-and-webcast-from-mark.aspx

[2] http://blogs.technet.com/b/markrussinovich/archive/2011/03/30/3416253.aspx

Cheers,
Adrien de Beaupré
Intru-shun.ca Inc.

Keywords: stuxnet analysis sysinternals updates
1 comment(s)

Apple Security Patches for OS X and iOS

Published: 2011-04-14
Last Updated: 2011-04-14 17:51:39 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

Unlike Microsoft, Apple has so far not committed to a regular patch cycle, and today's release of IOS 4.3.2 as well as the OS X Security Update 2011-002 came somewhat as a surprise. [1]

Both include security fixes that should be applied rather sooner then later. The OS X update also includes Safari 5.0.5 . We will update this diary once the Apple support page with security details is live.

The patch is pretty small compared to other Apple patches (about 4 MB). You need to restart your system after applying the security patch. I applied it to one system with PGP full disk encryption, and so far no ill effects. 

[1] http://support.apple.com/kb/DL1376

 

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: apple ios os x
0 comment(s)

Update to Adobe Flash 0-day: Patch will be out soon

Published: 2011-04-14
Last Updated: 2011-04-14 13:46:25 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

Adobe updated its advisory, stating that we should have a patch at least for the "non sandbox" versions of Adobe Acrobat and Reader by April 25th [1]. Flash player will get a fix even earlier (April 15th = this week Friday). Adobe Reader X for Windows, which uses the new "Protected Mode" feature to limited the exploitability of this vulnerability, will have to wait until June 14th.

Little Table to clarify:

  Flash Reader 9 Reader 10.x Reader 10.0.1 Reader 10.0.2 aka "X"
Windows 4/15 4/25 4/25 4/25 6/14
Macintosh 4/15 4/25 4/25 4/25 4/25

 

for more details, see the URL below.

[1] http://www.adobe.com/support/security/advisories/apsa11-02.html

Update: corrected patch date for Adobe Reader X for Windows. Was 6/25.. but should have been 6/14. Thanks Luc for pointing this out to me!)

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: adobe flash
1 comment(s)

dshield.org now DNSSEC signed via .org

Published: 2011-04-14
Last Updated: 2011-04-14 02:26:28 UTC
by Johannes Ullrich (Version: 1)
1 comment(s)

To coincide with today's webcast about DNSSEC [1], I changed how the dshield.org zone is DNSSEC signed. The zone itself has been signed for a while now, but I used "look aside validation" via isc.org . For a few months now, it has been possible to have .org zones directly signed by .org, and I decided to give it a try. Please let me know if you see any issues. If you plan to deploy DNSSEC yourself, see Verisign's [3] nice testing tool as well as the visualization tool by DNSVIZ [4].

[1] https://www.sans.org/webcasts/isc-threat-update-20110413-94083
[2] http://dlv.isc.org
[3] http://dnssec-debugger.verisignlabs.com
[4] http://dnsviz.net/d/dshield.org/dnssec/

------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter

Keywords: dns dnssec dshield
1 comment(s)

Comments

cwqwqwq

www

Nov 17th 2022
6 months ago

eweew<a href="https://www.seocheckin.com/edu-sites-list/">mashood</a>

EEW

Nov 17th 2022
6 months ago

WQwqwqwq[url=https://www.seocheckin.com/edu-sites-list/]mashood[/url]

qwq

Nov 17th 2022
6 months ago

dwqqqwqwq mashood

mashood

Nov 17th 2022
6 months ago

[https://isc.sans.edu/diary.html](https://isc.sans.edu/diary.html)

isc.sans.edu

Nov 23rd 2022
6 months ago

[https://isc.sans.edu/diary.html | https://isc.sans.edu/diary.html]

isc.sans.edu

Nov 23rd 2022
6 months ago

What's this all about ..?

isc.sans.edu

Dec 3rd 2022
6 months ago

password reveal .

isc.sans.edu

Dec 3rd 2022
6 months ago

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission

isc.sans.edu

Dec 26th 2022
5 months ago

https://thehomestore.com.pk/

isc.sans.edu

Dec 26th 2022
5 months ago

Login here to join the discussion.


Diary Archives