AusCERT - AusCERT Week in Review for 24th December 2010

HOME

About AusCERT

Membership

PKI Services

Training

Publications

Sec. Bulletins

Conferences

News & Media

Services

Web Log

Site Map

Site Help

Member login

AusCERT Week in Review for 24th December 2010

Date: 24 December 2010

Click here for printable version

I know you're all looking forward to the weekend and holidays, so I'll keep it short and sweet today!

- Early this week a new major version of Opera was released, version 11, which corrected a number of vulnerabilities as well as adding new features and improvements.

- US-CERT released a bulletin regarding a vulnerability in Microsoft's IIS 7.5 FTP service which could cause a denial of service, or possibly code execution. Microsoft has yet to release an update to correct this issue.

- Microsoft released a bulletin regarding a code execution vulnerability in Internet Explorer 6, 7 and 8 that has yet to be patched. Microsoft will either release a fix for this during their monthly patch cycle, or they may release an out-of-cycle update.

- US-CERT also released a bulletin regarding an issue with Microsoft's WMI Administrative Tools, which could potentially allow code execution through the ActiveX control WBEMSingleView.ocx.

Happy holidays, and have a great weekend!
Jonathan