Date: 21 May 2012
Click here for printable version
Greetings,
I know what you are thinking. You are asking why you are reading this on a Monday rather than a Friday; and that is a very good question. The explanation is that a long week ago in a city far far away...
It was a (semi fictitious) period of evil war, Anonymous DDoS attacks striking from a hidden botnet have won their first victory against the Governments and corporations of the world. During the battle, Antisec spies managed to steal secret plans to the Governments electronic health record system:
"One database to rule them all, one database to find them, one database to bring them all and with their sprains bind them."
... I think I took a slight detour there, where was I. Oh yes, the governments electronic health record plans, a (hopefully) well armored database with enough searching power to destroy an entire microorganism. Pursued by the Governments law enforcement agents, "Sabu" races home aboard their low orbit ion cannon, custodian of the stolen plans that can save their people (except Utah) and restore patient confidentiality to the system...
Actually the real reason is that the AusCERT Asia Pacific Information Technology Security Conference 2012 was on last week. If you missed it then your stomach will thank you, but your brain will not. I am sure I am 50KG heavier now than I was a week ago. I am currently trying to decide between the late Steve Jobs "apples and carrots only" diet, and hooking myself up to a drip for 2013. The drip idea actually came from a revelation that sleeping beauty (being asleep) couldn't have been eating and, therefore, must have had a drip to survive.
So, now you know why it is Monday rather than Friday the following is what you would have ben told about had it not been Monday:
Firstly there were some Apple updates to help keep the doctor away (although Doctor Web or some other Anti Virus software would probably have been useful in this instance) as two of the Apple updates were another flashback removal tool and an Adobe Flash Player disabler for out of date versions. Both of these were for the, thought to be out of support, Mac OSX 10.5 (Leopard). The third was a QuickTime 7 update for Windows. [3]
Google Chrome was updated again, but this time I beat Google! Of course I can't really beat Google, I just mean that I found their blog post in my RSS feed before my web browser told me there was an update. I really wish more software would just magically get updated and restore everything just as it was before the update. Most people don't care about updating and security, so the security industry needs to start doing it for them. So I give a big thumbs up for Google who does this with not only Chrome, but also for the Flash Player that comes embedded inside it.
Lastly three different "open" products were patched: OpenSSL, OpenOffice, Sudo. OK, so sudo doesn’t really fit with the naming, but it fits with the patching part. I am sure there are other products that I should mention, but given it is Monday you have probably already patched them or implemented some workarounds.
Have a good... week at work :)
Richard
|