OSX Security Vulnerabilities - 20 found according to this article

Similar Messages

• OSX Security Vulnerabilities - 20 found according to article

  Via Gizmodo, here is an article about a guy finding 20 zero-day security holes in OSX. Zero-day threats refer to security vulnerabilities which do not yet have a fix. At present, Macs are highly resistant but not immune to viruses, but this article does raise a few red flags. Thoughts?
  Article: http://www.h-online.com/security/news/item/Mac-OS-X-safer-but-less-secure-Update -957981.html

  Usually these "security bulletin" type postings are completely bogus. The guy is trying to make a living finding exploits. So, he finds 20 in Mac OS X, and then goes to the media so he can make a name for himself. Most people will say "Wow, 20 exploits! That is a lot, maybe we should be worried. Maybe OS X is not as secure as we think it is."
  But, what is totally missing here that is completely necessary to make a conclusion like that is any semblance of detail. The comments on Giz nailed it already. Are these "exploits" in the core OS, or are they in Flash? Etc. Most importantly, are these "holes" able to be exploited remotely? If I had to guess I would have to say most are not remotely exploitable. So, if this is true, are they really something to worry about? Absolutely not.
  So, the guy holds back the details so that he can get some interest from some company that makes security software. Pay him a nice royalty to provide that information. Or maybe, he's fishing for Apple to hire him so that they can patch those holes. Either way, I'm not sure I can take him seriously.
  And honestly:
  Macs are highly resistant but not immune to viruses
  This statement is false and reads like a journalist trying to cover their bases when they really don't know what they're talking about. OS X is currently immune from viruses by the definition of the word. Of course, there are a couple "trojans" around, but those require you to type in your admin password and install yourself. So, they aren't really a threat at all, at least compared to what we see on Windows.
  --Travis

• "No qualifying products found to apply this update" for Adobe Acrobat 8.1.2 Security Update 1 patch

  I am attempting to deploy the security update for Acrobat 8.1.2 [http://www.adobe.com/support/security/bulletins/apsb08-15.html] via computer startup script in AD.
  I am receiving this error message;
  "No qualifying products found to apply this update"
  My script to apply this update looks like this;
  msiexec /i "\\server\share\AcrobatReaderUpd812_SU1_all.msi"
  An excerpt from a verbose MSI install log;
  Action 15:49:45: IsQualifyingProductInstalled.
  Action start 15:49:45: IsQualifyingProductInstalled.
  Info 2898.Tahoma8, Tahoma, 0
  DEBUG: Error 2835: The control ErrorIcon was not found on dialog SetupError
  Internal Error 2835. ErrorIcon, SetupError
  No qualifying products found to apply this update
  MSI (c) (D0:D8) [15:49:48:845]: Product: Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) -- No qualifying products found to apply this update
  Action ended 15:49:48: IsQualifyingProductInstalled. Return value 3.
  MSI (c) (D0:D8) [15:49:48:861]: Doing action: SetupCompleteError
  Is anyone else experiencing this issue, or have an idea for a resolution?

  No problems, then again I've done a manual install.
  First question would be can you install the update manually on the target machine.
  Also check the version of reader/acrobat installed on the target machine.

• Security vulnerabilities in apache that comes with oracle database.

  Hi,
  We are having a QA database in Oracle enterprise version 9.2.0.4 on OS : OSF1.
  Recently our security team ran a test and found that the apache1.3 that comes as component of Oracle database is prone to security vulnerabilities. Also they suggested to remove the apache or upgrade to latest as remedy.
  When contacted to Oracle support, Oracle team replied apache upgrade should not be done instead latest apache seprately can be installed as reverse proxy. But when asked for steps/document there is no reply. Anyone faced this problem can provide any help/suggestion in this regard.
  I am attaching some of the threads identified by our Security Team for reference.
  1. Apache 1.3 HTTP Server Expect Header Cross-Site Scripting XXXX and YYYYYY ports 7782, 4889, 3339.
  2. Apache HTTP Server 413 Error HTTP Request Method Cross-Site Scripting Weakness
  3. Keep-Alive: timeout=15, max=100
  Connection: Keep-Alive
  Transfer-Encoding: chunked
  Content-Type: text/html; charset=iso-8859-1
  <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
  <HTML><HEAD>
  <TITLE>417 Expectation Failed</TITLE>
  </HEAD><BODY>
  <H1>Expectation Failed</H1>
  The expectation given in the Expect request-header
  field could not be met by this server.<P>
  The client sent<PRE>
  Expect: <script>alert(document.domain)</script>
  </PRE>
  but we only allow the 100-continue expectation.
  -CR

  I dont know how to find which components are using the apache. Help me if there is any way to find it. Only information i can say you is there is no other software installed that in that server other than oracle Database.

• Security Vulnerabilities in Microsoft Active Template Library (ATL)

  My company is concerned on recent Microsoft security vulnerabilities patch. We are accessing all of the tools that we are using whether they are affected by this vulnerability.
  We would like to find out on the following product:
  Crystal Reports. Net
  Crystal Reports Developer XI
  Crystal Report 2008
  Are they safe from this vulnerability? Please advise me accordingly.
  Thank you.
  Some information below.
  Microsoft Security Advisory 973882 u2013 Vulnerability Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution:  http://www.microsoft.com/technet/security/advisory/973882.mspx
  Microsoft Security Bulletin MS09-035 u2013 Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706): http://www.microsoft.com/technet/security/bulletin/MS09-035.mspx
  MSDN Article -- Active Template Library Security Update for Developers
  http://msdn.microsoft.com/en-us/visualc/ee309358.aspx
  Landing Page for ATL Guidance (for consumers, IT Professionals and Developers):
  http://www.microsoft.com/atl/

  Hi Ludek,
  I think, you misunderstand the Microsoft update in question.
  The update provides corrections to ATL header files which are used to build the ATL-based controls and components -- it updates Visual Studio installation so, that developers could rebuild their ATL-based components taking advantage of the updated code.
  The code from the headers which are subject to the update in question is included in the binaries of the built ATL-based controls and components and not in the shared libraries (like ATL and MFC) that Microsoft ships.
  Therefore, only by rebuilding (and re-shipping) the ATL-based controls and components can this update be accounted for.
  Here, by ATL-based controls and components I mean Crystal ActiveX viewer and, possibly, RDC runtime -- obviously, it is up to Crystal Reports developers to review, whether the corrected functionality is used within their components.
  I am not sure, which version of Visual Studio is used to build ActiveX viewer/RDC. Microsoft issued updates for several versions.
  /Alex
  P.S. I would also be interested to know, whether there are plans to update CR components, if they are affected by the vulnerability.

• Every time I try to log into ANY website that is secured, I get an error message "This connection is untrusted."

  The error message is:
  This Connection is Untrusted
  You have asked Firefox to connect securely to www.facebook.com, but we can't confirm that your connection is secure.
  Normally, when you try to connect securely, sites will present trusted identification to prove that you are going to the right place. However, this site's identity can't be verified.
  What Should I Do?
  If you usually connect to this site without problems, this error could mean that someone is trying to impersonate the site, and you shouldn't continue.
  www.facebook.com uses an invalid security certificate. The certificate is not trusted because no issuer chain was provided. (Error code: sec_error_unknown_issuer)
  If you understand what's going on, you can tell Firefox to start trusting this site's identification. Even if you trust the site, this error could mean that someone is tampering with your connection.
  Don't add an exception unless you know there's a good reason why this site doesn't use trusted identification.
  Steps I have take so far:
  Verified that system clock is correct
  Cleared all cache, history, cookies, etc.; didn't help
  Started Firefox in Safe Mode; didn't help
  Disabled all Firefox extensions; didn't help
  uninstalled and reinstalled Firefox using Control Panel; didn't help
  Ran Microsoft Safety Scan for malware; nothing was found
  Other information:
  This problem exists ONLY in my user profile and ONLY in Firefox. All 5 other users can run Firefox with no problem. I can run IE and Chrome with no problem.
  Problem exists in ALL secured (https) sites.
  I use Avast and Windows Firewall. Had never heard of ESET or BitDefender before searching these forums.
  A lot of the sites don't give me the option to Make an Exception. The two that I tried to make exceptions for, still wouldn't open.
  Run Windows 7 64-bit

  unfortunately the fiddler2 issuer in certificates might be a sign of unwanted software present on your pc that is intercepting secure network traffic. please go into the system control panel and uninstall programs like BrowserSafeguard, BrowserSafe, SafeGuard or other software that sounds suspicious and didn't get installed by you intentionally.
  <br>_{reference: https://support.mozilla.org/en-US/questions/982532#answer-520145}
  afterwards, run a full scan of your system with different security tools like the [http://www.malwarebytes.org/products/malwarebytes_free free version of malwarebytes] & [http://www.bleepingcomputer.com/download/adwcleaner/ adwcleaner].
  [[Troubleshoot Firefox issues caused by malware]]

• I am getting this error when i am doing CSOM on project server..For security reasons DTD is prohibited in this XML document.

  before two day my csom code was working fine..but from last two days when i tried to execute my code i am getting this error..
  For security reasons DTD is prohibited in this XML document. To enable DTD processing set the DtdProcessing property on XmlReaderSettings to Parse and pass the settings into XmlReader.Create method.

  Found in negative cache.... very strange.
  RFC found in negative cache
  What is the negative cache?

• Java 1.4.2 Security Vulnerabilities

  Hello,
  I'm looking for a link that lists the security vulnerabilities of Java 1.4.2 and I am having trouble finding a comprehensive list. Our security officer doesn't want us using 1.4.2 because of security vulnerabilities and I want to confirm what they are. But, I have not seen any report of what these issues are. This relates specifically to our Java version in relation to our Discoverer Plus use. Does anyone have a link of known Java 1.4 security issues?
  Thanks!

  Check this
  http://sunsolve.sun.com/search/document.do?assetkey=1-26-57591-1

• Best way to update osx security updates with ARD?

  What's the best way to manage OSX security updates to have them install auto from a local location instead of downloading from Apple.
  This also applies to adobe updates.
  Is ARD designed for this?

  Download them to your computer or whichever one you have setup as your task server and push the install packages out to the clients from there.

• Oracle Security Vulnerabilities?

  Hi all,
  We're running many PHP 5.x applications in a distributed environment that use the OCI client to access Oracle 10g databases.
  Our server administration group is migrating to a new server and is refusing to install or support the OCI Instant client under Linux saying it's a security problem. Specifically, they say that the OCI Instant Client is exposed to buffer overflows and stack smashing. Their recommendation? Rewrite all our apps to use another database. Yeah, right.
  They provided me with two sources to explain the issues:
  http://www.dummies.com/WileyCDA/DummiesArticle/id-2900.html
  and
  Re: Problems with libclntsh.so.10.1 and PHP/Apache HTTPD
  Is this really a security problem? If so, what can be done to mitigate the risk?
  Thanks,
  John

  Hi all,
  I thought I’d jump in this thread with a few thoughts.
  Security flaws unfortunately affect software, both commercial and open source. I believe that what sets Oracle apart from many other vendors is the company’s commitment to security. Oracle Software Security Assurance (http://www.oracle.com/security/software-security-assurance.html) includes the most transparent vulnerability remediation policy in the industry. Furthermore, the Critical Patch Update (CPU) process (http://www.oracle.com/technology/deploy/security/alerts.htm) provides a predictable mechanism for the remediation of security vulnerabilities in Oracle software. By comparison, open source involves unpredictable releases of security fixes.
  Now, getting back to the discussion in this thread: as much as we try to prevent vulnerabilities during development, as is the case with all large software products, some make their way into released code. As vulnerabilities are discovered, Oracle fixes them in order of severity and release fixes for them through the Critical Patch Update.
  An attacker could attempt to exploit the unpatched vulnerabilities through OCI or other protocols providing access to the database (This is not specific to OCI). Oracle’s recommendation is therefore to remain current on the Critical Patch Update (the last one was issued on July 17, 2007). Keep in mind that the CPU is cumulative for the database, and applying the most recent CPU will bring you at current security patch level, and this will significantly contribute to improving your organization’s security posture.
  Do not hesitate to contact me if you have questions at [email protected]
  Sincerely
  Eric Maurice
  Manager – Oracle Software Security Assurance

• Are Security Vulnerabilities fixed by applying Oracle Server Patchsets

  Hi,
  I would like to know whether by applying Oracle Server Patchsets or by upgrading the Oracle Server from one version to another do we overcome the Security Vulnerabilities highlighted in the previous patchset or Oracle Server Version.
  For example if I have an Oracle Server 9.2.0.1 and I apply server patchest 9.2.0.8 do I overcome all the security vulnerabilities highlighted for version 9.2.0.1 and all other intervening versions. Similarly, if I upgrade my Oracle Server 9.2.0.6 to say Oracle Server 10g 10.2.0.3 do I overcome all security vulnerabilites highlighted fro 9.2.0.6 and all other intervening releases.
  Best Regards
  Syed Zaib ul Qamar

  Is there a link; or where can I go to find the types of and/or categories for the security vulnerabilities associated with (past and present) versions of Oracle? I work with a very large team of developers and some are DBAs that perform mainly custom coding in C++ and a little in Ada. I would like to ensure that our team is continually aware of the both past and current Oracle vulnerabilities when developing applications/scripts (designing, coding, reviewing, building, etc.), testing (including security) , quality assurance, packaging, and etc.
  Perhaps, this is a lot to ask; but, this at least a good palce to start.

• Nearly 200 security vulnerabilities. iPad 1 ...

  ...  doesn't get an update. Can't be used for web surfing anymore. This is unreal. Any news on fixing the security holes? I.e. iOS 5.1.2?
  Or at least release a free boot loader so a fixable OS can be installed, like Android. I can't believe to have paid 600 bucks and can throw that away now, just after 2 years.
  As soon as my MBA late 2010 or my wife's MacBook Pro die, we'll substitute with generic Ultrabooks/Ultrathins. I'm not at all satisfied with Apple anymore.

  Ups, just forgotten to add the "proof" that there is a real security threat without an update: Apple lists around 200 security vulnerabilities in iOS5, which are fixed within iOS6.
  http://support.apple.com/kb/HT5503
  So if you're doing some product search and buy online with the iPad 1, the risk that you get hacked and robbed rises every hour without update. Thus the iPad 1 can't be used for web surfing anymore - the only thing I bought it for. And I was wrong, I even paid 700 bucks for it (3G, 32GB). That was stupid. Intelligence dictates not to repeat such a horrible mistake again.

• Kerberos Pre-Authentication - Security Vulnerabilities

  I have an issue with some Java applets locking out AD accounts, or prompting for a password.
  The solutions I have, and work, is to check the "Do not require Kerberos preauthentication" located in the user account of Active Directory Users and Computers, or to create a registry DWORD key called allowtgtsessionkey with a value of 1. 
  This key is located in
  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\Kerberos\Parameters.
  Can you advise by enabling this option or creating the reg key, does this open any security vulnerabilities?  I have read on another forum that creating the key on a PC where a users has local admin rights, will be an issue, but was very vague.
  Many thanks
  Larry

  Hi,
  If the issue persists, please:
  Find out from which machine/device bad password attempts are generated.
  Locate any services/scheduled tasks/disconnected remote desktop connections/scripts/mapped drives which could be storing credentials, then clear stored credentials.
  More information for you:
  Troubleshooting Account Lockout
  https://technet.microsoft.com/en-us/library/cc773155%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396
  Account getting locked out
  https://social.technet.microsoft.com/Forums/en-US/92454597-b414-4840-82fd-16dd92a1706d/account-getting-locked-out
  Account Locked - Event 4771 Failure Code 0x18
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/6187d7e2-d38a-4ecd-bf80-12ce3589c8e1/account-locked-event-4771-failure-code-0x18?forum=winserversecurity
  Error for Active Directory
  https://social.technet.microsoft.com/Forums/windowsserver/en-US/4923356c-1820-4626-83f2-8a57a7c48ccc/error-for-active-directory?forum=winserverDS
  Best Regards,
  Amy
  Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]

• Security Vulnerabilities on CPUCMS

  Hi All
  Could someone assist me please?
  We running a demo version of CPUCMS at a customer and the System administrator has advised that there are
  security vulnerabilities on the server that runs CPUCMS and he would like to do the following:
  1) Locate file C:\PROGRA~1\CSCOpx\MDC\Apache\conf\httpd.conf
  Remove      -    SSLCipherSuite ALL:!ADH:!EXPORT56:!EXPORT40:!LOW:RC4+RSA:+HIGH:+MEDIUM:!SSLv2:!EXP:!eNULL
  Add below:-
  SSLHonorCipherOrder On
        SSLCipherSuite RC4-SHA:HIGH:!ADH
  2.)    Disable remote service rexec  , rlogin and rsh
  Please advise if anyone has done this and also the impact it might cause on the application?
  Many thanks
  Shabeer

  Hi All
  Could someone assist me please?
  We running a demo version of CPUCMS at a customer and the System administrator has advised that there are
  security vulnerabilities on the server that runs CPUCMS and he would like to do the following:
  1) Locate file C:\PROGRA~1\CSCOpx\MDC\Apache\conf\httpd.conf
  Remove      -    SSLCipherSuite ALL:!ADH:!EXPORT56:!EXPORT40:!LOW:RC4+RSA:+HIGH:+MEDIUM:!SSLv2:!EXP:!eNULL
  Add below:-
  SSLHonorCipherOrder On
        SSLCipherSuite RC4-SHA:HIGH:!ADH
  2.)    Disable remote service rexec  , rlogin and rsh
  Please advise if anyone has done this and also the impact it might cause on the application?
  Many thanks
  Shabeer

• Security Vulnerabilities

  Hi List,
  Similar to like Bug Toolkit, Does Cisco have a tool which can provide a list of Security Vulnerabilities based on the IOS version you specify ?
  Bug Toolkit gives the list of all bugs, most of them are related to the functionality rather than Security. Filtering Security bugs is a difficult task.
  Cisco publishes security advisories, which gives the list of affected IOS versions.
  But, my requirement is to get the list of vulnerabilities after provision of IOS version.
  Was just wondering what is the best way to achieve this.
  Thanks,

  Cisco has a security advisory site. There is also a product alert tool here. I belive this is what you are looking for.
  http://www.cisco.com/en/US/products/products_security_advisories_listing.html
  Hope this helps.
  Steve