Security Alert # 68 Question

Similar Messages

• Exchange 2010/Outlook 2010 Security Alert (...there is a problem with the site's security certificate.)

  I've been looking to resolve this issue for a while now and was hoping someone could help me understand my options.
  We have Exchange 2010 & Outlook 2010 in our environment. I've created a SSL cert for our ActiveSync from a reputable CA and unfortunately, as you may not be surprised, we are seeing an alert each time we open Outlook that states:
  "Security Alert; Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate.
  The name on the security certificate is invalid or does not match the name of the site."
  Of course my internal server name does not match my external server name. So the SSL I had created for use with OWA and ActiveSync is rejected by my internal Outlook clients.
  After doing some research I believe this is related to the Autodiscover service being configured with my internal server name and not my external name. 
  I've found some info about adding New-AutodiscoverVirtualDirectory and Set-ClientAccessServer commands and then found this article that might help.  (Configure
  Outlook Anywhere to Use Multiple SSL Certificates) but nothing is specific to my configuration and I'm concerned about what will happen to my existing configuration if this fails. 
  What happens when you run Set-ClientAccessServer? Does it retain and keep the old server config in place and add a new one or does it wipe it out? Will all of my devices need to be reconfigured?
  Same with New-AutodiscoverVirtualDirectory.  Does this simply add another virtual directory or is it going to overwrite my existing config?
  Then there is the question of whether or not any of this will actually address my issue at all.
  absolutezero273c

  Sorry.
  "[PS] C:\Windows\system32>Set-ClientAccessServer -Identity MailExt -AutoDiscoverServiceInternalUri "https://MailExt
  .contoso.com/autodiscover/autodiscover.xml"
  The operation couldn't be performed because object 'MailExt' couldn't be found on 'DomainController2.contoso.local'.
      + CategoryInfo          : NotSpecified: (0:Int32) [Set-ClientAccessServer], ManagementObjectNotFoundException
      + FullyQualifiedErrorId : 4D980455,Microsoft.Exchange.Management.SystemConfigurationTasks.SetClientAccessServer"...is the error I get.
  I've created the split zones and populated the Forward Lookup Zones as follows:
  CONTOSO.COM
  MailExt(CNAME)MailInt.contoso.local
  _tcp _autodiscover(SRV)MailExt.contoso.com
  CONTOSO.LOCAL
  MailInt(A)192.168.1.10
  MailExt(CNAME)MailInt.contoso.com
  One thing I did notice is that there isn't a _tcp _autodiscover entry for MailInt in my Forward Lookup Zones.  It was recommended that I make that entry for _tcp _autodiscover(SRV)MailExt.contoso.com in another post I read somewhere.
  I believe what I am trying to do is create a new autodiscover object as is shown here:
  I see there is a Get-ClientAccessServer & Set-ClientAccessServer command but I need to add a CAS. Does the Set-ClientAccessServer add or simply modify?
  Or would that require the New-AutodiscoverVirtualDirectory command? I read
  this page that discussed creating new virtual directories but that seemed a little risky without knowing all the ins and outs of how this service functions and to what degree this would affect the existing configuration.
  I was able to use the Set-ClientAccessServer command and change the actual internal autodiscoverUri to https://MailExt.contoso.com/autodiscover/autodiscover.xml but the name still says MailInt and I continue to get the SSL cert warnings because it is looking
  at MailInt.contoso.local.
  absolutezero273c

• Web Security Alerte email

  Hello,
  I'm actually configuring an S170.
  I would like to be alerted when users attempted to download a virus or visit à forbidden url.
  I have configure my SMTP relay and test it by generate a report. it's OK.
  I have make lot of tests with no result, I haven'treceive any alert mail.
  how can I make a test alert or generate an web security alert?
  Thanks for your answer.

  hello,
  I have make a test by enabling the support tunnel, and i have receive an email, so the system's alert works!
  The question is, can i be alerted when someone is blocked by the proxy or try to download a virus?

• Can not see 5 security alert on OTN

  I can not see following alerts since 5/16/2003 from the URL
  http://otn.oracle.com/deploy/security/alerts.htm
  Could OTN please check to see what happend?
  oracle connection manager control SUID vulnerability
  oracle internet directory buffer overflow vulnerabilities
  oracle internet application server and web/portal vulnerabilities
  oracle enterprise manager backup and recovery vulnerability
  oracle SQL*net and net8 listener vulnerability

  Thanks- this was fixed.
  OTN

• Reader X - Getting Security Alert with a data filled PDF form

  My site uses PDF forms that have their data filled in dynamically by the classic asp code on the site. Before Reader X version, they were filled and displayed without a problem. With Reader X they display the security warning: "Data from this site is blocked to avoid potential security risks....." and the Options button to trust the site. I get this even thoguh it's the same site they are on already and I'm using an SSL cert for all files and I'm also using a direct link to generate the PDF.
  I know the user can just click the options and make the problem go away but many users seem unable to read and or panic when they see the alert.
  Is there a security setting or trust setting I can add or set in my form so that I will not get this security alert??

  No, apart from creating a certified document, but the user would still have to add you as a trusted source. If a document could override this, it would be rather pointless to have it in the first place.

• Outlook Security Alert - "the name on the security certificate is invalid or does not match the name of the site"

  Due to our company changing names, we recently moved to a new domain. All users were at first getting a certificate error when opening Outlook "the name on the security certificate is invalid or does not match the name of the site." After our network
  admin made some changes, nobody receives this error anymore except one user. The URL at the top of the security alert is the old domain, mail.olddomain.com. I checked the users Exchange Proxy Settings in Outlook, everything is showing the URL's of the new
  domain so I'm not sure where this is coming from. I'm assuming it has to be something on her local machine since she is the only one who still gets the error.
  Thanks in advance for any help.
  Exchange server 2008
  Outlook 2010

  Hi,
  Please follow all above suggestions to confirm whether the issue happens in OWA. And run Test E-mail AutoConfiguration in Outlook to check whether there is any URL settings using the old domain.
  If the issue doesn’t happen in OWA and your URL configurations are all same as others and set correctly, please create a new Outlook profile to have a try.
  Thanks,
  Winnie Liang
  TechNet Community Support

• Safari is frozen by a fake security alert, how do I resolve?

  Safari is frozen by a fake security alert.  How do I resolve on my MacBook Air using IOS 8.1.2 
  Error Message:
  "Safari - Alert
  Your Browser has been Locked because of Possible Infections found in your Machine. Due to which your Browser Might be Corrupted because of Suspicious Activity found.
  Major Security Issue
  For Immediate Assistance through our Apple Certified Technicians CALL:
  +1-855-337-8048 (Toll Free)"
  Thank you!

  The following comes from user stevejobsfan0123.
  Occasionally, a browser window may pop up with a scam message. Common pop-ups include a message saying the government has seized your computer and you must pay to have it released (often called "Moneypak"), or a phony message saying that your computer has been infected, and you need to call a tech support number (sometimes claiming to be Apple) to get it resolved. First, understand that these pop-ups are not caused by a virus, and your computer has not been affected. This "hijack" is limited to your web browser. Also understand that these messages are scams, so do not pay any money, call the listed number, or provide any personal information. Most of these scammers, if you actually call the number, will ask you to install software giving them remote control over your computer. Do not do this either. This article will outline the solution to dismiss the pop-up.
  Quit Safari
  Though you will probably have to quit Safari, you can first try closing the tab by pressing Command + W. Sometimes, however, these pop-ups will not go away by attempting to close the tab, nor by clicking "OK" or "Cancel." Furthermore, several menus in the menu bar may become disabled and show in gray, including the option to quit Safari. You will likely have to force quit Safari. To do this, press Command + option + esc, select Safari, and press Force Quit.
  Relaunch Safari
  If you relaunch Safari, the page will reopen. To prevent this from happening, hold down the 'Shift' key while opening Safari. This will prevent windows from the last time Safari was running from reopening.
  This will not work in all cases. The shift key must be held at the right time, and in some cases, even if done correctly, the window reappears. In these circumstances, after force quitting Safari, turn off Wi-Fi or disconnect Ethernet, depending on how you connect to the Internet. Then relaunch Safari normally. It will try to reload the malicious webpage, but without a connection, it won't be able to. Navigate away from that page by entering a different URL, i.e. www.apple.com, and trying to load it. Now you can reconnect to the Internet, and the page you entered will appear rather than the malicious one.
  None of this Worked!
  If pressing Command + W does not work, and force quitting Safari and restarting the application with the Shift key held down does not get rid of the pop-up you will have to reset Safari. Normally, this can be done by launching Safari, then in the menu bar, going to Safari > Reset Safari. However, most pop-ups of this variety will block access to many of the drop-down menus in the menu bar. You will need to locate a file on the computer and move it to the trash. Make sure you quit Safari first (force quit if necessary).
  To start, open Finder. The press Command + Shift + G, or in the menu bar, select Go > Go to Folder. Type the following file path:
  ~/Library/Preferences
  Look for a file named com.apple.Safari.plist, and drag it to the trash. Then restart your Mac. After it reboots, try launching Safari. A new preferences file should have been automatically created, so no more action is required on your part, and the pop-up should now be gone.
  The Source of the Scam
  In addition to the FBI scam, there are a few webpages with bogus technical support pop-ups or "security alerts," claiming you have a virus as described earlier. These webpages include but are not limited to:
  macsecurityissue.com
  helpmetek.com
  applesecurityalert.com
  websternal.net
  newsalert.report-o.com
  mac-system-alerts.com
  geek-techies.com
  system-connect.com
  instants-pc-fix.com
  flasherrordetector.websiteviruscleaner.com
  safaricontact-help.com
  system-logs.info
  customer-help.in

• Oracle Security Alert #48

  Does Oracle Security Alert #48 (bug 2642117) - Buffer Overflow in DIRECTORY parameter of Oracle9i Database Server effect Oracle 8i v 8.1.6.0 database?
  I know the Oracle Alert states it effects Oracle 8i v 8.1.7, but I'm not sure if that would mean it effects older releases like v 8.1.6.0.
  Thanks

  Some clips:
  "Products Affected
  Oracle9i Database Release 2v, Version 9.2.x
  Oracle9i Database Release 1v, Version 9.0.x
  Oracle8iDatabase,Version 8.1.x
  Oracle8 Database, Version 8.0.x"
  "Currently there are no plans to release a patch for 8.0.5.x, 8.1.5.x, 8.1.6.x."

• Air application throws security alert every time 'HTTPS' request made to server.

  Have a look at the following screenshot.
  On click of next button, application internally sends an https request. Appliction throws Security Alert dialog. The text can also be seen clearly.
  Strange thing about this alert dialog is that, it appears every time when application send a request in given session.
  If I run the same thing in flex (i.e. in browser), it asks for SSL handshake and that is also only once. So why it is happening here in case of Air.
  Regards,
  Prithvee Zankat.

  Back up all data. From the Safari menu bar, select
  Safari ▹ Reset Safari...
  Check these boxes:
  Clear history
  Remove all website data
  Uncheck all other boxes. Press return. Test.
  If Safari crashes immediately on launch and you can't do as above, hold down the shift key and launch it by clicking its icon in the Dock, then try. Failing that, ask for guidance.

• Wrong PDF on Security Alerts Page

  On the Security Alerts page (http://otn.oracle.com/deploy/security/alerts.htm) there is a link next to "Buffer Overflow Vulnerability in Oracle9iAS Reports Server Alert #35, 05 June 2002" which links to a document called http://otn.oracle.com/deploy/security/pdf/reports6i_alert.pdf
  This document is actually a copy of the document for a different vulnerability "Buffer Overflow Vulnerability in Oracle Net (Oracle9i Database Server) Alert #34, 05 June 2002"
  Please fix it so we can read about the 9iAS Reports Server Alert!
  Thanks,
  -Otto

  Hi Otto,
  This should now be fixed on OTN but please let us know if you encounter any difficulties.
  Regards,
  OTN Team

• Norton security alert high memory use for a specific file shared by millions

  current version microsoft xp. computer frequently goes into a scan type mode followed by a norton security alert high memory usage. causes major slowdown in system use

  current version microsoft xp. computer frequently goes into a scan type mode followed by a norton security alert high memory usage. causes major slowdown in system use

• Java error - Oracle Security Alert for CVE-2010-4476

  I have come across this security alert described at http://www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.htm l
  In summary - Java Runtime Environment hangs when converting "2.2250738585072012e-308" to a binary floating-point number.
  This vulnerability affects:
  Java SE
  JDK and JRE 6 Update 23 and earlier for Windows, Solaris, and Linux
  JDK 5.0 Update 27 and earlier for Solaris 9
  SDK 1.4.2_29 and earlier for Solaris 8
  Java for Business
  JDK and JRE 6 Update 23 and earlier for Windows, Solaris and Linux
  JDK and JRE 5.0 Update 27 and earlier for Windows, Solaris and Linux
  SDK and JRE 1.4.2_29 and earlier for Windows, Solaris and Linux
  Java for MacOS X 10.6 update 3 updates Java to SE 6 to version 1.6.0_22.
  Is anyone aware of new Java update for Mac that will fix this problem? If one doesn't exist, does anyone know when a new update will be available?
  Thanks.

  Hi Hussein,
  have you applied this? Please can you update?
  Our environment: 11.5.10.2 (9.2.0.7)running on HP-UX PARISC. We are using Jinitiator. We are not yet migrated to J2SE Plugin.
  So, since the sercurity patch is for JRE, is that still required for our environment?
  Please advise?
  Edited by: oraDBA2 on Feb 13, 2011 9:12 PM

• TNS Listener Poison attack : Oracle Security Alert for CVE-2012-1675

  Hi,
  I'm looking to implement the following oracle document about COST but not sure what we need to do for Standby Environment ,
  Can you guys please advise.
  Oracle Using Class of Secure Transport (COST) to Restrict Instance Registration [ID 1453883.1]
  Oracle Security Alert for CVE-2012-1675
  Thanks

  user097815 wrote:
  with regrads to the below thread which mostly talks about Oracle Security Alert for CVE-2012-1675 "TNS Listener Poison Attack"....i just wanted to find out if this effect DB that are externally or internally....meaning 95% of our DB are in network(internally) behind our firewall....and rest of the 5% are outside our firewall facing the world wide web....so does this apply to both of just one ?The attack is on the Listener itself - so if you want to prevent this attack, you need to secure that Listener, irrespective of its location.
  IMO, mandatory if you expose your Listener to an unsecured or public network (e.g. internet).
  As for Listeners running on your internal network - if this attack is used, securing your Listeners mean very little IMO. Because your internal network already needs to be compromised in order for the attack to occur. Which means you have far more serious problems then someone attacking your Listeners.

• Oracle Security Alert for CVE-2012-1675

  Hi,
  I want to know more about recent release "Oracle Security Alert" : http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html
  Document available in https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1453883.1
  Fix is about Class of Secure Transport (COST). I need to know about elaborate steps to find out whether this change is need to apply to my databases or not.
  About my DBs : 10.2.4 , AIX, Nondefault Listener, Shared env , non RAC, local_listener is null & running in pfile.
  Thx,
  Gowin.

  Hello;
  Apply it. Very clean. Simple. No outage on Non-RAC. Biggest Impact is listener stop and start. Took about 3 minutes per server.
  Tested today and had zero issues. ( Assumed you understood a CONNECT was part of the test ). Zero issues.
  Had a thread on this here a few days ago :
  Oracle TNS Poison vulnerability
  See Oracle Support Note 1453883.1 for additional information.
  Best Regards
  mseberg
  With all due respect this isn't very hard. Make a decision.
  Edited by: mseberg on May 2, 2012 7:13 AM

• I still get a firefox security alert that my system affected by numerous virus attack even after I performed a full scan using microsoft security essential. what is the problem?

  I get a firefox security alert that my system affected by numerous virus attack. I performed a full scan using microsoft security essential immediately but same message still pop up after that even though no virus was found during the scan.

  You may be visiting a web site that has been infected or is hosting malware.<br />
  You should never respond unrequested pop-ups that try to persuade you to download and install software.<br />
  Doing that is the way to get malware because no decent company would use such methods to inform you about that.<br />
  You only saw an animation and not a real scan.<br />