:: IT Security Neophyte Investigator's MEMO ::: 13日水曜日、先負

2016年4月13日水曜日

13日水曜日、先負

+ 2016 年 4 月のマイクロソフトセキュリティ情報の概要
https://technet.microsoft.com/ja-jp/library/security/ms16-apr

+ MS16-037 - 緊急 Internet Explorer 用の累積的なセキュリティ更新プログラム (3148531)
https://technet.microsoft.com/library/security/MS16-037
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0166

+ MS16-038 - 緊急 Microsoft Edge 用の累積的なセキュリティ更新プログラム (3148532)
https://technet.microsoft.com/library/security/MS16-038
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0157
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0161

+ MS16-039 - 緊急 Microsoft Graphics コンポーネントのセキュリティ更新プログラム (3148522)
https://technet.microsoft.com/library/security/MS16-039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0145

+ MS16-040 - 緊急 Microsoft XML Core Services 3148541 用のセキュリティ更新プログラム (3148541)
https://technet.microsoft.com/library/security/MS16-040
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0147

+ MS16-041 - 重要 .NET Framework 用のセキュリティ更新プログラム (3148789)
https://technet.microsoft.com/library/security/MS16-041
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0148

+ MS16-042 - 緊急 Microsoft Office 用のセキュリティ更新プログラム (3148775)
https://technet.microsoft.com/library/security/MS16-042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0139

+ MS16-044 - 重要 Windows OLE 用のセキュリティ更新プログラム (3146706)
https://technet.microsoft.com/library/security/MS16-044
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0153

+ MS16-045 - 重要 Windows Hyper-V 用のセキュリティ更新プログラム (3143118)
https://technet.microsoft.com/library/security/MS16-045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0088
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0089
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0090

+ MS16-046 - 重要セカンダリログオン用のセキュリティ更新プログラム (3148538)
https://technet.microsoft.com/library/security/MS16-046
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0135

+ MS16-047 - 重要 SAM および LSAD リモートプロトコル用のセキュリティ更新プログラム (3148527)
https://technet.microsoft.com/library/security/MS16-047
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0128

+ MS16-048 - 重要 CSRSS 用のセキュリティ更新プログラム (3148528)
https://technet.microsoft.com/library/security/MS16-048
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0151

+ MS16-049 - 重要 HTTP.sys 用のセキュリティ更新プログラム (3148795)
https://technet.microsoft.com/library/security/MS16-049
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0150

+ MS16-050 - 緊急 Adobe Flash Player のセキュリティ更新プログラム (3154132)
https://technet.microsoft.com/library/security/MS16-050

+ マイクロソフトセキュリティアドバイザリ 3152550 ワイヤレスマウス入力のフィルタリングを改善する更新プログラム
https://technet.microsoft.com/ja-jp/library/security/3152550

+ RHSA-2016:0621 Important: samba security update
https://rhn.redhat.com/errata/RHSA-2016-0621.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

+ RHSA-2016:0613 Critical: samba3x security update
https://rhn.redhat.com/errata/RHSA-2016-0613.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

+ RHSA-2016:0612 Critical: samba and samba4 security, bug fix, and enhancement update
https://rhn.redhat.com/errata/RHSA-2016-0612.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

+ RHSA-2016:0611 Critical: samba security update
https://rhn.redhat.com/errata/RHSA-2016-0611.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

+ APSB16-12 Security hotfix available for RoboHelp Server
https://helpx.adobe.com/security/products/robohelp-server/apsb16-12.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1035

+ APSB16-11 Security update available for the Creative Cloud Desktop Application
https://helpx.adobe.com/security/products/creative-cloud/apsb16-11.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1034

+ APSB16-10 Security updates available for Adobe Flash Player
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1012
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1013
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1014
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1015
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1016
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1017
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1018
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1021
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1022
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1024
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1025
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1026
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1027
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1028
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1030
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1032
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1033

+ Cisco Unity Connection Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-unity
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1377

+ Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers Interface Flap Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1376

+ sk110978 Check Point Response to BadLock vulnerabilities
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk110978&src=securityAlerts
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0128

+ VU#813296 Microsoft Windows and Samba may allow spoofing of authenticated users ("Badlock")
https://www.kb.cert.org/vuls/id/813296
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0128

+ Linux kernel 4.5.1, 4.4.7, 3.14.66 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.7
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.66

+ UPDATE: Oracle Solaris Third Party Bulletin - January 2016
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

+ Samba 4.4.2, 4.3.8 and 4.2.11 Security Releases Available for Download
https://www.samba.org/samba/latest_news.html#4.4.2
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5370
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2110
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2111
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2113
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2118

+ SA69985 Oracle MySQL OpenSSL Multiple Denial of Service Vulnerabilities
https://secunia.com/advisories/69985/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0797
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2842

+ Apache Ant 1.9.7 Released
http://ant.apache.org/

+ Android - IMemory Native Interface is Insecure for IPC Use
https://cxsecurity.com/issue/WLB-2016040083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0846

+ Android - IOMX getConfig/getParameter Information Disclosure
https://cxsecurity.com/issue/WLB-2016040084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2417

+ Perl 5.22 VDir::MapPathA/W Out-Of-Bounds Reads / Buffer Over-Reads
https://cxsecurity.com/issue/WLB-2016040080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8608

PGConf US 2016 One Week Away - Registrations Closing
http://www.postgresql.org/about/news/1658/

LINE×サイボウズのバグバウンティ対談
先進2社が語るバグ報奨金制度、「やはり社内でも反対意見はありました」
http://itpro.nikkeibp.co.jp/atcl/column/16/040600081/040700001/?ST=security

UPDATE: JVNVU#92749596 BlueDriver LSB2 に認証なしで Bluetooth アクセスが可能な問題
http://jvn.jp/vu/JVNVU92749596/index.html

:: IT Security Neophyte Investigator's MEMO ::

2016年4月13日水曜日

13日水曜日、先負

0 件のコメント:

コメントを投稿

2016年4月13日水曜日

13日 水曜日、先負

0 件のコメント:

コメントを投稿

13日水曜日、先負