2017年12月13日水曜日

13日 水曜日、大安

+ About the security content of AirPort Base Station Firmware Update 7.7.9
https://support.apple.com/ja-jp/HT208354
CVE-2017-9417
CVE-2017-13077
CVE-2017-13078
CVE-2017-13080

+ About the security content of AirPort Base Station Firmware Update 7.6.9
https://support.apple.com/ja-jp/HT208258
CVE-2017-13077
CVE-2017-13078
CVE-2017-13080

+ Security updates available for Flash Player | APSB17-42
https://helpx.adobe.com/security/products/flash-player/apsb17-42.html
CVE-2017-11305

+ 2017 年 12 月のセキュリティ更新プログラム (月例)
https://blogs.technet.microsoft.com/jpsecurity/2017/12/13/201712-security-updates/

+ UPDATE: Multiple Vulnerabilities in Cisco WebEx Recording Format and Advanced Recording Format Players
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex-players

+ Bleichenbacher Attack on TLS Affecting Cisco Products: December 2017
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171212-bleichenbacher
CVE-2017-17428

+ UPDATE: Cisco Email Security Appliance Header Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-esa

+ UPDATE: JVNVU#99259676 Apache Tomcat の複数の脆弱性に対するアップデート
http://jvn.jp/vu/JVNVU99259676/index.html

+ macOS getrusage Stack Leak
https://cxsecurity.com/issue/WLB-2017120080
CVE-2017-13869

+ macOS necp_get_socket_attributes so_pcb Type Confusion
https://cxsecurity.com/issue/WLB-2017120079
CVE-2017-13855

+ Linux kernel Multiple Local Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/102150
CVE-2017-16912
CVE-2017-16913
CVE-2017-16914

AWS Glue や Amazon Athena で使用するサーバーレスの管理されていない Machine Learning
https://aws.amazon.com/jp/blogs/news/serverless-unsupervised-machine-learning-with-aws-glue-and-amazon-athena/

VU#144389 TLS implementations may disclose side channel information via discrepencies between valid and invalid PKCS#1 padding
https://www.kb.cert.org/vuls/id/144389

Postgres Migration Tookit v3.1 has been released
https://www.postgresql.org/about/news/1812/

ソフォスがセキュリティ製品のデモ施設、パートナー企業にも開放
http://itpro.nikkeibp.co.jp/atcl/news/17/121202843/?ST=security&itp_list_theme

「メール詐欺対策にDMARCを」、プルーフポイントが新サービス
http://itpro.nikkeibp.co.jp/atcl/news/17/121202841/?ST=security&itp_list_theme

ネット銀行狙うウイルス「DreamBot」の被害が急増、警察庁などが注意喚起
http://itpro.nikkeibp.co.jp/atcl/news/17/121202839/?ST=security&itp_list_theme

0 件のコメント:

コメントを投稿