Friday, December 20, 2013

CPE: McAfee AudioParasitic: Episode 52: M$ Super Tuesday

length: 00:11:20
1 bulletin – specific to OS – SMB

Very light month
On Dec there were 3 IE zero day vulnerability

SQL vulnerability:
-          Injection
-          Command insertion
Cross site scripting vulnerability – big deal with Web 2.0

SMB: server message block

One bulletin – 3 vulnerability
Two remote exec
One DoS

One with PoC CVE-2004-114
Remote exec vulnerability that affect all OS platform
Mitigation: IPS or HIPS

Very important to patch 067!!!

Labels: ,


Post a Comment

Subscribe to Post Comments [Atom]

<< Home