Thursday, April 15, 2010 10:54 AM
cmosby
And let the patching games continue – SANS Internet Strom Center
And let the patching games continue
Share |
Published: 2010-04-14,
Last Updated: 2010-04-15 04:39:07 UTC
by Mark Hofman (Version: 1)
0 comment(s)
As we progress through the week more patches and updates are being released.
Cisco has joined in with an Active X issue in the desktop client more info is here http://www.cisco.com/warp/public/707/cisco-sa-20100414-csd.shtml . The issue centres around the non-verification of code downloaded from a web page.
Apple has also released an update. This one requires a restart. The patch addresses CVE-2010-1120 which considering it credits Charlie Miller's is to address the prize winning exploit the other week. The issue relates to a malicious embedded font. Not much more info is here http://support.apple.com/kb/HT4131
Joining the club is Adobe who is releasing their update as well to Reader and Acrobat http://www.adobe.com/support/security/bulletins/apsb10-09.html
Update
Joining the "and me too" club is java with update 20. Two security fixes by the looks of the release notes. http://java.sun.com/javase/6/webnotes/6u20.html
Happy patching, as always test before doing production and Friday 5pm is never a good time to push out updates.
Mark H - Shearwater
Keywords: Patching
Filed under: Security and Anti-Virus, Patch Management, Configuration Management