Actualización smartdefense 14-09-2011

Nueva actualización (esta vez con mucho contenido), de la versión 618115842 a la 618116113.

Multiple products .dll insecure library loading: CVE-2011-1980 Advisory sin soltar (de momento), CVE-0029, vaya forma de camuflar esta pedazo de vulnerabilidad “Untrusted search path vulnerability in the client in Microsoft Remote Desktop Connection 5.2, 6.0, 6.1, and 7.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .rdp file, aka “Remote Desktop Insecure Library Loading Vulnerability.”” .A parchear toca.
Microsoft wins local elevation of privilege, advisory MS11-070.
Microsoft windows multiple components insecure library loading, advisory MS11-071.
Fraudulent diginotar certificates https spoofing. Ya estaban tardando.
Ojito con este lo hemos tenido que desactivar porque se folla mucho trafico https, incluso con certificados validos.. asi que …
Microsoft office uninitialized object pointer, advisory MS11-073.
Microsoft excel out of bounds array indexing code execution, advisory MS11-072.
Microsoft excel conditional expresin code execution,mismo advisory.
Microsoft excel MS-OGRAPH code execution, idem.
Microsoft sharepoint server XML rollup information disclosure, advisory MS11-074.
Ya se echaban de menos actualizaciones con chicha …

Comments are closed.