Monthly Archives: May 2015

Avira

The Avira Online Essentials Dashboard: what’s essential about it?

Nowadays, taking care of your digital security is no longer reduced to downloading an antivirus program to your personal computer and hope not to catch any viruses while surfing the web. Your digital life has become an extension of all your most important daily activities and you now have to worry also about things like the photos and videos stored on your mobile devices or your email account being breached. Not to mention, how do you protect your close ones when IT isn’t exactly their cup of tea?

Avira Online Essentials: Your dedicated dashboard to manage your security across multiple devices

What if we told you that we can grant all our users access to a dashboard that allows them to manage the security level across all the devices they own and for as many users as they wish? This dashboard is real, it’s called Online Essentials and it is truly…essential, see it for yourself in the video below.

The Avira Online Essentials dashboard gives you an overview of the security applications installed on all your devices and helps you do so for other users as well. You won’t have to worry anymore about your mom’s antivirus expiring without you knowing, it has never been easier to help her keep her computer’s protection up-to-date.

Surfing the web is also safer now that Avira has integrated the Browser Safety feature in the Online Essentials dashboard. You just have to make sure to install our browser extension and we’ll keep you away from malicious websites. To get any worries related to phishing attacks off your mind, we added the Identity Safeguard feature to the menu, so that you can be the first to know about data breaches that may have an impact on your email account.

You’ll enjoy being able to protect and manage your computer, tablet and smartphone’s security in one single place but wait, there’s more. In case you have trouble locating your mobile device, the anti-theft feature helps you find it, block it or even wipe all personal data stored on it remotely. This way, you make sure to prevent any unauthorized access to your private information. A full data report on your device can also be exported from the dashboard to help the police find your stolen smartphone or tablet.

There’s a lot of other cool stuff you can do directly from the Online Essentials dashboard, like organizing a remote connection session in case you need to take over the control on one of your devices from distance.

The best news about the Avira Online Essentials dashboard? It’s free for all Avira users! Register now and unlock all the cool features: http://www.avira.com/en/avira-online-essentials

The post The Avira Online Essentials Dashboard: what’s essential about it? appeared first on Avira Blog.

Microsft

3042058 – Update to Default Cipher Suite Priority Order – Version: 1.0

Revision Note: V1.0 (May 12, 2015): Advisory published.
Summary: Microsoft is announcing the availability of an update to cryptographic cipher suite prioritization in Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. The update adds additional cipher suites to the default list on affected systems and improves cipher suite priority ordering. The improvements are part of ongoing efforts to bolster the effectiveness of encryption in Windows operating systems.

Microsft

MS15-046 – Important: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181) – Version: 1.0

Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Microsft

MS15-043 – Critical: Cumulative Security Update for Internet Explorer (3049563) – Version: 1.0

Severity Rating: Critical
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.

Microsft

MS15-055 – Important: Vulnerability in Schannel Could Allow Information Disclosure (3061518) – Version: 1.0

Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow information disclosure when Secure Channel (Schannel) allows the use of a weak Diffie-Hellman ephemeral (DFE) key length of 512 bits in an encrypted TLS session. Allowing 512-bit DHE keys makes DHE key exchanges weak and vulnerable to various attacks. A server needs to support 512-bit DHE key lengths for an attack to be successful; the minimum allowable DHE key length in default configurations of Windows servers is 1024 bits.

Microsft

MS15-054 – Important: Vulnerability in Microsoft Management Console File Format Could Allow Denial of Service (3051768) – Version: 1.0

Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow denial of service if a remote, unauthenticated attacker convinces a user to open a share containing a specially crafted .msc file. However, an attacker would have no way of forcing a user to visit the share or view the file.

Microsft

MS15-053 – Important: Vulnerabilities in JScript and VBScript Scripting Engines Could Allow Security Feature Bypass (3057263) – Version: 1.0

Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves ASLR security feature bypasses in the JScript and VBScript scripting engines in Microsoft Windows. An attacker could use an ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, that could take advantage of the ASLR bypass to run arbitrary code. For example, a remote code execution vulnerability that is blocked by ASLR could be exploited after a successful ASLR bypass.

Microsft

MS15-051 – Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (3057191) – Version: 1.0

Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Windows. The more severe of these vulnerabilities could allow elevation of privilege if an attacker could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.

Microsft

MS15-047 – Important: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (3058083) – Version: 1.0

Severity Rating: Important
Revision Note: V1.0 (May 12, 2015): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Office server and productivity software. The vulnerabilities could allow remote code execution if an authenticated attacker sends specially crafted page content to a SharePoint server. An attacker who successfully exploited these vulnerabilities could run arbitrary code in the security context of the W3WP service account on the target SharePoint site.