Ubuntu Security Notice 2665-1 – A race condition was discovered in the Linux kernel’s file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations. A underflow error was discovered in the Linux kernel’s Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw to cause a denial of service (system crash) or potentially execute arbitrary code via a specially crafted packet. Various other issues were also addressed.
Monthly Archives: July 2015
Ubuntu Security Notice USN-2660-1
Ubuntu Security Notice 2660-1 – A race condition was discovered in the Linux kernel’s file_handle size verification. A local user could exploit this flaw to read potentially sensitive memory locations.
Adobe Flash ActionScript 3 ByteArray Use-After-Free Vulnerability
Original release date: July 07, 2015
Adobe Flash Player contains a vulnerability within the ActionScript 3 ByteArray class, which can allow a remote attacker to execute arbitrary code on a vulnerable system. Versions affected include Adobe Flash Player 9.0 through 18.0.0.194.
Users and administrators are encouraged to review Vulnerability Note VU#561288 for additional information.
This product is provided subject to this Notification and this Privacy & Use policy.
CVE-2015-2850
Cross-site scripting (XSS) vulnerability in index-login.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices allows remote attackers to inject arbitrary web script or HTML via the msg parameter.
CVE-2015-2849
SQL injection vulnerability in main.ant in the ANTlabs InnGate firmware on IG 3100, InnGate 3.01 E, InnGate 3.10 E, InnGate 3.10 M, SG 4, and SSG 4 devices, when https is used, allows remote attackers to execute arbitrary SQL commands via the ppli parameter.
Avast Browser Cleanup removes unwanted browser add-ons
Most Internet users are familiar with this problem all too well: After downloading a video player, Java, Flash updates or other software, the browser has suddenly changed. New buttons and icons in all colors and sizes along with an URL entry bar take up valuable real estate on your browser. The browser runs noticeably slower – and the results look different. Most annoying is that the advertising becomes more prominent.
Our free utility gets rid of annoying toolbars and restores hijacked searches.
Over the past two years, Avast Browser Cleanup has identified more than 60 million different browser add-ons which are often bundled with other free software, such as video players, Java and Flash updates. These toolbars typically occupy the horizontal space below a user’s browser and can include buttons, icons, and menus. Despite removing and re-installing a browser, toolbars will often remain, which is a behavior similar to malware.
“We’ve entered the decade of unwanted add-ons — Google is now cracking down and removing ad-injecting toolbars from its Chrome store. Avast detects these toolbars and many more and is focusing on helping users battle browser toolbars that are one of the biggest consumer security outbreaks since spyware,” said Vince Steckler, Chief Executive Officer of Avast.
While not malicious per se, browser add-ons that come as toolbars can hijack and switch a user’s search preferences and can be extremely difficult to remove once installed. Avast Browser Cleanup removes these unwanted toolbars from Google Chrome, Mozilla Firefox, and Internet Explorer and lets users restore their search engine preference. Previously available as a feature in Avast Free Antivirus, Avast Browser Cleanup has now been made available as a new, free stand-alone product.
The new version of Avast Browser Cleanup includes improved browser compatibility, support of the latest browsers, more homepages to choose from when resetting the browser, and more aggressive detection of toolbar protectors that make removal difficult. Additionally, Avast Browser Cleanup now runs in the background, notifying the user when it detects a potentially unwanted or malicious toolbar.
Are you an Avast user? You already have Avast Browser Cleanup.
Avast Browser Cleanup is integrated in all Avast antivirus security products, including the free version.
Use another antivirus product? You can use stand-alone Avast Browser Cleanup.
If you don’t use Avast as your antivirus protection, Avast Browser Cleanup can be downloaded as a free stand-alone software.
Hacking Team Couldn’t Hack Your iPhone
More than 36 hours after the huge cache of data from Hacking Team’s corporate network was dumped online, researchers are continuing to find surprising bits and pieces in the documents. Among them is evidence that the company had an enterprise developer certificate from Apple, allowing it to develop internal apps, but could not get its […]
T-Mobile received the most US data requisition requests
Telco T-Mobile’s US arm received more data requests than its larger peers in 2014.
The post T-Mobile received the most US data requisition requests appeared first on We Live Security.
Open SSL mystery bug to be fixed Thursday July 9
A new version of Open SSL is set to be released imminently, patching a single ‘high severity’ vulnerability.
The post Open SSL mystery bug to be fixed Thursday July 9 appeared first on We Live Security.
What I learned at Cyber Boot Camp (Instructor Edition)
Teaching computer security to highly motivated students at Cyber Boot Camp reveals a lack of basic computer science education in California Schools.
The post What I learned at Cyber Boot Camp (Instructor Edition) appeared first on We Live Security.
