February

Microsoft Advance Notification for February
The assessment was updated yesterday to note that Microsoft has released their Advance Notification for February Security Bulletins. On Tuesday, February 9, Microsoft plans on releasing a total of thirteen Security Bulletins: five “critical”, seven “important”, and one “moderate”. These bulletins will address a total of twenty-six vulnerabilities across Windows and Office. As usual, this information is subject to change until the actual release. For more details, please review the Advance Notification and associated MSRC blog post.
http://blogs.technet.com/msrc/archive/2010/02/04/february-2010-bulletin-release-advance-notification.aspx
http://www.microsoft.com/technet/security/bulletin/ms10-feb.mspx%20

Information Disclosure Vulnerability in Samba
Samba is an open source SMB/CIFS implementation. Details have been made public for a directory traversal vulnerability in Samba that allows a remote attacker to retrieve and/or modify certain files on Samba servers. It appears that symlinks can be used to allow a client to gain access to files on the server that they would not otherwise be authorized to access. The access is limited to the permissions of the process, which generally does not run as a superuser. A patch is not currently available for this vulnerability. We will provide more information as it becomes available.
http://www.youtube.com/watch?v=NN50RtZ2N74




Share and Enjoy:
  • Print
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • Blogplay
Posted on February 9, 2010 at 1:03 PM by root · Permalink
In: Security · Tagged with: , ,

Leave a Reply

You must be logged in to post a comment.