BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

March, 2013

vmware

VMware ESXi and ESX libxml2 Buffer Underflow

Disclosed March 28, 2013    Partially Patched
Vendors: VMware
Vulnerability Severity: Medium
Exploit Impact:
Exploit Availability:
lucy2

Least Privilege and South Korea

Posted March 26, 2013    BeyondTrust Research Team

No, this isn’t some editorial piece about the interrelationships of varying social strata in South Korean society and Gangnam Style. Despite how interesting that may be, we are instead taking a quick look at the latest “wiper” malware to strike fear in the hearts of CTOs and IT admins alike – DarkSeoul (or Jokra or…

Tags:
, , , ,
retinacs-img9

Creating a Gold Image SCAP Template for Windows

Posted March 21, 2013    Bill Tillson

One of the challenges of Benchmark Configuration management is creating or modifying SCAP OVAL content to match your business policies and requirements. The following procedure is recommended to create custom Windows benchmarks for the Retina Network Security Scanner and Retina CS via local system policy, Local GPO, and Microsoft Security and Compliance Manager. For starters,…

Tags:
, , , ,
university-winchester

University of Winchester secures its applications with the help of BeyondTrust

Posted March 20, 2013    Sarah Lieber

A PowerBroker for Windows customer, University of Winchester, was recently highlighted in the Spring 2013 Government and Public Sector Journal (GPSJ). GPSJ is a great source for professionals in the government & public sectors, and informs them of the latest breaking news and exclusive footage. We are very happy and proud of our customer being…

Tags:
, , ,
microsoft

Internet Explorer 9 Memory Disclosure

Disclosed March 20, 2013    Fully Patched
Vendors: Microsoft
Vulnerability Severity: Medium
Exploit Impact:
Exploit Availability:

March VEF Participant Wins a Kindle Fire

Posted March 19, 2013    Qui Cao

As you all know, every month we host our Vulnerability Expert Forum (VEF) webinar. This is a time where our experts share valuable insight regarding new vulnerabilities that are discovered and the actions that need to be taken as a result. It’s a quick way to get up to speed on current potential risks to your organization…

oracle

Partial Security Bypass Vulnerability in Java

Disclosed March 18, 2013    No Patch Available
Vendors: Oracle
Vulnerability Severity: Medium
Exploit Impact:
Exploit Availability:
572884_503436863_124962594_n

BeyondTrust CTO sits down with IT Harvest’s Richard Steinnon

Posted March 17, 2013    Mike Puterbaugh

BeyondTrust’s CTO, Marc Maiffret, recently sat down with IT Harvest’s Richard Steinnon to discuss a wide range of topics surrounding the security industry today, including the accelerated rate of attacks we’re currently seeing, what our customers are doing to protect themselves, and they even discuss BeyondTrust’s new tagline, Beyond Traditional Security and what that means…

Tags:
, , , , , , , , ,
patch-tuesday

March 2013 Patch Tuesday: Cleaning House

Posted March 12, 2013    BeyondTrust Research Team

Patch Tuesday is upon us and this month, Microsoft is doing a little spring cleaning of vulnerabilities, fixing a well-rounded collection of client-side vulnerabilities, along with a few server-side vulnerabilities for good measure. This month, the affected software includes Internet Explorer, Silverlight, Visio Viewer, SharePoint, OneNote, Outlook for Mac, and a Windows kernel-mode driver. In…

Tags:
, , , ,
java_update_screen

Oracle’s Java Hates Least-Privilege

Posted March 8, 2013    Marc Maiffret

Recently, there has been a lot of commentary and discussions about what to do about the state of security and the seemingly endless attacks that we are facing. There are, of course, many recommendations that are being made at a governmental level of how best to approach this problem through the use of information sharing…

Tags:
, , ,