One of the best-known secrets about PowerBroker for Windows is the ability to logically group rules into Collections. This Best Practice allows you to organize rules based on almost any criteria and treat multiple rules as a single entity. This feature is most useful when: Rules require the same item-level targeting Organizing rules into physical…
Microsoft has released a Security Advisory for the upcoming patch to increase minimum bit levels of certificates to 1024 bit security advisory 2661254. The expected release date for this patch is Oct 9th at which time the update will be available through Windows Update. This change to the minimum bits level of certificates will change…
September was an active month in terms of security commentary and news; ranging from an alleged Apple data hack to an IE 0day out-of-band patch release. Since I’m sure many of you are still catching up on the news, for your convenience I’ve included some of the more insightful September coverage below.
Microsoft has released a patch to fix the IE 0day, CVE-2012-4969, along with four other privately reported CVEs that lead to remote code execution (CVE-2012-1529, CVE-2012-2546, CVE-2012-2548, and CVE-2012-2557). One interesting thing to note is that CVE-2012-2546 and CVE-2012-2548 only affect the most recent version of Internet Explorer, IE 9. The now-patched 0day, CVE-2012-4969, affects…
Android 4 (so far dubbed Ice Cream Sandwich for 4.0.x or Jelly Bean for 4.1.x) is a significant upgrade to the user experience adding in many refinement and features. For enterprises dealing with the Bring Your Own Device (BYOD) movement, some of these upgrades can be a double-edged sword.
Just when you thought we were out of the woods, Internet Explorer 0day shows up, in the wild. Here’s what you need to know about the vulnerability: Internet Explorer 6, 7, 8, and 9 are vulnerable (UPDATE: Out-of-band patch available now!) Use-after-free when the CMshtmlEd object is deleted and then the same area in memory…
Every day there are new vulnerabilities being discovered that can be used to compromise your organizations computing environment.
|Exploit Impact:||Cross-Site Request Forgery, Cross-Site Scripting
|Exploit Availability:||Publicly Available|