Security News > 2011 > September > Secunia Weekly Summary - Issue: 2011-37
======================================================================== The Secunia Weekly Advisory Summary 2011-09-08 - 2011-09-15 This week: 57 advisories ======================================================================== Table of Contents: 1.....................................................Word From Secunia 2....................................................This Week In Brief 3...............................This Weeks Top Ten Most Read Advisories 4................................................Secunia Community News 5................................................Secunia Corporate News 6..................................................This Week in Numbers ======================================================================== 1) Word From Secunia: Customer perspective on patch management "Patch management is without doubt one of the areas of IT security that organizations struggle with. Because it is resource-intensive, and often very manual in nature, many companies ignore patching, or make it less of a priority. Next generation patch management products that are seamless and automated will definitely resonate with customers... At SEB we have a range of different endpoints, across platforms, driven by the preferences of our employees. It is now up to corporate IT to ensure that consumerisation does not compromise our security." Soren Vibe-Hansen, Information Security Officer, SEB Denmark. The new Secunia Corporate Software Inspector (CSI) 5.0 integrates with Microsoft WSUS for easy patch distribution. Watch this video to find out more: http://www.youtube.com/user/Secunia#p/a/u/1/x6H4a0f2ZkQ ======================================================================== 2) This Week in Brief: Two vulnerabilities have been reported in Microsoft Office, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/45020/ Multiple vulnerabilities have been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/45932/ A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/45910/ Multiple vulnerabilities have been discovered in Movicon, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. http://secunia.com/advisories/45969/ Multiple vulnerabilities have been discovered in eSignal, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/45966/ Parvez Anwar has discovered a vulnerability in ACDSee FotoSlate, which can be exploited by malicious people to compromise a user's system. http://secunia.com/advisories/44722/ A vulnerability has been discovered in the Easy Comment Uploads plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. http://secunia.com/advisories/45959/ Some vulnerabilities have been reported in the Spring Framework, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system. http://secunia.com/advisories/45942/ ======================================================================== 3) This Weeks Top Ten Most Read Advisories: For more information on how to receive alerts on these vulnerabilities, subscribe to the Secunia business solutions: http://secunia.com/advisories/business_solutions/ 1. [SA45927] Wireshark Multiple Vulnerabilities 2. [SA45583] Adobe Flash Player Multiple Vulnerabilities 3. [SA45173] Sun Java JRE Insecure Executable Loading Vulnerability 4. [SA45880] Citrix XenServer Multiple Vulnerabilities 5. [SA45942] Spring Framework Multiple Vulnerabilities 6. [SA45955] LightNEasy Multiple Script Insertion Vulnerabilities 7. [SA45883] Cisco Nexus Series Switches ACL Deny Statement Security Bypass Security Issue 8. [SA45891] Microsoft Windows WINS Privilege Escalation Vulnerability 9. [SA45606] Apache HTTP Server ByteRange Filter Denial of Service Vulnerability 10. [SA45954] HP-UX Apache Web Server Suite Two Denial of Service Vulnerabilities ======================================================================== 4) Secunia Community News Get a free trial of the new Secunia CSI 5.0 Test drive all the functionalities including Microsoft WSUS & SCCM integration, Apple Mac OS X scanning, and more. Sign up and qualify for a special discount here: http://secunia.com/vulnerability_scanning/corporate/trial/ Network World Product Review The Secunia CSI 5.0 is named 'Product of the Week' along with Samsung. Read more here: http://secunia.com/company/blog_news/articles/255/ Beta news Read why Larry Seltzer says users of Microsoft WSUS will love the new Secunia CSI 5.0, here: http://secunia.com/company/blog_news/articles/254/ Event: ISF Annual World Congress, Berlin, Germany, 17th -20th September Join Stefan Frei, Secunia's Research Analyst Director and hear him present "Fixing the Fundamental Failures of End-Point Security: Managing vulnerabilities when perimeter protection has failed" (18th September @ 12:15 pm CET). Find out more: http://secunia.com/resources/events/isf_2011/ Event: NATO IA & CD Symposium, Mons, Belgium, 20-23 September Meet Brian Birkvald, Secunia's Technology Partner Director and former Information Security Manager at SHAPE (Supreme Headquarters Allied Powers Europe), NATO Headquarters. Leverage his 23 years of Information Security & Compliance experience: http://secunia.com/resources/events/nato_2011/ ======================================================================== 5) Secunia Corporate News Be tactical in your handling of vulnerability threats The Secunia VIM enables you to take pre-emptive action against vulnerabilities in a simple, cost effective way. Read more and request a free trial: http://secunia.com/products/corporate/vim/ ======================================================================== 6) This Week in Numbers During the past week 57 Secunia Advisories have been released. All Secunia customers have received immediate notification on the alerts that affect their business. This weeks Secunia Advisories had the following spread across platforms and criticality ratings: Platforms: Windows : 12 Secunia Advisories Unix/Linux : 23 Secunia Advisories Other : 0 Secunia Advisories Cross platform : 22 Secunia Advisories Criticality Ratings: Extremely Critical : 0 Secunia Advisories Highly Critical : 10 Secunia Advisories Moderately Critical : 28 Secunia Advisories Less Critical : 17 Secunia Advisories Not Critical : 2 Secunia Advisories ======================================================================== Secunia recommends that you verify all advisories you receive, by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Subscribe: http://secunia.com/advisories/weekly_summary/ Contact details: Web : http://secunia.com/ E-mail : support () secunia com Tel : +45 70 20 51 44 Fax : +45 70 20 51 45 _____________________________________________________________ Register now for the #HITB2011KUL - Asia's premier deep-knowledge network security event now in it's 9th year! http://conference.hitb.org/hitbsecconf2011kul/
News URL
http://www.youtube.com/user/Secunia#p/a/u/1/x6H4a0f2ZkQ