Monthly Archives: December 2014

Apple first auto-patch for NTP flaw

For the first time, Apple has released an auto update to fix a critical security flaw that targets the Network Time Protocol in Mac OS X clock systems. The reason for releasing auto update is due to easily exploited by attackers remotely. According to National Institute of Standards and Technology, it is covered under CVE-2014-9295 that allows remote attackers to execute arbitrary code or cause a buffer overflow. The patch is available for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5 and OS X Yosemite v10.10.1. <more>

Xbox and Playstation goes offline on Christmas Day

Due to ongoing controversy with the latest release film “The Interview”, Sony PlayStation and Microsoft Xbox live faced disruption in services that believe to be a cyber attack. Service disruption extends to the second day after Christmas that means users are unable to play games and access entertainment channels during the outage. Both the companies are fully aware of the issue and pass on the information on their respective websites. Lizard Squad is behind the DDOS attack and claim the responsibility on the twitter. <more>

‘mailx’ security fix for various Linux flavors

‘mailx’ used for sending and receiving mail – widely used in several Linux distributions get the patch for two security flaws. Both the vulnerabilities occur due to improper parsing of email addresses and rated as “moderate”. CVE-2014-7844 covers the execution of arbitrary shell commands locally, whereas CVE-2004-2771 fixes the execution of arbitrary commands by leveraging the fact that mailx interprets shell meta-characters in certain email addresses. BSD mailx and Heirloom mailx implementations are vulnerable to these issues affecting Red Hat Enterprise Linux, CentOS, Debian, Ubuntu, and possibly other distributions. Users are advised to apply the updates on earliest basis. CVE-2004-2771 is almost a decade old vulnerability. <more>

Android Coolpad devices bundled with backdoor

Coolpad – an Android based smartphones are equipped with a backdoor by the manufacturer. Obviously the idea is not only to give user preferences advertisement, but also install applications without the knowledge of users. Coolpad devices have a strong user base in China and Taiwan. Security researchers of Palo Alto Networks, discovers a security flaw in the backend management interface that uncover the backdoor’s control system. According to Ryan Olson, intelligence director at Palo Alto, the CoolReaper backdoor is not only responsible for connecting to various C&C servers, but can also download, install and even activate any Android application without the user’s permission. <more>

Microsoft Last Patch Tuesday of 2014

Microsoft released last Patch Tuesday for 2014 year covering fixes for Internet Explorer, Office and Exchange Server. This month Patch Tuesday contains seven security bulletins – addressing twenty four security vulnerabilities. Out of seven, three bulletins are rated ‘CRITICAL’ i.e.  MS14-080, MS14-081 and MS14-084. Internet Explorer gets fixes for 14 security flaws under MS14-080. Most of the vulnerabilities are related to memory corruption that allows remote code execution. MS14-084 also targets Internet Explorer due to improper rendering of VBScript engine causing memory corruption. MS14-081 addresses remote code execution vulnerabilities in Word and Microsoft Office Web Apps. <more>

Adobe plugs Flash Player 0-day vulnerability

Along with Microsoft, Adobe not only patched six security flaws in Flash but also addresses 20 vulns Reader and Acrobat. Out of six vulns patched in Flash, one is believed to be exploited wild. According to Adobe advisory, all fixes for Flash are rated as ‘CRITICAL’ allowing intruders to take complete control of the vulnerable system. These vulnerabilities affect Windows, Mac and Linux platforms. Adobe credits security researcher ‘bilou’ who flagged the issue via Zero Day Initiative (ZDI) owned by HP. Flash versions 15.0.0.242 and earlier, 13.0.0.258 and earlier 13.x versions, and 11.2.202.424 and earlier versions for Linux are vulnerable and urged users to apply the fix on earliest basis, Adobe stated in the advisory. <more>