Jump to content
Sign in to follow this  
nosoop

Major System Vulnerability Notices

Recommended Posts

I think this would be a nice thread to have just for people to be informed about any major exploits available in their home computers so they can update and stay secure.  (I mean, not to say the server stack shouldn't be disregarded, but that's a small group that doesn't matter much to end-users.  It's not like Shellshock affects casual users, right?)

 

As the topic is locked, only site administrators (and I) are allowed to post in the thread.

 

Original text below:

 


 

Quick notice to Windows users:  Restart for the July 20th Windows update.

 

A vulnerability in how Windows loads embedded OpenType fonts (e.g., through web sites and formatted documents) opens up the potential of remote code execution on all currently supported Windows systems (and likely even on those that have been EOL'd).

 

This vulnerability is posted as Microsoft Security Bulletin MS15-078 and is marked as "Critical".  A kernel-mode driver has the bug, so exploits using it can effectively own your entire system.

 

The update that patches this flaw is KB3079904 and is marked as an important update.

 

This is Pretty Bad in terms of vulnerabilities (as much as Flash / Java and not something as easily disabled), so if you have any internet-connected Windows version prior to Vista, you really should go and upgrade or switch to a non-Windows alternative (or disable the OpenType driver, as outlined in the workarounds section of the MSB).

Share this post


Link to post

Major Flash vulnerability affecting all systems. It's currently fairly low-scope (targeting foreign affairs ministries), but who knows when it'll start spreading. Recommended to uninstall (or at least disable) Flash until the next fix.

 

http://bgr.com/2015/10/15/adobe-flash-player-security-vulnerability-warning/

 

https://helpx.adobe.com/security/products/flash-player/apsa15-05.html

Share this post


Link to post
Guest
This topic is now closed to further replies.
Sign in to follow this  

×