Patch Watch: Critical updates from Adobe, Cisco, Symantec, McAfee

Posted by Ryan Naraine @ 3:19 pm Categories: Patch Watch, Hackers, Zero-day attacks, Apple, Microsoft, Browsers, Cisco, Rootkits, Vulnerability research, Responsible disclosure, Botnets, Exploit code, Viruses and Worms, Data theft, Open source, Pen testing, Wi-Fi security, McAfee, Passwords Tags: McAfee Inc., Adobe Systems Inc., Symantec Corp., Vulnerability, Macromedia Flash Player, Cisco Systems Inc., Bulletin, Patch Tuesday, Ryan Naraine

Patch Tuesday is no longer an exclusive Microsoft event. Slowly but surely, it’s beginning to look like more and more big-name software vendors are piggybacking on Microsoft’s scheduled patch day to roll out critical software fixes.
This week, in addition to Microsoft’s six bulletins, computer users should also pay attention to high-severity updates from Adobe, Cisco, Symantec and McAfee.
Adobe rolled out two updates for gaping holes in Flash Player and PhotoShop CS2 and CS3, warning that attackers can exploit the vulnerabilities remotely to launch harmful code.
The Flash Player patch addresses several issues affecting Flash Player versions 8 through 9.
An input validation error has been identified in Flash Player 9.0.45.0 and earlier versions that could lead to the potential execution of arbitrary code. This vulnerability could be accessed through content delivered from a remote location via the user’s web browser, email client, or other applications that include or reference the Flash Player. (CVE-2007-3456)
An issue with insufficient validation of the HTTP Referer has been identified in Flash Player 8.0.34.0 and earlier. This issue does not affect Flash Player 9. This issue could potentially aid an attacker in executing a cross-site request forgery attack. (CVE-2007-3457)
The Linux and Solaris updates for Flash Player 7 (7.0.70.0) address the issues with Flash Player and the Opera and Konqueror browsers described in Security Advisory APSA07-03. These issues do not impact Flash Player 9 on Linux or Solaris. (CVE-2007-2022)
Adobe’s Photoshop update, also rated “critical,” addresses flaws that could be triggered by opening malicious image files.
Multiple input validation errors have been identified in Photoshop CS2 and Photoshop CS3 which could lead to the potential execution of arbitrary code. These vulnerabilities are not remotely exploitable, but could, for instance, be triggered by opening a malicious BMP, DIB, RLE or PNG file delivered to a user via their e-mail client. Users are recommended to update their installations with the patches provided below, and Adobe encourages all customers to be cautious before opening any unknown file, regardless of which application they may be using. These issues were previously publicly disclosed by a third party (CVE-2007-2244 and CVE-2007-2365).
Joining Adobe in the patching line with two bulletins is Cisco Systems. The switching and routing giant shipped two bulletins to correct critical bugs in the Cisco Unified Communications Manager (formerly CallManager).
The first Cisco bulletin warns to two overflow vulnerabilities that could allow a remote, unauthenticated user to cause a denial of service (DoS) condition or execute arbitrary code.
The second update contains this warning from Cisco:
Cisco Unified Communications Manager (CUCM), formerly CallManager, and Cisco Unified Presence Server (CUPS) contain two vulnerabilities that could allow an unauthorized administrator to activate and terminate CUCM / CUPS system services and access SNMP configuration information. This may respectively result in a denial of service (DoS) condition affecting CUCM/CUPS cluster systems and the disclosure of sensitive SNMP details, including community strings.
Separately, Symantec plugged a heap buffer overflow vulnerability that affects the Symantec Backup Exec for Windows Servers software. CERT/CC warns that a remote unauthenticated attacker may be able to cause the affected service to crash, resulting in a denial of service. Symantec also reports that the attacker may also potentially be able to execute arbitrary code on the affected system.
Rival McAfee also joined the patching party, fixing four different memory corruption vulnerabilities in the e-Policy Orchestrator Agent.

--------------------------------------------------------------------------
Distributed by Hasan Shrek, independence blogger. Also run online business , mlm coder, internet marketing solution , online store script .

Beside he is writing some others blogs for notebook computer , computer training , computer software and personal computer

--------------------------------------------------------------------------

Self-Contained Water Coolers: Xigmatek AIO vs. Evercool Silver Knight

One of the first coolers evaluated at AnandTech was a combination of air cooling and TEC (Thermal Electric Cooling) called the Vigor Monsoon II. The Monsoon did very well in overclocking, and is still the highest overclocking cooler we have tested, reaching 3.96GHz with the standard Core 2 Duo X6800 in our OC tests. While the Monsoon did very well in overclocking it did have a higher noise level than we care for, the result of the TEC switching on and off coupled to a fan that buzzed as it was turned on and off with the TEC. Since then we have reached 3.90 to 3.94GHz with several of the top air coolers, but we have not looked at more hybrid coolers - until today.Several new "self-contained" water coolers have shown up over the past few months. Water cooling is another ambient cooling method, like air cooling. The water temperature cannot drop lower than the room temperature, where TEC and phase-change can actually chill below the ambient temperature. This is why they are referred to as sub-ambient cooling. Water cooling is normally considered superior to air cooling because water can normally hold low temperatures for a longer period of time than air. Water is a much better thermal conductor than air and it is theoretically a better cooling vehicle.There are many high-end water cooling solutions with water-filled tubing that runs from CPU blocks to radiators for cooling and reservoirs for storage, and pumps for moving the liquid. The water systems are usually complicated, somewhat difficult to install, and plagued with the fact that water and electricity don't play well together, so a leak can destroy a computer system. This is where "self-contained" comes in. The water system is sealed, and the radiator, pump, fan, heatpipes, and fins are all together in a package about the size of a heatpipe tower.

The Evercool Silver Knight, or WC-601, is based on a similar concept, but with an external water pump and fan, instead of the internal units as used on the Xigmatek. The Evercool is a bigger self-contained water system, but it still had no problem fitting our tight EVGA 680i motherboard.The idea of the self-contained water cooling is to make water cooling simpler. These two units cannot even be recognized as water cooling systems. They mount just like a heatpipe tower and are a one-piece, no-maintenance, no-risk water cooling system. That concept is certainly intriguing, but the larger question is whether these new self-contained water coolers can give the best air coolers a run for their money. We will find out if they can in our comparison to the top air coolers tested at AnandTech.Water cooling is also well known for the low noise levels exhibited by many of the better water cooling systems. Are these self-contained water systems as quiet as they claim to be? With these questions in mind let's take a closer look at these two all-in-one water coolers.

--------------------------------------------------------------------------
Distributed by Hasan Shrek, independence blogger. Also run online business , mlm coder, internet marketing solution , online store script .

Beside he is writing some others blogs for notebook computer , computer training , computer software and personal computer

--------------------------------------------------------------------------

Blogging 101- The Basics by Robert

Blogging 101 is mostly about the blogging vocabulary. To understand blogs, you need to know the terms blog, platform, domain, and web host. Once you have mastered these key elements of blogging, you can enter any conversation about blogging with confidence. After you know what exactly a blog is, you will be on your way to passing the final exam of blogging 101.
Blog is short for weblog, which simply means a series of online posts presented in reverse chronological order. That's all! Most blogs are text, but there are also photo blogs and video blogs. The rest of blogging 101 has to do with the technical side of things. If you are setting up a blog, you will need a platform, a web host, and a domain. A blogging platform is a computer software program that allows you to write posts and to update your blog.
Your platform is also what you use to design the look of your blog, from color scheme to font size. The web host is sort of like the virtual file cabinet where your blog is stored. Your computer communicates with the host when you upload or edit a post. The domain is the online address of your blog, and usually ends in 'dot com'. Now that you know what a blog is, what a platform is, and what domains and hosts are, congratulate yourself!
You have passed blogging 101- The Basics.
For more info and FREE Blogging tips and videos on how to make money from Blogging, please visit: http://www.buildvre.com/Recommends/bttb2.html
About the Author
I hope you enjoyed my Blogging 101- The Basics article.
For more info and FREE Blogging tips and videos on how to make money from Blogging plús how one blog is making me almost $4,000 every month on autopilot, please visit: http://www.buildvre.com/Recommends/bttb2.html

--------------------------------------------------------------------------
Distributed by Hasan Shrek, independence blogger. Also run online business , mlm coder, internet marketing solution , online store script .

Beside he is writing some others blogs for notebook computer , computer training , computer software and personal computer

--------------------------------------------------------------------------

Is Someone Dumb-assed and Broke? by woz wridgley

Is someone Dumb-assed broke?..... If we try to look at the notion that 80% of Americans are poor-assed, 15%, of Americans are
middle class and the remaining 5% are filthy , filthy rich... The reason why 80% of the people
are, and always will be, broke is because there is 5% of the population that are hoarding way
too much money for their own direct needs, unless they are thinking that they are gonna live
for a few thousand years.... They are not, and if there is some way to shine some light on the
5% , then they could redistribute some funds in good ways to the masses, only real hurdle is
the word 'greed'and mental impairment caused by the spell of money.... I was thinking that the way to even the score real quick, would be to try to organize an
'INTERNATIONAL BANKRUPTCY DAY'... Now, just imagine that for a few freakkky seconds.... that would be a big blow to the capitalists... If every-one had the guts to file bankruptcy on
the same day it would be more fun than any government had ever dreampt of ..... You imagine how the fore-closures would force the price of housing down overnight... like what
is a $400,000 house now, would be worth maybe a couple of grand , if there was such a thing
left after the ambush... ambush now that is a pretty good term... u imagine, all the banks and
financial institutions, would be in such a spin , seeing that the american national debt
stands at 9trillion Dollars, and considering that china and india is looking to buy america,
and have enough funds to scare the living daylights out of the western governments and bankers
and the like.... The complete 'usery' system hangs by a very thin thread, it would not take much to change it
completely with a little bit of people power and the power of 'web 2.0', now the power of
web2.0 is a force to be reckoned with , when the drivers of of the web (dat is de ppl, by the
way) realize what their vehicle does, it will be the big bang all over again.... Geez i hope
i'm still on the planet to see that unfold .... What needs to be done is some blog freak to get the ball rolling and start the process of
re-distribution of wealth. Redistribution it is happening all over the planet as I write ,
look at the Poles, the Glaciers, The precipitation, it is a natural event that sweeps across
the planet easily once started... Like the tides of the ocean, like wild fire , like snowballs
..... The main reason that 80% of americans are broke is that they like living within the USERY
system that was invented by the 'Preists of BAAL'
About the Author
============================================================================================== Woz Wridgley has written another article because he can....... learn more about Being Broke at http://www.didyousmellthat.com

--------------------------------------------------------------------------
Distributed by Hasan Shrek, independence blogger. Also run online business , mlm coder, internet marketing solution , online store script .

Beside he is writing some others blogs for notebook computer , computer training , computer software and personal computer

--------------------------------------------------------------------------

Building A Strong Business Blog by Obinna Heche

A business blog is a great way to reach more customers and communicate with them on a more personal level. One of the biggest disadvantages of online businesses is that you do not have as much contact with the customer as you would if you ran a traditional storefront business. This means fewer chances to offer customers personal assistance. One way around is to create a business blog that is informative, entertaining and speaks to those who would be interested in purchasing the products from your website.

Business blogs are different from other types of blogs. When people think of blogs, they still think of personal diaries or writings about personal experiences that having nothing to do with their own lives. But in recent years, many businesses have seen the popularity of blogs and have taken them to the next level by introducing informative blogs that appeal to specific groups of people.

These blogs are read by thousands of potential customers each day. If you want to create a business blog, you should consider your audience. What are they looking for? Will they find your products interesting? Why will they continue reading your blog? Your blog should be able to reflect the industry you work in, aspects of the business or about products featured on your website. While it is fine to use humor in your blogs, you should try to be as informative as possible.

If you are new to blogging, you should research popular blogs that are similar to what you want to create. Most blogs are short posts between one hundred to three hundred words. Some blogs are longer. It is up to you how long you want your blogs to be. The best way to attract a constant stream of readers is to post frequently. This means at least once a week. Plan your blog a few days in advance to make sure it is well written and edited. Business blogs do not contain grammar or spelling errors and always have a logical order.

Make sure you include your website address on each post and archive them so readers can read previous posts. This will increase your popularity. You can also include keywords to help your blog expand its readership. Make sure keywords are added naturally and add them to the title of your posts whenever possible. Another way to increase your readership is to write a few articles promoting the blog. Submit to free article databases so your article is reposted on websites and in directories where readers will be able to find it.

A business blog can be a lot of fun to write. Readers can leave comments which increase the personal attention you can give to your customers.

About the Author

Obinna Heche. Los Angeles - California

Delivering the best home based business ideas and opportunities so you can work at home successfully.. http://www.home-incomeportal.com

--------------------------------------------------------------------------
Distributed by Hasan Shrek, independence blogger. Also run online business , mlm coder, internet marketing solution , online store script .

Beside he is writing some others blogs for notebook computer , computer training , computer software and personal computer

--------------------------------------------------------------------------

Make Money With Affiliate Programs by Little J

1. You can set up an affiliate site and get commissions for selling other people's products. The biggest money-maker in this area is, ironically, in selling Internet marketing products, however... most of the people making good money selling Internet marketing products have some sort of product of their own and the other products are an up sell. It's a great market which I would recommend getting into.

I'd recommend setting up an affiliate program as your first venture. They're reliable and easy to work with. Consider it a learning exercise, and if you make a little money with it too, that's great. Once you've got the hang of it, you can explore other affiliate possibilities.

2. You can create and sell info-products. The way some of the most successful Internet marketers make money is by identifying an unmet niche and creating a product for it. The basic approach is this: - Brainstorm some niche interests - Do keyword research to see what people are looking for - See what products already exist in that area - Make a product that doesn't exist yet - Create a simple one-page sales letter - Advertise, usually with pay-per-click

About the Author

Well if you found that information helpful feel free to visit the site for the resources to how to start setting up FREE of CHARGE I don't charge for the free information Good Luck! Pass it on someone can use the help.

http://easyaffiliateprogram.blogspot.com/

You can also try http://speedreadingmadeeasy.blogspot.com/ for free information on speed reading.

Also a Guide for new parents. http://survivalguidefornewparents.blogspot.com/ .

--------------------------------------------------------------------------
Distributed by Hasan Shrek, independence blogger. Also run online business , mlm coder, internet marketing solution , online store script .

Beside he is writing some others blogs for notebook computer , computer training , computer software and personal computer

--------------------------------------------------------------------------