|
|
Severity Rating: Critical
Revision Note: V1.1 (December 10, 2014): Bulletin revised to correct update replacement entries for Microsoft .NET Framework 4.5/4.5.1/4.5.2 (update 2972107)
Summary: This security update resolves three privately reported vulnerabilities in Microsoft .NET Framework. The most severe of the vulnerabilities could allow remote code execution if an attacker sends a specially crafted URI request containing international characters to a .NET web application, causing ASP.NET to generate incorrectly constructed URIs. In .NET 4.0 applications, the vulnerable functionality (iriParsing) is disabled by default; for the vulnerability to be exploitable an application has to explicitly enable this functionality. In .NET 4.5 applications, iriParsing is enabled by default and cannot be disabled.
|
|
|
Full View / NID: 51977 / Submitted by: The Zilla of Zuron
|
|
New recommended program update is available for download.
|
|
|
Full View / NID: 51976 / Submitted by: The Zilla of Zuron
|
|
Malta - 10 December 2014 - InfiNet Wireless, the leader in fixed broadband wireless connectivity, has today announced its most recent addition to its wireless broadband portfolio, the InfiLink XG series, which was instantly a big hit at the 2014 Secutech ASEAN event in Bangkok, Thailand. The series was showcased by InfiNet's local distribution partner, Easy Network, and attracted a large attendance during the event.Secutech ASEAN, which took place from the 26th to the 28th...
Source: RealWire
|
|
|
Full View / NID: 51975 / Submitted by: The Zilla of Zuron
|
|
|
LONDON - 10 December 2014: Panviva, the leading provider of cloud-based business process guidance software solutions, today announced the completion of a minority equity investment from Telstra Ventures.The investment by Telstra Ventures enables Panviva to accelerate product development and expand its sales and marketing capabilities globally, capitalizing on the rapidly emerging market opportunities for business process guidance software. SupportPoint, Panviva's cloud-based business process guidance software solution, enables knowledge workers to effectively perform complex business processes...
Source: RealWire
|
|
|
Full View / NID: 51974 / Submitted by: The Zilla of Zuron
|
|
|
London - 10th December 2014 - Skyscape Cloud Services Limited, the easy to adopt, easy to use and easy to leave cloud services company, has today announced that it is supporting the new Digital Leaders Wales programme. Digital Leaders serves as an independent and non-lobbying focal point of engagement and resource network for individuals and organisations across the UK and beyond that is committed to delivering sustainable and innovative digital transformation.The newly launched programme in...
Source: RealWire
|
|
|
Full View / NID: 51973 / Submitted by: The Zilla of Zuron
|
|
|
Third edition of Wick Hill Guardian now available Woking, Surrey: 10th December 2014 - The third issue of the Wick Hill Guardian is now available on-line from Wick Hill or as a mailed-out printed version. With its professed aim to 'Advise, not Advertise', the Wick Hill Guardian is a great read for IT security managers looking to understand more about existing and future security issues, as well as suggesting the type of solution best suited...
Source: RealWire
|
|
|
Full View / NID: 51972 / Submitted by: The Zilla of Zuron
|
|
|
10 December 2014 - As the complexity and diversity of devices, platforms and modes of interaction advance, so do the associated risks from malicious individuals, criminal organisations and states that wish to exploit technology for their own purposes. Below, Michael Fimin, CEO at Netwrix provides his major observations of IT security trends and the most crucial areas to keep watch over in 2015: Cloud Many individuals and enterprises are already using cloud technologies to store...
Source: RealWire
|
|
|
Full View / NID: 51971 / Submitted by: The Zilla of Zuron
|
|
|
Provider's Intuitive InfoApps™ and Customisable BI Portal Among Differentiators Recognised in ReportNew York, NY - December 10, 2014 - Information Builders, a leader in business intelligence (BI) and analytics, information integrity, and integration solutions, today announced that the company was positioned as a leader in Nucleus Research's most recent Analytics Technology Matrix. The report evaluated the company's BI and analytics platform, WebFOCUS, which is designed to meet the information delivery needs of all stakeholders. According...
Source: RealWire
|
|
|
Full View / NID: 51970 / Submitted by: The Zilla of Zuron
|
|
|
Severity Rating: Critical
Revision Note: V2.0 (December 9, 2014): To address issues with Security Update 3003057, Microsoft re-released MS14-065 to comprehensively address CVE-2014-6353. Customers running Internet Explorer 8 on Windows 7 or Windows Server 2008 R2, or Internet Explorer 10 should either install the newly offered update or install the December Internet Explorer Cumulative Update (3008923). See Microsoft Knowledge Base Article 3003057 for more information.
Summary: This security update resolves seventeen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
|
|
|
Full View / NID: 51979 / Submitted by: The Zilla of Zuron
|
|
SUNNYVALE, CA -- (Marketwired) -- 12/09/14 --
AMD (NYSE: AMD) today announced that it is transferring its stock exchange listing to The Nasdaq Stock Market from The New York Stock Exchange, effective after market close on December 31, 2014. AMD shares are expected to begin trading as a Nasdaq-listed security on January 2, 2015 and will continue to trade under the symbol AMD. This transfer is expected to be seamless for AMD investors and shareholders.
"We are excited to join other industry-leading technology companies listed with Nasdaq and believe this move will help AMD reach investors and shareholders more efficiently and effectively as we continue transforming the company for long-term...
|
|
|
Full View / NID: 51969 / Submitted by: The Zilla of Zuron
|
|
Microsoft&#rsquo;s Frank Shaw may have been onto something when he coined the term PC-plus back in 2011. In a company blog post, Shaw wrote, &#rsquo;Most of the time, new objects enhance and complement the things we&#rsquo;ve already got. They don&#rsquo;t replace them.&#rdquo; Three years later, his sentiment rings true. Many businesses are still reliant on […]]>...
|
|
|
Full View / NID: 51968 / Submitted by: The Zilla of Zuron
|
|
|
By Harry Labana, Vice President of Products, End-User Computing, VMware VMware App Volumes (formerly CloudVolumes) is now shipping! App Volumes is a real-time application delivery system that enables IT to instantly deliver applications with complete application lifecycle management. App Volumes provides seamless end-user experience while reducing infrastructure and management costs. Unlike traditional application management solutions, […]]>...
|
|
|
Full View / NID: 51967 / Submitted by: The Zilla of Zuron
|
|
|
By Shankar Iyer, VP of Product Management, Desktop Solutions, End-User Computing, VMware It&#rsquo;s been exactly a quarter since my last blog on our product releases and I&#rsquo;m thrilled to be talking about our next set of releases now available. We&#rsquo;ve continued the rapid pace we set earlier this year and are excited to be delivering […]]>...
|
|
|
Full View / NID: 51966 / Submitted by: The Zilla of Zuron
|
|
|
While most VMware shops enjoy the flexibility of provisioning virtual resources with the click of a button, it&#rsquo;s been somewhat of a trickier hurdle to bring that same level of agility to desktop application delivery. Spinning up a new virtual machine with enough power to smoothly run Adobe Creative Suite is easy, but actually getting […]]>...
|
|
|
Full View / NID: 51965 / Submitted by: The Zilla of Zuron
|
|
|
Over the last few months the VMware Certified Professional 5 - Data Center Virtualization (VCP5-DCV) Delta exam has proven to be a very popular route to certification for many in our certified community. While we thought most people would take advantage of this opportunity to recertify before the end of the year, we have received […]]>...
|
|
|
Full View / NID: 51964 / Submitted by: The Zilla of Zuron
|
|
|
Today VMware has released the following new security advisory: VMSA-2014-0013 The advisory documents CVE-2014-8373, a critical remote privilege escalation vulnerability in vCloud Automation Center (vCAC). It is important to note that the provided patches will temporarily disable the vCAC “Connect (by) Using VMRC” functionality for directly connecting to vCenter Server. Customers should review the security […]]>...
|
|
|
Full View / NID: 51963 / Submitted by: The Zilla of Zuron
|
|
|
Download the End User Computing (EUC) launch playbook for more detail on these key EUC products: VMware Horizon FLEX , VMware Workstation, and VMware PlayerPro. With all of these products and solutions now generally available, visit the Quarterly Partner Briefing portal to learn more.
|
|
|
Full View / NID: 51962 / Submitted by: The Zilla of Zuron
|
|
|
By Jay Marshall Today&#rsquo;s announcement of the Cloud Foundry Foundation is a significant milestone for the industry&#rsquo;s leading open platform as a service project. The Cloud Foundry Foundation is made up of more than 40 member companies and will be managed as a Linux Foundation Collaborative Project, a leader in managing and operating open source […]]>...
|
|
|
Full View / NID: 51961 / Submitted by: The Zilla of Zuron
|
|
|
Severity Rating: Important
Revision Note: V1.0 (December 9, 2014): Bulletin published.
Summary: This security update resolves one privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a specially crafted file is opened in an affected edition of Microsoft Office. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
|
|
|
Full View / NID: 51960 / Submitted by: The Zilla of Zuron
|
|
The Official Pattern Release or OPR is Trend Micro's latest compilation of patterns for identified viruses. It is guaranteed to have passed a series of critical tests to ensure that customers get optimum protection from the latest virus threats.
|
|
|
Full View / NID: 51959 / Submitted by: The Zilla of Zuron
|
|
|
Severity Rating: Critical
Revision Note: V1.0 (December 9, 2014): Bulletin published.
Summary: This security update resolves fourteen privately reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet Explorer. An attacker who successfully exploited these vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
|
|
|
Full View / NID: 51958 / Submitted by: The Zilla of Zuron
|
|
|
Severity Rating: Important
Revision Note: V1.0 (December 9, 2014): Bulletin published.
Summary: This security update resolves four privately reported vulnerabilities in Microsoft Exchange Server. The most severe of these vulnerabilities could allow elevation of privilege if a user clicks a specially crafted URL that takes them to a targeted Outlook Web App site. An attacker would have no way to force users to visit a specially crafted website. Instead, an attacker would have to convince them to visit the website, typically by getting them to click a link in an email message or Instant Messenger message that takes them to the attacker's website, and then convince them to click the specially crafted URL.
|
|
|
Full View / NID: 51957 / Submitted by: The Zilla of Zuron
|
|
|
Severity Rating: Important
Revision Note: V1.0 (December 9, 2014): Bulletin published.
Summary: This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow information disclosure if a user browses to a website containing specially crafted JPEG content. An attacker could use this information disclosure vulnerability to gain information about the system that could then be combined with other attacks to compromise the system. The information disclosure vulnerability by itself does not allow arbitrary code execution. However, an attacker could use this information disclosure vulnerability in conjunction with another vulnerability to bypass security features such as Address Space Layout Randomization (ASLR).
|
|
|
Full View / NID: 51956 / Submitted by: The Zilla of Zuron
|
|
|
Severity Rating: Critical
Revision Note: V3.0 (December 9, 2014): Bulletin revised to announce the reoffering of the 2992611 update to systems running Windows Vista and Windows Server 2008. The reoffering addresses an issue in the original release. Customers running Windows Vista or Windows Server 2008 who installed the 2992611 update prior to the December 9 reoffering should reapply the update. See Microsoft Knowledge Base Article 2992611 for more information.
Summary: This security update resolves a privately reported vulnerability in the Microsoft Secure Channel (Schannel) security package in Windows. The vulnerability could allow remote code execution if an attacker sends specially crafted packets to a Windows server.
|
|
|
Full View / NID: 51955 / Submitted by: The Zilla of Zuron
|
|
|
Severity Rating: Critical
Revision Note: V1.0 (December 9, 2014): Bulletin published.
Summary: This security update resolves a privately reported vulnerability in the VBScript scripting engine in Microsoft Windows. The vulnerability could allow remote code execution if a user visits a specially crafted website. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
|
|
|
Full View / NID: 51954 / Submitted by: The Zilla of Zuron
|
|
We have finished the schedule for FOSDEM PGDay and the PostgreSQL Devroom at FOSDEM 2015 - our apologies for the delay in processing!
You will find a number of great talks both on PostgreSQL usage and development from great speakers. And of course, it will as usual feature the Hallway Track, where you can network with fellow PostgreSQL users!
We have also opened registration. Number of seats are limited, and as we sold out last year, we recommend that you make your reservation as soon as possible. Registration is €50 for all attendees for the PGDay on Friday. No registration is necessary if you only want to attend the Devroom at FOSDEM on Saturday.
Finally, we'd like to remind you that our rate with the conference hotel (Marriott Brussels) will expire on Dec 15th. Therefore, we recommend that you book your accommodations as soon as possible!
We hope to see you in Brussels in January!
|
|
|
Full View / NID: 51953 / Submitted by: The Zilla of Zuron
|
|
|
Enhanced Connectivity available with Multi-Platform Web Printing Solution, Star WebPRNT™ 9 December 2014 - International POS printer manufacturer Star Micronics announces today that it provides enhanced connectivity with its platform agnostic WebPRNT™ solution. Offering a low cost and versatile solution to cloud/web based printing issues, WebPRNT enables simple platform agnostic receipt printing direct from web based applications using Star's new WebPRNT Browser for a Star mobile printer or a 'plug-in' upgrade option for desktop POS...
Source: RealWire
|
|
|
Full View / NID: 51952 / Submitted by: The Zilla of Zuron
|
|
|
Extract from the Institute of Risk Management's Extended Enterprise study advances benefits of moving from supplier assessment to supplier risk management Reading, UK, 9 December 2014 - SureCloud®, a supplier of Cloud-based Governance, Risk and Compliance (GRC) solutions, today announced the immediate availability of its paper for enterprise risk practitioners entitled Supplier assurance: advancing from assessment to risk management. Written by SureCloud CEO, Richard Hibbert, the paper is a short extract from October 2014's highly...
Source: RealWire
|
|
|
Full View / NID: 51951 / Submitted by: The Zilla of Zuron
|
|
|
The year ahead will see other industries and disciplines adopt software development technology and collaboration practices while the Internet of Things matures and security threats persistKey Points:The Internet of Things will drive new cross-functional collaboration among previously siloed teams DevOps, Continuous Delivery and other practices that were previously exclusive to software development will spread across the enterprise Software vulnerabilities such as Heartbleed will persist as the industry deals with the first major technology failure related...
Source: RealWire
|
|
|
Full View / NID: 51950 / Submitted by: The Zilla of Zuron
|
|
|
New Release Delivers Deeper Collaboration and Hybrid Integrations, Increases Business Value MessagingLondon, UK - Dec. 9, 2014 - xMatters, inc., a leader in communication-enabled business processes, today introduced the latest release of the xMatters On-Demand cloud platform. Available globally today, the technology enables efficient two-way enterprise-wide intelligent communications and alerting. The new release boasts significantly enhanced collaboration features, a cloud-to-enterprise hybrid integration agent, enhancements to executive and employee messaging and more.Today's modern enterprise cannot afford...
Source: RealWire
|
|
|
Full View / NID: 51949 / Submitted by: The Zilla of Zuron
|
|
