Apple Security Updates – August 2010
August 25th, 2010 | 
Author: Apple have released security updates for Mac OSX. A total of eight updates are available that addresses multiple vulnerabilities reported in key areas such as ClamAV, PHP, CFnetwork, libsecurity and Samba.
Products affected are: Mac OS X Server 10.5, Mac OS X 10.5.8 , Mac OS X Server 10.6 , Mac OS X 10.6.4
For further details on this release and to obtain these updates please visit the original post here.
Posted in 
Remote code execution in itunes for windows
A “binary planting” vulnerability in Apple iTunes for Windows allows local or remote (even Internet-based) attackers to deploy and execute malicious code on Windows machines in the context of logged-on users.
Further details can be found here
HDMoore (Chief Security Officer at Rapid7) has also hinted that this vulnerability also affects 40+ Windows applications via this message.
Security advisory for vulnerability in Windows service isolation feature
Microsoft have released a security advisory of a potential threat arising from the Windows service isolation feature. This feature enables windows to secure objects such as registry entry used by a service by applying an access control with a unique security ID without having to use a super-administrator account. The current vulnerability in the service could allow an attacker to gain elevated privileges when untrusted code is being executed under the NetworkService account.
Affected products include: Windows XP, Vista, Windows 7, Server 2003, 2008 (all versions)
For further information on this advisory and details on the affected configuration scenarios please visit the original post here.
Microsoft Security Updates Summary – August 2010
A summary of Microsoft’s security patches released on 10-August-2010.
| Bulletin Number | Products Affected | Description | Exploits | Platforms Affected |
| MS10-047 | Windows Kernel | Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege | No Known Exploits | Client - Important
Server – Important |
| MS10-048 | Windows Kernel | Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege | Active exploits publicly available | Client - Important
Server – Important |
| MS10-049 | IIS and SChannel | Vulnerabilities in SChannel could allow Remote Code Execution | No Known Exploits | Client - Important
Server - Critical |
| MS10-050 | Windows Movie Maker | Vulnerability in Windows Movie Maker Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Important |
| MS10-051 | Microsoft XML Core services | Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-052 | Microsoft MPEG Layer-3 Codecs | Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Important |
| MS10-053 | Internet Explorer | Cumulative Security Update for Internet Explorer | No Known Exploits | Client – Critical
Server - Important |
| MS10-054 | SMB Server | Vulnerabilities in SMB Server Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-055 | Cinepak codec | Vulnerability in Cinepak Codec Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Important |
| MS10-056 | Microsoft Word | Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Important |
| MS10-057 | Microsoft Excel | Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server – Important |
| MS10-058 | Windows Networking (TCP/IP) | Vulnerabilities in TCP/IP Could Allow Elevation of Privilege | No Known Exploits | Client – Important
Server - Important |
| MS10-059 | Tracing facility for services | Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege | No Known Exploits | Client – Important
Server - Important |
| MS10-060 | .NET and Silverlight | Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
A summary of Microsoft’s security patches released on 10-August-2010.
| Bulletin Number | Products Affected | Description | Exploits | Platforms Affected |
| MS10-047 | Windows XP SP2 and above
Windows Server 2003 SP2 |
Vulnerability in Help and Support Center Could Allow Remote Code Execution | Active exploits | Client - Critical
Server – Critical |
| MS10-048 | Windows 7 (64-bit)
Windows Server 2008 R2 (64-bit) |
Vulnerability in Canonical Display Driver Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server – Critical |
| MS10-049 | Microsoft Office -
Access 2003 SP3 Acess 2007 SP1 and above |
Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution | No Known Exploits | Client - Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
| MS10-050 | Microsoft Office | Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution | No Known Exploits | Client – Critical
Server - Critical |
Out-of-band Security update for Adobe
Adobe will be releasing an out-of-band security update addressing vulnerabilities reported in Adobe and Adobe reader on W/c 16 August 2010. This also includes update for the recently announced vulnerability in the ‘Truetype’ font which could allow remote attackers to execute arbitrary code and affects the above products. Please refer the original post for further details here.
Multiple Vulnerabilities reported in Cisco Security Products
A range of vulnerabilities have been reported affecting the Cisco ASA 5500 and FWSM (Firewall Services Module). A brief description of these are as follows:
Sun RPC Inspection Denial of Service Vulnerability:
A total of three DoS vulnerabilities exist in the Sun RPC inspection feature of both ASA and FWSM. This could be triggered by specially crafted UDP traffic in transit causing the device to reload and persistent activity could lead to Denial of Service.
Transport Layer Security Denial of Service Vulnerability:
A total of three security vulnerabilities have been reported in the way ASA handle TLS security which could allow an unauthenticated user to exploit it using specially crafted TLS packets causing the device to reload. This only affects ASA configured to accept SSL VPN connections and TLS proxy setup for Encrypted Voice Inspection.
TCP Denial of Service Vulnerability:
Cisco FWSM configured with multiple security contexts and setup to accept Telnet or SSH connections are vulnerable to Denial of Service attacks which an unauthenticated attacker could exploit with a series or specially crafted TCP packets destined to the device after a successful TCP three-way handshake is established. This does not affect the ASA product.
Session Initiation Protocol (SIP) Inspection Denial of Service Vulnerability:
A vulnerability exists in the SIP Inspection feature of the ASA could allow an unauthenticated attacker to exploit it using specially crafted SIP packets in transit causing the device to reload. Persistent attack could cause Denial of Service. This inspection feature in enabled by default on the ASA device.
Certified Internet Key Exchange (IKE) Message Denial of Service Vulnerability:
A vulnerability in the implementation of IKE (part of the IPSec protocol suite) in the ASA could allow an unauthenticated attacker to exploit it on a device setup for Site-to-Site VPN’s or IPSec remote access configured to receive such a message causing the device to reload.Persistent attack could cause Denial of Service
For further details on these vulnerabilities, recommended workarounds and how to get security fixes please visit the original posts:
http://www.cisco.com/warp/public/707/cisco-sa-20100804-asa.shtml [Advisory for ASA]
http://www.cisco.com/warp/public/707/cisco-sa-20100804-fwsm.shtml [Advisory for FWSM]
Update 1 (13 Aug 2010) – Cisco have released a security advisory confirming a TCP Denial Of Service Vulnerability affecting the IOS 15.1(2) train of software released.Only TCP connections initiating or terminating at the router could trigger this vulnerability and is not affected by transit traffic. For further information on this release and information on recommended workarounds please visit the original post here.