Security Updates | 2009-08-06

I track security updates for the following vendors: Apple, Cisco, FreeBSD, Microsoft, Red Hat, and Sun Microsystems. I chose these vendors based on my own needs for the networks and systems I manage. I’ve also found that updates from these vendors tend to catch the major updates necessary for common software applications. If you have other vendors you would like me to provide updates for, send me a message.

Apple Inc.

• Mac OS X v10.5.8 / Security Update 2009-003

 

Microsoft Corporation

• Vulnerabilities in Visual Studio Active Template Library Could Allow Remote Code Execution (969706)
• Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371)
• Cumulative Security Update for Internet Explorer (972260)

Red Hat, Inc.

• RHSA-2009:1193 Important: kernel security and bug fix update
• RHSA-2009:1198 Critical: java-1.6.0-ibm security update
• RHSA-2009:1199 Critical: java-1.5.0-sun security update
• RHSA-2009:1200 Critical: java-1.6.0-sun security update
• RHSA-2009:1201 Important: java-1.6.0-openjdk security and bug fix update

Sun Microsystems, Inc.

• A Security Vulnerability With Verifying HMAC-based XML Digital Signatures in the XML Digital Signature Implementation Included With the Java Runtime Environment (JRE) may Allow Authentication to be Bypassed
• A Security Vulnerability in the Java Runtime Environment Audio System may Allow System Properties to be Accessed
• Multiple Security Vulnerabilities in Firefox Versions Prior to 3.5 May Allow Execution of Arbitrary Code or Access to Unauthorized Data
• Security Vulnerabilities With the Proxy Mechanism Implementation in the Java Runtime Environment (JRE) may Lead to Escalation of Privileges
• Multiple Security Vulnerabilities in libtiff(3) Handling of CODE_CLEAR Code