Security Updates | 2009-12-23

I track security updates for the following vendors: Apple, Cisco, FreeBSD, Microsoft, Red Hat, and Sun Microsystems. I chose these vendors based on my own needs for the networks and systems I manage. I’ve also found that updates from these vendors tend to catch the major updates necessary for common software applications. If you have other vendors you would like me to provide updates for, send me a message.

If you have an interest in information security from both a technical and managerial level, check out Principles of Information Security. It does an excellent job of presenting material for both audiences.

Microsoft Corporation

• Credential Relaying Attacks on Integrated Windows Authentication
• Security Enhancements for the Indeo Codec

Red Hat, Inc.

• RHSA-2009:1692 Important: rhev-hypervisor security and bug fix update
• RHSA-2009:1688 Moderate: condor security update
• RHSA-2009:1637 Moderate: JBoss Enterprise Application Platform 4.2.0.CP08 update
• RHSA-2009:1636 Moderate: JBoss Enterprise Application Platform 4.3.0.CP07 update
• RHSA-2009:1658 Critical: flash-plugin security update

Sun Microsystems, Inc.

• A security vulnerability in the generation of encryption keys for Sun Ray firmware
• Security Vulnerability in the Sun Ray Server Software Authentication Manager May Allow a Denial of Service (DoS)
• Security Vulnerabilities in Solaris AnswerBook2 Documentation