Microsoft had their monthly patch day this past Tuesday. Mozilla released new versions of Firefox. Oracle and Adobe pushed theirs back a week, so look for them next week. Cisco released their update to coincide with Microsoft's. Well, not to be left out, Apple also released a number of updates this week. Some of these look like they could be rather serious, so if you are using any of the affected software, you should probably update ASAP.
- iPhone OS 3.1 and iPhone OS 3.1.1 for iPod Touch - covers CVE-2009-2206, CVE-2009-2794, CVE-2009-2207, CVE-2009-2795, CVE-2009-2815, CVE-2009-2796, CVE-2009-2797, CVE-2009-1725, CVE-2009-1724, and CVE-2009-2199
- QuickTime 7.6.4 - covers CVE-2009-2202, CVE-2009-2203, CVE-2009-2798, and CVE-2009-2799
- Mac OS X v10.6.1 - which fixes the downgrade of the Adobe Flash player that occurred when upgrading to 10.6
- Security Update 2009-005 - this update applies to the 10.4 and 10.5 branches of OS X (including PowerPC versions) and fixes issues with Alias Manager, CarbonCore, ClamAV, ColorSync, CoreGraphics, CUPS, Flash Player plug-in, ImageIO, Launch Services, MySQL, PHP, SMB, and the Wiki Server.
Jim Clausing, jclausing --at-- isc [dot] sans (dot) org
I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Bethesda 2020