Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: F-Secure and Trend Micro Release Critical Patches - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
F-Secure and Trend Micro Release Critical Patches

US-CERT has released information on two critical patches for F-Secure and Trend Micro security software.  As one of our readers, Roseman put it, time to keep your "keep-you-safe" software safe!  
 
Today, Trend Micro released patches affecting Office Scan versions 7.3 and 8.0.  The patches address a stack-based buffer overflow via HTTP request to server CGI modules. You can get further information about the respective patches here:

http://www.trendmicro.com/ftp/documentation/readme/OSCE_7.3_CriticalPatch_B1374_readme.txt

http://www.trendmicro.com/ftp/documentation/readme/OSCE_8.0_sp1p1_CriticalPatch_B3110_readme.txt
 

Yesterday, F-Secure released Security Bulletin FSC-2008-3 which addresses a RPM parsing vulnerability in which specially-made compressed file archives cancause an integer overflow.  This would apply if your program scans compressed files.  Read more about it here.

Mari Nichols    iMarSolutions

 Mari Nichols

76 Posts
Oct 22nd 2008
Thread locked Subscribe Oct 22nd 2008
1 decade ago

Sign Up for Free or Log In to start participating in the conversation!