Mises à jour importantes 2011 S06

=> WordPress 3.0.5. 08/02/2011. «WordPress 3.0.5 is now available and is a security hardening update for all previous WordPress versions. This security release is required if you have any untrusted user accounts, but it also comes with important security enhancements and hardening. All WordPress users are strongly encouraged to update (…).»
Source : wordpress.org/news/2011/02/wordpress-3-0-5/
Billets en relation :
08/02/2011. Sortie de WordPress 3.0.5 (et 3.1 RC4) : blogtoolbox.fr/sortie-wordpress-3-0-5/
08/02/2011. L’Hebdo WordPress : version 3.0.5 : www.wordpress-fr.net/blog/blog/themes/lhebdo-wordpress-version-3-0-5-tumblr-twitter-personnalisation

=> Adobe Reader 9.4.2 and 10.0.1 Updates are out. 08/02/2011. «Adobe released updates for Reader for 9.4.2 and 10.0.1. While this page on Adobe’s site doesn’t actually list them correctly, if you drill down into the actual product and OS, you’ll see the updates listed for 2/8/2011 (…).» Pour les ‘reader’, il y a toujours un décalage entre la mise à disposition de la mise à jour téléchargeable directement sur le site, et la mise à jour détectée par l’interface du lecteur. Vous pouvez donc forcer la mise à jour via le site.
Source : isc.sans.edu/diary.html?storyid=10378
Billets en relation :
08/02/2011. Product update : www.adobe.com/downloads/updates/
10/02/2011. Pas de chance pour Adobe Reader X : www.securityvibes.com/community/fr/blog/2011/02/10/pas-de-chance-pour-adobe-reader-x

=> Feburary 2011 Microsoft Black Tuesday Summary. 08/02/2011. «Here are the February 2011 Black Tuesday patches. Enjoy! (…).» Une mise à jour recommandée mais pas obligatoire concerne la fonctionnalité Autorun, qui la désactive pour tous supports sauf les CD et DVD. C’est une bonne chose, mais je regrette qu’elle n’ait pas été insérée par défaut.
Source : isc.sans.edu/diary.html?storyid=10375
Billets en relation :
08/02/2011. Microsoft finally says adios to Autorun : www.theregister.co.uk/2011/02/08/microsoft_windows_autorun_retirement/
08/02/2011. Tuesday’s Interesting IE Patches : www.securelist.com/en/blog/11158/Tuesday_s_Interesting_IE_Patches
08/02/2011. Breaking up the Romance between Malware and Autorun : blogs.technet.com/b/mmpc/archive/2011/02/08/breaking-up-the-romance-between-malware-and-autorun.aspx
08/02/2011. Deeper insight into the Security Advisory 967940 update : blogs.technet.com/b/msrc/archive/2011/02/08/deeper-insight-into-the-security-advisory-967940-update.aspx
08/02/2011. Two Recent Zero-Day Bugs Fixed by February Patch Tuesday : blog.trendmicro.com/two-recent-zero-day-bugs-fixed-by-february-patch-tuesday/
08/02/2011. Microsoft Security Bulletin Summary for February 2011 : www.microsoft.com/technet/security/bulletin/ms11-feb.mspx
09/02/2011. Microsoft met la fonction Autorun de Windows au placard : www.01net.com/www.01net.com/editorial/528034/microsoft-met-la-fonction-autorun-de-windows-au-placard/

=> Wine 1.3.13 adds tools for creating MSI installer. 08/02/2011. «Less than two weeks after the previous release integrating DOSBox, the Wine project development team has issued another development branch version of Wine, 1.3.13, for what will become Wine 1.4. Wine (Wine Is Not an Emulator) is free open source software that allows users to run Windows applications on Linux and Unix by providing its own native replacements for Windows DLLs (…).» Toujours 1.2.2 pour la version stable.
Source : www.h-online.com/open/news/item/Wine-1-3-13-adds-tools-for-creating-MSI-installers-1185471.html
Billets en relation :
04/02/2011. Sortie de Wine 1.3.13 : www.winehq.org/news/2011020401

=> Snort 2.9.0.4. 08/02/2011. «Snort 2.9.0.4 is currently slated for release on Thursday. It brings about several improvements to the Snort code and documentation (thanks to those members of the Snort Community who submitted bugs for both the code and documentation!), as well as the inclusion of SaaC (Snort as a Collector) code for Razorback (…).»
Source : blog.snort.org/2011/02/snort-2904-is-coming-this-week.html

=> ClamAV 0.97. 08/02/2011. «ClamAV 0.97 brings many improvements, including complete Windows support (all major components compile out-of-box under Visual Studio), support for signatures based on SHA1 and SHA256, better error detection, as well as speed and memory optimizations (…).»
Source : blog.clamav.net/2011/02/clamav-097-has-been-released.html

=> Flash Player 10.2. 08/02/2011. «Critical vulnerabilities have been identified in Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. Adobe recommends users of Adobe Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris update to Adobe Flash Player 10.2.152.26. (…).» En billets en relation, les liens Adobe utiles pour la mise à jour. Rappel, il faut installer la denrière version sur chacun des navigateurs présents. Exemple, si vous utilisez Firefox, il faut malgré tout faire la mise à jour aussi sous Internet Explorer (donc 2 mises à jour dans notre exemple). Pensez à décocher l’installation de la barre d’outils Google si cela vous est proposé.
Source : www.adobe.com/support/security/bulletins/apsb11-02.html
Billets en relation :
01/02/2011. 1-Vérifier version Flashplayer : www.adobe.com/fr/software/flash/about/
02/02/2011. 2-Désinstaller préalablement les versions FlashPlayer : kb2.adobe.com/cps/141/tn_14157.html
03/02/2011. 3-Installer dernière version FlashPlayer : get.adobe.com/fr/flashplayer/otherversions/
04/02/2011. 4-Vérifier version Flashplayer : www.adobe.com/fr/software/flash/about/
09/02/2011. Flash Player en version 10.2 avec Stage Video : www.generation-nt.com/telecharger-flash-player-stage-video-actualite-1156321.html

=> Adobe Shockwave Player 11.5.9.620. 08/02/2011. «Critical vulnerabilities have been identified in Adobe Shockwave Player 11.5.9.615 and earlier Versions on the Windows and Macintosh operating systems. These vulnerabilities could allow an Attacker, who successfully exploits these vulnerabilities, to run malicious code on the affected System. Adobe recommends users of Adobe Shockwave Player 11.5.9.615 and earlier versions Update to Adobe Shockwave Player 11.5.9.620 using the instructions provided below (…).» Pensez à décocher l’installation de la barre d’outils Norton.
Source : www.adobe.com/support/security/bulletins/apsb11-01.html
Billets en relation :
01/02/2011. 1-Vérifier version : www.adobe.com/fr/shockwave/welcome/
02/02/2011. 2-Désinstaller anciennes versions : fpdownload.macromedia.com/get/shockwave/uninstall/win/sw_uninstaller.exe
03/02/2011. 3-Installer nouvelle version : get.adobe.com/fr/shockwave/otherversions/
04/02/2011. 4-Vérifier version : www.adobe.com/fr/shockwave/welcome/

=> Oracle sort un correctif en urgence pour réparer une faille Java. 09/02/2011. «Selon une alerte publiée par l’éditeur, un bug planterait le runtime Java lors de la conversion de « 2.2250738585072012e-308″ en un nombre binaire à virgule flottante (…).»
Source : www.lemondeinformatique.fr/actualites/lire-oracle-sort-un-correctif-pour-reparer-une-faille-java-32865.html
Billets en relation :
08/02/2011. Oracle Security Alert for CVE-2010-4476 : www.oracle.com/technetwork/topics/security/alert-cve-2010-4476-305811.html
10/02/2011. Un DoS efficace contre Java : patchez ! : www.securityvibes.com/community/fr/blog/2011/02/10/un-dos-efficace-contre-java-patchez

=> Chrome 9 Security Update. 10/02/2011. «Following last week’s release of Chrome 9 and a rather brazen $20,000 offering to anyone who can hack their browser at CanSecWest, Google released a stable channel update addressing some security flaws and containing a new version of Flash Player (10.2) (…).»
Source : threatpost.com/en_us/blogs/chrome-9-security-update-021011
Billets en relation :
08/02/2011. Stable Channel Update : googlechromereleases.blogspot.com/2011/02/stable-channel-update_08.html

Vous pourriez aussi aimer...

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Vous pouvez utiliser ces balises et attributs HTML : <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Notifiez-moi les commentaires à venir via email. Vous pouvez aussi vous abonner sans commenter.