Assorted Links2 August 2006 · Filed in News
I have a variety of links and articles, mostly security related, that aren’t really substantial enough for a full-blown entry, but I wanted to mention them anyway.
Vulnerabilities have been uncovered in a variety of Cisco products, ranging from the web interface in their routers to their Call Manager software. In addition, the VPN 3000 series VPN concentrators are open to a denial of service (DoS) attack.
There’s some question about the recent MS06-035 patch released by Microsoft and whether it actually patches the vulnerability. The MSRC (Microsoft Security Response Center) blog insists that proof of concept (PoC) code released after MS06-035 exploits a new vulnerability. I’m not sure which is worse–Microsoft failing to properly patch, or that a new vulnerability has been discovered?
Apple has released a new security update, fixing a number of vulnerabilities in various components.
Supposedly, a Mac OS X laptop will be/was hijacked via Wi-Fi at the Black Hat Conference today. Security researchers are trying to bring attention to security flaws in device drivers, an often-overlooked portion of many operating systems.
UPDATE: Apparently, the Wi-Fi hijacking of an Apple MacBook was indeed demonstrated yesterday; see this updated article.Tags: Apple · Cisco · Macintosh · Microsoft · Security · Windows Previous Post: Disabling AD Replication Next Post: VMware on Mac OS X