شماره: IRCNE2014052189
تاريخ:24/02/93

شركت ادوب به منظور برطرف كردن تعداد زيادي آسيب پذيري در محصولات خود يك مجموعه به روز رساني هاي جدي را منتشر كرد. تمامي محصولات به روز شده حداقل يك آسيب پذيري بحراني دارند.
به روز رساني هاي ادوب آكروبات و Reader، 11 آسيب پذيري را در محصولات ادوب مربوط به سيستم عامل هاي ويندوز و مكينتاش برطرف مي كند. به روز رساني فلش پلير پنج آسيب پذيري را در تمامي نسخه هاي اين محصول از جمله ويندوز، مكينتاش، لينوكس و نسخه هاي تعبيه شده در كروم و IE برطرف مي نمايد و به روز رساني Illustrator يك آُسيب پذيري را در نسخه ويندوز و مكينتاش اين محصول اصلاح مي كند.

Number:IRCNE2014052190
Date: 2014-05-14

According to “zdnet”, Microsoft issued eight security updates today addressing a total of 14 vulnerabilities in Windows, Office and SharePoint Server. Three are already being exploited in the wild.
This is the first Patch Tuesday since the end of support for Windows XP and Office 2003. Even though Microsoft provided an update one week ago for all Windows versions, including Windows XP, this time they followed through on policy and did not release updates for Windows XP even though one of the updates patched today is critical and likely affects Windows XP.
Less well-known is that Microsoft Office 2003 also exited its support period in April. There are two updates to Microsoft Office, but none for Office 2003 which appears to be affected by at least one of the non-critical vulnerabilities fixed in the updates to later versions.
Even less well-known is that Microsoft SharePoint Portal Server 2003 also entered its end of support period last month. Three critical vulnerabilities in SharePoint Server versions 2007, 2010 and 2013, Office Web Apps, SharePoint Designer and SharePoint Server 2013 Client Components SDK were patched today, but no patches were issued for the 2003 product.
Three of the vulnerabilities below disclosed today are being exploited in the wild. A fourth had already been publicly disclosed. The most severe, MS14-029, almost certainly affects Windows XP, is being exploited in the wild, and is not patched on Windows XP.

• MS14-029: Security Update for Internet Explorer (2962482) — This is the most critical of today's critical updates. All supported versions of Internet Explorer on all supported versions of Windows (this no longer includes Windows XP) are vulnerable to two memory corruption vulnerabilities which could result in remote code execution.
• MS14-022: — All supported versions of SharePoint Server, including 2007, 2010 and 2013, as well as Office Web Apps, SharePoint Designer and SharePoint Server 2013 Client Components SDK are vulnerable to a critical remote code execution vulnerability. A second cross-site scripting (XSS) vulnerability affects only SharePoint Server 2013, Office Web Apps 2013 and the SharePoint Server 2013 Client Components SDK. A final critical remote code execution vulnerability ("Web Applications Page Content Vulnerability") affects only Office Web Apps 2010.
• MS14-024: Vulnerability in a Microsoft Common Control Could Allow Security Feature Bypass (2961033) — A vulnerability in the MSCOMCTL common controls library could allow a malicious web site to bypass ASLR (Address Space Layout Randomization). The library comes with Microsoft Office and all shipping versions are listed as vulnerable, but it is likely to be exploited through Internet Explorer. Note: Office 2003 may well be vulnerable to this bug, but it is not listed as being updated.
• MS14-023: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2961037).
• MS14-025: Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege (2962486).
• MS14-026: Vulnerability in .NET Framework Could Allow Elevation of Privilege (2958732).
• MS14-027: — All versions of Windows are vulnerable to an elevation of privilege vulnerability when the Windows Shell improperly handles file associations. A successful attacker could run code in the LocalSystem context.
• MS14-028: Vulnerability in Windows Shell Handler Could Allow Elevation of Privilege (2962488) — Server versions of Windows are vulnerable to two denial of service vulnerabilities in the way Windows handles iSCSI packets.

Number:IRCNE2014052189
Date: 2014-05-14

According to “zdnet”, Adobe has issued a series of updates to address a large number of vulnerabilities in their products. All updated products have at least one critical vulnerability.
The update to Adobe Acrobat and Reader fixes 11 vulnerabilities in the Windows and Mac products. The update to Flash Player fixes five vulnerabilities in all versions of the product: Windows, Mac and Linux, including the versions embedded in Google Chrome and Internet Explorer. The Illustrator update addresses a single vulnerability in the Windows and Mac products.
Windows and Mac Acrobat and Reader users can get updates with the Help-Check for Updates option. Flash users can get their updates by downloading them from Adobe, but if they use a browser which has the update included in their browser.These updates should be forthcoming from Google and Microsoft.

شماره: IRCNE2014052188
تاريخ:21 /02/93

بنا به يافته هاي منتشر شده در آخرين گزارش امنيتي شركت مايكروسافت، اواخر سال 2013 تعداد رايانه هاي در حال اجراي ويندوز كه به نرم افزارهاي مخرب آلوده شده اند سه برابر افزايش يافته است.
بنا به اين گزارش، در سه ماهه سوم سال 2013 از هر 1000 رايانه به طور متوسط 5.8 رايانه به بدافزار آلوده شده است اما اين تعداد در سه ماهه چهارم 17 رايانه از هر 1000 رايانه بوده است.
Tim Rains، مدير بخش Trustworthy Computing مايكروسافت اين افزايش آلودگي به بدافزارها را به "Rotbrow" نسبت مي دهد. Rotbrow در دسته نرم افزارهاي مخرب دسته بندي نمي شود بلكه به عنوان"dropper" شناخته مي شود كه مي تواند نرم افزارهاي ديگر را بر روي سيستم دانلود كند. اين برنامه مي تواند توسعه دهنده هاي مخرب مرورگر را نيز دانلود نمايد. مايكروسافت نسبت به اين عملكرد Rotbrow به شركت هاي امنيتي هشدار مي دهد كه اين برنامه را مسدود نمايند.
شركت مايكروسافت اواخر ماه دسامبر سيستم تشخيص Rotbrow را به ابزار Malicious Software Removal خود اضافه كرده است.
هم چنين در اين گزارش آمده است كه تعداد آسيب پذيري ها در محصولات مايكروسافت كه ميتوانند از راه دور مورد سوء استفاده قرار بگيرند در فواصل سال 2010 تا 2013 حدود 70 درصد كاهش يافته است.

Number:IRCNE2014052188
Date: 2014-05-11

According to “computerworld”, a three-fold increase in Microsoft Windows computers infected with malicious software in late 2013 came from an application that was for some time classified as harmless by security companies.
The finding comes as part of Microsoft's latest biannual Security Intelligence Report (SIR), released on Wednesday, which studies security issues encountered by more than 800 million computers using its security tools.
In the third quarter of 2013, an average of 5.8 Windows computers out of every 1,000 were infected with malware, said Tim Rains, director of Microsoft's Trustworthy Computing division, which tracks security trends targeting the company's widely used products. That jumped to about 17 computers per 1,000 for the last quarter of the year.
Rains attributed the rise to malware called "Rotbrow."
For some time, computer security companies didn't classify Rotbrow as malicious software. Rotbrow is known as a "dropper," with capabilities to download other software on a computer.
But then Rotbrow started downloading malicious browser extensions. Microsoft noticed the change and alerted other security companies, which then began blocking it.
Microsoft added detection for Rotbrow in its Malicious Software Removal Tool (MSRT) last December after it raised suspicion.
The report also said the number of vulnerabilities in Microsoft products that can be remotely exploited has fallen by 70 percent between 2010 and 2013.
The latest report does not include data on the zero-day vulnerability in Internet Explorer that Microsoft released an emergency patch for on Monday. The flaw, which affects IE 6 through IE 11, could allow attackers to execute code remotely on a compromised computer if the user views an infected web page using the browser.

شماره: IRCNE2014052187
تاريخ: 20/2/93

ممكن است كاربران آيفون در برابر يك نقص امنيتي قفل صفحه نمايش كه به هكر اجازه مي‌دهد به جزئيات ليست تماس دسترسي پيدا كند، آسيب‌پذير باشند.
به گفته يك هكر مصري كه اين نقص امنيتي را كشف كرده و گام‌هاي آن را در يوتيوب ضبط كرده است، اين آسيب‌پذيري صرفاً در iOS 7.1.1 (آخرين نسخه اين پلتفورم موبايل) و در هنگامي‌كه Siri از قفل صفحه نمايش قابل دسترسي باشد وجود دارد.
اين نقص امنيتي هنگاميكه Siri در قفل صفحه نمايش فعال شده و كاربر كلمه Contacts را بيان مي‌كند، ايجاد مي‌گردد. اگرچه Siri از عرضه هرگونه جزئيات پيش از وارد كردن كلمه عبور خودداري مي‌كند، اما كاربر قادر است به ليست تماس دسترسي پيدا كند. در اين حالت مي‌توان نام‌هاي ليست تماس را به صورت يك به يك امتحان كرد و يا اينكه به كل ليست به صورت يكجا دسترسي پيدا كرد.
البته هكر بايد به لحاظ فيزيكي به گوشي دسترسي داشته باشد تا قادر به انجام اين ترفند باشد.
اين نقص امنيتي كه نصور مي‌رود بر روي تمامي نسخه‌هاي iPhone كه از Siri استفاده مي‌كنند وجود داشنه باشد، صرفاً دسترسي به شماره‌هاي تماس را فراهم نمي‌آورد، بلكه تمامي اطلاعات قابل دسترسي از كارت تماس را در اختيار قرار مي‌دهد.
به كاربران توصيه مي‌شود كه Siri را از گزينه Passcode در تنظيمات عمومي گوشي خود غيرفعال كنند.

شماره: IRCNE2014052186
تاريخ:20/02/93

شركت مايكروسافت هشدارهاي مربوط به سه شنبه اصلاحيه ماه مي 2014 را منتشر كرد. در 13 مي در مجموع هشت بولتن منتشر خواهد شد كه دو بولتن در دره امنيتي بحراني قرار دارد.
اين اولين سه شنبه اصلاحيه پس از توقف به روز رساني هاي ويندوز XP و آفيس 2003 مي باشد. اگرچه شركت مايكروسافت هفته گذشته يك اصلاحيه براي تمامي نسخه هاي ويندوز از جمله ويندوز XP فراهم كرد اما اين شركت قصد ندارد تا ديگر به روز رساني براي ويندوز XP منتشر كند.
بولتن يك كه با عنوان MS14-022 منتشر خواهد شد يك آسيب پذيري اجراي كد از راه دور براي ويندوز است. اين بولتن براي تمامي نسخه هاي كلاينت ويندوز از ويندوز ويستا تا ويندوز 8.1 در رده امنيتي بحراني قرار دارد و براي تمامي نسخه هاي ويندوز سرور در رده امنيتي مهم قرار دارد. اين آسيب پذيري بر روي ويندوز XP نيز در رده امنيتي بحراني قرار دارد اما اين نسخه از ويندوز در فهرست نسخه هاي اصلاح شده قرار ندارد.
بولتن بحراني ديگر با عنوان MS14-023 شناخته مي شود كه حداقل يك آسيب پذيري بحراني در SharePoint Server نسخه 2007، 2010 و 2013 را برطرف خواهد كرد.
بولتن سه و هشت تمامي نسخه هاي مايكروسافت آفيس از جمله نسخه 2007، 2010 و 2013 در هر دو نسخه 32 بيتي و ARM را تحت تاثير قرار مي دهد و براي تمامي پلت فرم ها در رده امنيتي مهم قرار دارد. اين آسيب پذيري در آفيس 2003 اصلاح نخواهد شد.
چهار بولتن و به روز رساني هاي ديگر مايكروسافت ويندوز را تحت تاثير قرار مي دهد و در رده امنيتي مهم قرار دارد. به نظر مي رسد كه ويندوز XP تحت تاثير بولتن هاي چهار، پنج و شش قرار داشته باشد.
مطابق معمول هميشه شركت مايكروسافت نسخه جديدي از ابزار Windows Malicious Software Removal Tool و هم چنين چندين به روز رساني غيرامنيتي را منتشر خواهد كرد.

شماره: IRCNE2014052185
تاريخ:20 /02/93

شركت ادوب اعلام كرد كه روز سه شنبه، 13 مي به روز رساني هاي ادوب آكروبات و Reader را براي ويندوز و مكينتاش منتشر خواهد كرد. اين به روز رساني ها حداقل يك آُسيب پذيري بحراني را برطرف مي كنند.
نسخه هاي زير تحت تاثير اين آسيب پذيري ها قرار دارند:

• Adobe Reader XI و Acrobat XI نسخه 11.0.06 و نسخه هاي پيش از 11.x براي ويندوز و مكينتاش
• Adobe Reader X و Acrobat X نسخه 10.1.9 و نسخه هاي پيش از 10.x براي ويندوز و مكنيتاش

در حال حاضر جزئيات بيشتر در دسترس نيست اما اين آسيب پذيري يا آسيب پذيري هاي اصلاح شده در رده امنيتي 1 كه بالاترين رده امنيت در سيستم ادوب است قرار دارند.

ID: IRCNE2014052187
Date: 2014-05-03

According to “ZDNet”, iPhone users may be vulnerable to a lock-screen flaw that allows a hacker to access contact list details on the device.
iOS 7 had an extreme makeover, beauty pageant style, in a vastly aesthetic and design-focused release. Here's more.
According to the Egyptian part-time hacker who discovered the flaw and recorded the steps on YouTube, Sherif Hashim, the vulnerability only exists when running iOS 7.1.1, the latest version of the mobile platform, and when Siri is available from the lock-screen.
The flaw exists when Siri is triggered on the lock-screen, and a user says, "Contacts." Although Siri will refuse to dish out any details, not before bringing up the password screen, a user is able to access the contacts list by pulling up on the screen, editing the request, and asking for a duplicated name. If you have more than one "John," for instance, you have the option to view all contacts from the "Other..." menu.
However, the hacker attempting to gain access to the device must be in its physical presence in order to perform the trick.
Although you can try different names one by one, you also have the option to access the full contacts list.
The flaw, which is believed to work on all iPhone versions running Siri, doesn't just gain access to phone numbers, but any information that is available from a contact card.
Users are advised to switch off Siri from the Passcode options in the General settings of the device.

Number:IRCNE2014052186
Date: 2014-05-10

According to “zdnet”, Microsoft has released their advance notification for the May 2014 Patch Tuesday updates. There will be a total of eight updates issued next Tuesday, May 13, two of them rated critical.
This is the first Patch Tuesday since the end of support for Windows XP and Office 2003. Even though Microsoft provided an update one week ago for all Windows versions, including Windows XP, they do not plan to make any such accommodations this time.
Bulletin one, which will be released as MS14-022, is a remote code execution vulnerability for Microsoft Windows, specifically involving Internet Explorer. It is listed as critical for all client versions of Windows from Windows Vista through Windows 8.1 and moderate for all Windows Server versions. In such cases it is inevitable that the bug will be critical on Windows XP as well, but XP is not listed as among the products to be updated.
The other critical bulletin, Bulletin two (MS14-023), addresses at least one critical vulnerability in SharePoint Server 2007, 2010 and 2013.
Bulletins three and eight affect all supported versions of Microsoft Office: 2007, 2010 and 2013, both x86 and ARM, and are rated Important for all platforms. Office 2003, which also reached its end of support last month, is not listed as being scheduled to receive an update.
The other four bulletins and updates all affect Microsoft Windows and are rated Important. Based on the other products affected it would appear that Windows XP will be affected by bulletins four, five and six, but not seven.
As is usually the case, Microsoft will also release a new version of the Windows Malicious Software Removal Tool and a large collection of non-security updates to various Windows versions.