ID: IRCNE2012061531
Date: 2012-06-19

According to "internetnews", PHP language issued security updates LAS week addressing multiple vulnerabilities.
The two security flaws fixed in PHP 5.4.4 and PHP 5.3.14 are related to each other and could potentially enable an attacker to execute arbitrary code. The primary flaw, identified as CVE-2012-2143 is a security issue with the DES (Data Encryption Standard)implementation found within the PHP "crypt()" function.
The second flaw identified as CVE-2012-2386, is a vulnerability within the PHP phar extension. Phar enables entire PHP applications to be placed into a PHP Archive (phar) file.

ID: IRCNE2012061530
Date: 2012-06-19

According to “CNet”, challenge-response techniques called "CAPTCHAs" designed to keep spambots off Web sites can easily be broken by humans who are paid to type in the responses, according to a new report from security firm Imperva.
CAPTCHAs, which stands for Completely Automated Public Turing test to tell Computers and Humans Apart, are created by programs and are intended to be difficult for computers to fill out.
"One of its inherent flaws today is that it can be easily bypassed by outsourcing it to human solvers for a very low cost," the study says. "When the CAPTCHA is solved for the attacker by other humans, it doesn't matter how good it is at distinguishing humans from machines. Therefore, a CAPTCHA alone is not enough to guarantee the security and the content quality of the site."
Bad CAPTCHAs can also turn people away if they are difficult or annoying to complete. To avoid this, the report suggests creating mini-games or using CAPTCHAs only when there is suspicious behavior.

ID: IRCNE2012061529
Date: 2012-06-19

According to “ZDNet”, starting with the upcoming iOS 6, Apple will require apps to get explicit user permission before accessing contacts, calendars, reminders and photos.
Tthe following was added to the “Data Privacy” section in Apple’s iOS 6 Release Notes:
In addition to location data, the system now asks the user’s permission before allowing third-party apps to access certain user data, including:

• Contacts
• Calendars
• Reminders
• Photo Library

For contact, calendar, and reminder data, your app needs to be prepared to be denied access to these items and to adjust its behavior accordingly.
The move follows a privacy uproar earlier this year when social network app Path was discovered uploading users’ complete address book to its servers.

ID: IRCNE2012061528
Date: 2012-06-19

According to "techworld", VMware has released security patches for its Workstation, Player, Fusion, ESXi and ESX products in order to address two vulnerabilities that could allow attackers to compromise the host system or crash a virtual machine.
The more serious vulnerability is identified as CVE-2012-3288 and stems from an improper validation of input data when loading virtual machine checkpoint files, the virtualisation said in a security advisory.
Attackers could exploit this validation error by loading specially crafted checkpoint files to trigger a memory corruption and potentially execute arbitrary code on the host system.
VMware advised customers to upgrade to the newly released Workstation 8.0.4, Player 4.0.4 and Fusion 4.1.3 or to install the patches available for their respective versions of ESXi and ESX. Customers should also avoid importing virtual machines from untrusted sources, the company said.
The second vulnerability addressed by the new security updates could allow attackers to crash a virtual machine by sending malformed traffic from a remote virtual device. Users are advised not to attach untrusted remote devices to virtual machines, the company said.

ID: IRCNE2012061527
Date: 2012-06-19

According to “ZDNet”, last week, when Microsoft released the critical Internet Explorer update, the company issued a warning that working exploit code could be released within 30 days.
Less than a week later, an exploit for one of the “critical” browser flaw has been fitted into the freely available Metasploit point-and-click attack tool and samples have been released to Contagio, a blog that tracks live malware attacks.
The addition of the exploit into Metasploit effectively means that cyber-criminals now have access to copy the attack code for use in exploit kit and other mass malware attacks.
The vulnerability (CVE-2012-1875) is a remote code execution flaw in the way that Internet Explorer accesses an object that has been deleted. The vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
Microsoft has confirmed that this flaw is being used in “limited attacks” but the company has not (yet) updated its MS12-037 bulletin to make it clear that public exploit code is now widely available.
On Windows XP, the vulnerability can be reliably exploited without any third-party component. We found the exploit tried to download and execute a binary from a remote server. The server was hosted by Yahoo and was taken down the same day we reported this to Microsoft.
Researchers at AlienVault Labs are reporting the discovery of “several servers hosting similar versions of the exploit.” It also said the exploit supports a wide range of languages and Windows versions (from Windows XP through Windows 7) and appears to be very reliable.

Related Links:
Patch Tuesday: Microsoft raises alert for dangerous IE, Windows flaws

شماره: IRCNE2012061526
تاريخ: 28/03/91

اوراكل با عرضه Java SE Development Kit 6, Update 44 كه 14 ترميم امنيتي را به كاربران ارائه مي­دهد، جاوا را به روز رساني كرد. 12 آسيب پذيري از اين مجموعه، آسيب پذيري­هايي هستند كه مي­تواند از راه دور و بدون احراز هويت مورد سوء استفاده قرار گيرند. نكته قابل توجه اين است كه همزمان با اوراكل، اپل نيز اقدام به به روز رساني جاوا كرده است.
اهميت به روز رساني فوري جاوا صرفنظر از اينكه شما از ويندوز، Mac OS X يا لينوكس استفاده مي­كنيد بسيار قابل توجه است.
يك محقق امنيتي ارشد در شركت امنيتي سوفوس اظهار داشت: بسياري از آسيب پذيري­هاي ترميم شده در اين به روز رساني جاوا، از نوع اجراي كد از راه دور هستند، بنابراين بسيار مهم هستند. اغلب اين آسيب پذيري­ها با احتمال زياد به سرعت مورد سوء استفاده قرار خواهند گرفت.
در چند سال اخير، جاوا يكي از تكنولوژي­هايي بوده است كه بيش از سايرين مورد سوء استفاده قرار گرفته است و اين مساله صرفا محدود به Mac OS X نمي­شود. در سال 2011، مطالعات مستقل شركت­هاي سيسكو و Qualys جاوا را به عنوان آسيب پذيرترين پلاگين مرورگرها معرفي كرد.
به روز رساني اخير جاوا از طريق سايت اوراكل قابل دانلود مي­باشد.

مطالب مرتبط:
انتشار 14 اصلاحيه برای Java SE توسط اوراكل

شماره:IRCNE2012061525
تاريخ: 28/03/91

بنا به گزارش گروه مديريت امداد و پاسخگويي به رخدادهاي رايانه اي آمريكا (US-CERT)، برخي از سيستم‌عامل‌هاي 64 بيتي و نرم‌افزارهاي مجازي‌سازي زماني كه بر روي پردازنده‌هاي اينتل اجرا شوند، نسبت به حملات ارتقاي حق دسترسي محلي آسيب‌پذير هستند.
اين آسيب‌پذيري كه CVE-2012-0217 نام دارد از شيوه‌اي كه اينتل دستور SYSRET را در نسخه x86-64 كه به عنوان intel 64 شناخته مي شود، پياده سازي كرده، نشأت گرفته است.
اين آسيب پذيري تنها بر روي اينتل 64 قابل سوءاستفاده است و اين يعني سيستم عامل هاي 32 بيتي در معرض خطر نيستند. سيستم عامل هايي كه آسيب پذيري آنها تأييد شده است عبارتند از نسخه هاي 64 بيتي ويندوز 7، ويندوز سرور 2008R2 ، نسخه هاي 64 بيتي FreeBSD، NetBSD، نرم افزار مجازي سازي Xen، همچنين لينوكس Red Hat Enterprise و سرور SUSE Linux Enterprise كه به صورت پيش فرض حاوي Xen Hypervisor است.
گروه پاسخ به رخدادهاي امنيتي VMWare تأييد كرده است كه VMWare's hypervisor از دستور SYSRET استفاده نمي كند و بنابراين نسبت به حملات مذكور آسيب‌پذير نيست.
اغلب توليدكنندگان نرم‌افزار اصلاحيه هاي امنيتي براي رسيدگي به آسيب‌پذيري مذكور منتشر كرده و به كاربران توصيه كرده اند كه در اسرع وقت آنها را نصب نمايند. مايكروسافت اصلاحيه مربوطه را به عنوان بخشي از سه‌شنبه اصلاحيه ماه ژوئن MS12-042 منتشر كرده است.
حملات ارتقاي حق دسترسي بر پردازنده‌هاي AMD تأثير نمي‌گذارد زيرا اين پردازنده‌ها به شيوه متفاوتي دستور SYSRET را مديريت مي‌كنند. با اين وجود، پردازنده‌هاي قديمي AMD ممكن است تحت شرايط مشابه قفل شده و منجر به حمله انكار سرويس شوند.

ID: IRCNE2012061526
Date: 2012-06-17

According to “InternetNews”, Oracle has updated Java with Java SE Development Kit 6, Update 44 (JDK 6u33) providing 14 security fixes, 12 of which can be remotely exploitable without authentication. Of particular note with the Oracle June Java update is the fact that Apple is also updating Java at the same time.
The importance of updating Java immediately -- regardless of whether you are using Windows, Mac OS X, or Linux -- cannot be overstated.
"Many of the vulnerabilities fixed in the latest Java are remote code execution, so they are very important," Chester Wisniewski, senior security researcher at Sophos said. "Not any one stands out, but they will likely be exploited if they are not already in the wild."
Over the last several years, Java has been one of the most exploited technologies and not just on Mac OS X. In 2011, studies from Cisco and Qualys both independently identified Java as the most vulnerable browser plug-in.
The latest Java updates are currently freely downloadable from Oracle.

Related Links:
Oracle to issue 14 patches for Java SE

ID :IRCNE2012061525
Date: 2012-06-17

Attackers could exploit the vulnerability to force Intel CPUs to return a general protection fault in privileged mode. This would allow them to execute code with kernel privileges from a least-privileged account, or to escape from a virtual machine and gain control of the host operating system.
The vulnerability can only be exploited on Intel CPUs when the Intel 64 extension is in use. This means that 32-bit operating systems or virtualization software are not vulnerable.
Some of the operating systems confirmed as vulnerable so far include x64-based versions of Windows 7 and Windows Server 2008 R2, the 64-bit versions of FreeBSD and NetBSD, the Xen virtualization software, as well as Red Hat Enterprise Linux and SUSE Linux Enterprise Server, which include the Xen hypervisor by default.
The VMWare security response team confirmed that VMware's hypervisor does not make use of the SYSRET instruction and is, therefore, not vulnerable to this attack, US-CERT said.
Most of the affected vendors have released security patches to address this vulnerability and users are advised to install them as soon as possible. Microsoft addressed it on Tuesday as part of its MS12-042 security bulletin.
The privilege escalation attack is not applicable to AMD processors because they handle the SYSRET instruction differently, the Xen security team said in their advisory. However, under similar attack conditions, older AMD CPUs might lock up, resulting in a denial of service condition, the team said.

شماره: IRCNE2012061524
تاريخ: 27/03/91

فيس بوك شروع به نمايش نكات امنيتي در بالاي صفحه خانگي هر كاربر كرده است كه شامل لينكي به اطلاعاتي در مورد فريب­ها، كلمات عبور و چگونگي حفظ امنيت در شبكه اجتماعي مي­باشد.
به كاربران توصيه شده است كه از كلمات عبور يكسان براي حساب­هاي فيس بوك و ايميل خود استفاده نكنند. اين صفحه همچنين حاوي نكاتي در مورد چگونگي كشف فريب­ها است.
همچنين در اين نكات امنيتي به كاربران توصيه شده است كه شماره موبايل خود را در اختيار فيس بوك قرار دهند تا در صورت وقوع نشت داده ها، براي ارسال كلمه عبور جديد به آنها مورد استفاده قرار گيرد.
در اين مطالب امنيتي اشاره اي به بدافزارها نشده است. روز پنجشنبه نيز فيس بوك در مورد مشاركت در طرح حذف انتشار بدافزارها از طريق آگهي­هاي آنلاين اطلاع رساني كرده بود.
اين حركت به دنبال اخبار نشت داده ها در شبكه هاي اجتماعي مختلف و به خصوص LinkedIn، رخ داده است.
به گفته يك سخنگوي فيس بوك، اين هشدارهاي امنيتي ظرف چند روز آتي براي تمامي كاربران نمايش داده مي­شود.

مطالب مرتبط:
افشای كلمات عبور LinkedIn