Tag Archive for: fixes

Got a Nexus? Google has five critical Android security fixes for you – The Register

/in

The Register

Got a Nexus? Google has five critical Android security fixes for you
The Register
The Mountain View giant said its January Android security update includes patches for five CVE-listed security vulnerabilities it rates as "critical" risks, two considered "high" security risks, and five flaws rated as "moderate." The upgrade is being
(Update: Factory images live) January Android security Nexus updates on the wayAndroid Authority (blog)
Google Nexus devices will get their January Android security updates anytime nowPhone Arena
Google Nexus devices will get their January Android security updates soonInternational Business Times AU
PhoneDog –Softpedia News –MobileSyrup.com
all 85 news articles »

“android security” – read more

Patch Tuesday November 2015: Microsoft releases 12 fixes, 4 rated critical

/in

For Patch Tuesday November 2015, Microsoft released 12 security bulletins, four rated as critical and the remaining 8 rated as important.

Rated Critical

MS15-112 is the cumulative fix for remote code execution flaws in Internet Explorer. Microsoft lists 25 CVEs, most of which are IE memory corruption vulnerabilities. 19 are called Internet Explorer memory corruption vulnerabilities, with three CVEs labeled slightly different as Microsoft browser memory corruption vulnerabilities. Of the remaining CVEs, one involves Microsoft browser ASLR bypass, one is for an IE information disclosure flaw, and one is a scripting engine memory corruption vulnerability. You should deploy this as soon as possible.

To read this article in full or to leave a comment, please click here

Network World Security

Cisco fixes iOS 9 compatibility issue that blocked some VPNs

/in

When iOS 9 debuted in September, Cisco’s AnyConnect VPN client for iOS stopped working correctly with some VPN server configurations, preventing resources from loading. During iOS 9’s beta period, Cisco filed a bug report with Apple about iOS 9 breaking DNS resolution in IPv4-based split tunnneling, but iOS 9 shipped without a fix. So did iOS 9.01, 9.02, and this week’s iOS 9.1.

But on Thursday, Cisco released an AnyConnect client update in the App Store, version 4.0.03016, that resolves the issue. Split-tunnel VPNs again work correctly, InfoWorld’s tests reveal.

To read this article in full or to leave a comment, please click here

Network World Security

Volkswagen has a technology problem: It fixes things by hiding them

/in

Volkswagen is in a lot of trouble for installing software on some of its diesel cars that figures out when they are undergoing emissions tests so it can adjust the cars to put out nitrogen oxide at acceptable levels.

That’s likely to win the company billions of dollars in fines, but it’s not the first time the company has hidden problems rather than fix them.

Just last month, security researchers delivered a paper that showed three ways to get around the Volkswagen lockout system that prevents its cars from being started unless the correct key with the correct chip embedded is used to crank it over.

The paper was noteworthy for the ingenuity of the three attacks it outlines but also for the length of time it sat on the shelf before being delivered to the public. It was ready to go back in 2013 but Volkswagen got a court order to block it then, and that was nearly a year after the researchers had told the manufacturers of the hardware about it under the principle of responsible disclosure.

To read this article in full or to leave a comment, please click here

Network World Tim Greene