JAVA 1.6 Update 4

SANS blogged about the latest JAVA 1.6 Update 4 release back on January12th. Brian Krebs today wrote a piece in his Washington Post blog Security Fix. I admit it. I have no idea whether or not this update is critical. SANS seemed to say ‘you might want to do this soon.’ Brian said ‘it contains …

Continue reading ‘JAVA 1.6 Update 4’ »

Another Vulnerability in Quicktime? Oh Come on

US CERT has posted an alert about a zero day vulnerability in Quicktime US-CERT is aware of a vulnerability in Apple QuickTime that may allow an attacker to execute arbitrary code or cause a denial-of-service condition on an affected system. Until a security fix becomes available, US-CERT encourages users and administrators to follow the Securing …

Continue reading ‘Another Vulnerability in Quicktime? Oh Come on’ »

Quicktime Update Released

Apple released a Quicktime update tonight bringing us to 7.2.0.245. Download Link The patch is issued to resolve “a command injection issue exists in QuickTime’s handling of URLs in the qtnext field in QTL files.” It would have been nice if they’d updated the file version of quicktimeplayer.exe or updated the version information in add …

Continue reading ‘Quicktime Update Released’ »

Got Windows 2000 and want to run Quicktime? tough luck

Through reading comments over at Brian Krebs Security Fix, is found out that Quicktime 7.2 is not supported on Windows 2000. Just to verify that for myself, I tried installing on Windows 2000 and found that only XP and Vista are supported. Windows 2000 is slowly riding into the sunset, however Microsoft still supplies security …

Continue reading ‘Got Windows 2000 and want to run Quicktime? tough luck’ »