Patch Summary Webinar February 14

•Download as PPTX, PDF•

0 likes•290 views

The document summarizes security patches released in January and February 2012, including 7 Microsoft bulletins on January 8th addressing Internet Explorer and Exchange issues, an Oracle Java zero-day on January 13th, and Oracle's January 15th critical patch update covering 80 vulnerabilities. In February, patches were released for Oracle Java, Adobe Flash, 12 Microsoft bulletins addressing Internet Explorer and Exchange, and Adobe Flash and Reader updates. The document concludes by recommending monitoring patches from Microsoft, Apple, Adobe, Flash, Reader and Oracle Java.

Patch Overview January/February
Wolfgang Kandek, Qualys, Inc
February 14, 2012

January Patches
• Microsoft January 8: 7 bulletins – MS13-001-MS13-007
• 2 critical, 5 important
• XML MS13-002

January Patches
• Microsoft January 8: 7 bulletins – MS13-001-MS13-007
• 2 critical, 5 important
• XML MS13-002
• Adobe Reader - January 8

January Patches
• Microsoft January 8: 7 bulletins – MS13-001-MS13-007
• 2 critical, 5 important
• XML MS13-002
• Adobe Reader - January 8
• Oracle Java 0-day - January 13
• First announced on January 10 – Java 7 update 11

February Patches
• Oracle Java 0-day – February 1
• Exploit code in the wild – Java 7 update 13
• Java 6 now end of life

February Patches
• Oracle Java 0-day – February 1
• Exploit code in the wild – Java 7 update 13
• Java 6 now end of life
• Adobe Flash 0-day - Febuary 7
• Windows and Macintosh

February Patches
• Oracle Java 0-day – February 1
• Exploit code in the wild – Java 7 update 13
• Java 6 now end of life
• Adobe Flash 0-day - February 7
• Windows and Macintosh
• Microsoft February 12: 12 bulletins MS13-009 - MS13-020
• 5 critical, 7 important
• Internet Explorer MS13-009 and MS13-010
• Exchange MS13-020
• Adobe Flash – February 12
• Adobe Reader 0-day – February12
• In the wild – no patch yet

Patch Monitoring
• Microsoft
• Apple
• Adobe
• Flash
• Reader
• Oracle Java

La informació que difonen els mitjans de comunicació és a vegades confusa i en alguns casos fins i tot errònia. D’altra banda, també es fa sovint un tractament inapropiat de les paraciències tractant-les com si fossin activitats amb el suport de la ciència o donant per bones afirmacions que s’han demostrat científicament falses. Aquesta presentació és part d'un curs té per objectiu proporcionar recursos i coneixements científics fonamentats que permetin a l’alumnat tractar la informació científica de manera correcta i amb el rigor que es requereix, i aplicar aquest mateix rigor i esperit crític al tractament de les paraciències i d’altres temes similars.

Opslag bepaalt het systeemprestatieniveau

Dekkinga, Ewout

Data veiligstellen is nog een hele klus

Dekkinga, Ewout

Joonas Lehtinen Get introduced to the Vaadin Web framework by one of its core developers, Joonas Lehtinen. The Vaadin framework provides a desktop-like programming model on the server for creating Rich Internet Applications (RIAs) in plain Java - without the need for HTML, XML, plug-ins or JavaScript. In this session, Joonas lays out the key concepts of the server-side RIA development model and compares it to client-side RIA. To demonstrate the use of framework, an example application is developed during the session step-by-step. The presentation is concluded with pointers on how to start developing your own applications with Apache-licensed Vaadin-framework.

10x Performance Improvements - A Case Study

Ronald Bradford

Montée en version de 300 bases de données vers Oracle 12c en 300 jours. Quel...

Swiss Data Forum Swiss Data Forum

Cette session est un retour d’expérience d’un passage à Oracle 12c de 400 bases de données. Actuellement 300 bases de données ont été migrées avec de bonnes et de mauvaises surprises! Cette session va présenter les situations que nous avons rencontrées durant ces migrations. Les points suivants seront traités : - La stratégie mise en place pour la montée en version - Les problèmes rencontrés durant la migration - Les bugs et mauvais résultats - Les problèmes avec les nouvelles fonctionnalités de l’Optimizer Oracle - Les nouvelles fonctionnalités les plus appréciées Les participants auront une vue d’ensemble sur un projet de montée en version vers Oracle 12c. Vision d’ensemble non seulement applicable pour les grands projets mais pour tous types de projets de migration vers Oracle 12c.

M SalahMahmoud Salah

Net Beans Jasig Jun2006

ardlian

Free Software and the Future of Database Technologyelliando dias

SOASTA mPulse: Delivering the Real in Real User Measurement (RUM)

SOASTA

Webinar Slides: As industry experts in the art of real user measurement (aka RUM), Buddy Brewer and Cliff Crocker know a thing or two about pulling actionable information from real user performance data. Buddy, as the founder of the cutting-edge RUM startup LogNormal, and Cliff have teamed up to guide the development of SOASTA’s mPulse and are proud to present the latest version to you in a live webinar on June 25. Buddy and Cliff will explain and demonstrate mPulse’s killer capabilities: Capturing all the data with SOASTA’s analytic engine Custom Timers that extend far beyond page speed Custom Metrics so your measurements mean something to the business Stunning, interactive views of real user data like you’ve never seen! Join SOASTA’s RUM industry veterans and see how mPulse can visualize exactly what customers have been asking for from Real User Measurement. - See more at: http://www.soasta.com/knowledge-center/webinars/soasta-mpulse-delivering-the-real-in-real-user-measurement/#sthash.Uqp1mdQj.dpuf

SOASTA mPulse: Delivering the Real in Real User Measurement (RUM)

SOASTA

Middleware upgrade to Oracle Fusion Middleware(FMW) 12c.Real Case stories.

Andrejs Vorobjovs

Tēmas apraksts: Middleware atjaunināšana līdz FMW 12c. Reālu projektu pieredze. Salīdzinoši nesen tika publicēta Oracle FMW 12c produktu līnija. Šoreiz gribu padalīties ar atjaunināšanas līdz Oracle FWM 12c pieredzi. Pamatu pamati, zemūdens akmeņi un tehniskie triki, kas var palīdzēt jums ietaupīt laiku un var būt arī saglabāt nervus. Тема (РУ): Обновление Middleware до FMW 12c. Опыт реальных проектов.Описание: Относительно недавно вышла в свет линейка продуктов Oracle FMW 12c. В этот раз я хочу поделиться своим опытом обновления до Oracle FWM 12c. Прописные истины, подводные камни и технические хитрости, которые помогут сберечь ваше время и, возможно и нервы. Description(ENG): Relatively recently Orcale FMW 12c product line has been published.Today I would like to share my experience of middleware upgrade to Oracle FWM 12c. Basics, pitfalls and technical tricks, that can save your time and nerves, may be.

Anton Lytunenko "Data Lake. Make data pleasant to swim in"

Lviv Startup Club

01 demystifying mysq-lfororacledbaanddeveloperv1Ivan Ma

Usability of MySQL

KentAnderson43

JoomlaChicago - Loop - February 2012 Presentation

JoomlaChicago - Loop

iOS 6 Exploitation 280 days later

Wang Hao Lee

Presentation meetup ElasticSearch Paris #10

Renaud Boutet

Getting Started with Meteor

Michael Redlich

Anatomie eines Angriffs

Wolfgang Kandek

Gartner UK 2015 Anatomy of An Attack

Wolfgang Kandek

Similar to Patch Summary Webinar February 14

Patch Summary Webinar April 11 Wolfgang Kandek

Februar Patch Tuesday 2015 Webinar

Wolfgang Kandek

jQuery Conference 2012 keynotedmethvin

Latest trends in database managementBcomBT

soft-shake.ch - Vaadin - Rich Web Applications in Server-side Java without Pl...

soft-shake.ch

10x Performance Improvements - A Case Study

Ronald Bradford

Montée en version de 300 bases de données vers Oracle 12c en 300 jours. Quel...

Swiss Data Forum Swiss Data Forum

M SalahMahmoud Salah

Net Beans Jasig Jun2006

ardlian

Free Software and the Future of Database Technologyelliando dias

SOASTA mPulse: Delivering the Real in Real User Measurement (RUM)

SOASTA

SOASTA mPulse: Delivering the Real in Real User Measurement (RUM)

SOASTA

Middleware upgrade to Oracle Fusion Middleware(FMW) 12c.Real Case stories.

Andrejs Vorobjovs

Anton Lytunenko "Data Lake. Make data pleasant to swim in"

Lviv Startup Club

01 demystifying mysq-lfororacledbaanddeveloperv1Ivan Ma

Usability of MySQL

KentAnderson43

JoomlaChicago - Loop - February 2012 Presentation

JoomlaChicago - Loop

iOS 6 Exploitation 280 days later

Wang Hao Lee

Presentation meetup ElasticSearch Paris #10

Renaud Boutet

Getting Started with Meteor

Michael Redlich

Similar to Patch Summary Webinar February 14 (20)

Patch Summary Webinar April 11

Februar Patch Tuesday 2015 Webinar

jQuery Conference 2012 keynote

Latest trends in database management

soft-shake.ch - Vaadin - Rich Web Applications in Server-side Java without Pl...

10x Performance Improvements - A Case Study

Montée en version de 300 bases de données vers Oracle 12c en 300 jours. Quel...

M Salah

Net Beans Jasig Jun2006

Free Software and the Future of Database Technology

SOASTA mPulse: Delivering the Real in Real User Measurement (RUM)

Middleware upgrade to Oracle Fusion Middleware(FMW) 12c.Real Case stories.

Anton Lytunenko "Data Lake. Make data pleasant to swim in"

01 demystifying mysq-lfororacledbaanddeveloperv1

Usability of MySQL

JoomlaChicago - Loop - February 2012 Presentation

iOS 6 Exploitation 280 days later

Presentation meetup ElasticSearch Paris #10

Getting Started with Meteor

Recently uploaded

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™

UiPathCommunity

In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni. 📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath: Autopilot per Studio Web Autopilot per Studio Autopilot per Apps Clipboard AI GenAI applicata alla Document Understanding 👨‍🏫👨‍💻 Speakers: Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath Andrei Tasca, RPA Solutions Team Lead @NTT Data

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

Free Complete Python - A step towards Data Science

RinaMondal9

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Nexer Digital

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place. Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects. Here’s what you’ll gain: - Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows. - Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy. - Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency. - Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity. We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic. Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

nkrafacyberclub

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Sri Ambati

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

UiPathCommunity

💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™: See how to accelerate model training and optimize model performance with active learning Learn about the latest enhancements to out-of-the-box document processing – with little to no training required Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath. Speakers: 👨‍🏫 Andras Palfi, Senior Product Manager, UiPath 👩‍🏫 Lenka Dulovicova, Product Program Manager, UiPath

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

By Design, not by Accident - Agile Venture Bolzano 2024

Pierluigi Pugliese

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Product School

Recently uploaded (20)

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Epistemic Interaction - tuning interfaces to provide information for AI support

Free Complete Python - A step towards Data Science

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Essentials of Automations: Optimizing FME Workflows with Parameters

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

Monitoring Java Application Security with JDK Tools and JFR Events

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Securing your Kubernetes cluster_ a step-by-step guide to success !

DevOps and Testing slides at DASA Connect

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

Elevating Tactical DDD Patterns Through Object Calisthenics

By Design, not by Accident - Agile Venture Bolzano 2024

De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...

Patch Summary Webinar February 14

1. Patch Overview January/February Wolfgang Kandek, Qualys, Inc February 14, 2012

2. January Patches • Microsoft January 8: 7 bulletins – MS13-001-MS13-007 • 2 critical, 5 important • XML MS13-002

3. January Patches • Microsoft January 8: 7 bulletins – MS13-001-MS13-007 • 2 critical, 5 important • XML MS13-002 • Adobe Reader - January 8

4. January Patches • Microsoft January 8: 7 bulletins – MS13-001-MS13-007 • 2 critical, 5 important • XML MS13-002 • Adobe Reader - January 8 • Oracle Java 0-day - January 13 • First announced on January 10 – Java 7 update 11

5. January Patches • Microsoft January 8: 7 bulletins – MS13-001-MS13-007 • 2 critical, 5 important • XML MS13-002 • Adobe Reader - January 8 • Oracle Java 0-day - January 13 • First announced on January 10 – Java 7 update 11 • Microsoft 0-day Internet Explorer – January 14 • In the wild as of Dec 22 • MS13-008

6. January Patches • Microsoft January 8: 7 bulletins – MS13-001-MS13-007 • 2 critical, 5 important • XML MS13-002 • Adobe Reader - January 8 • Oracle Java 0-day - January 13 • First announced on January 10 – Java 7 update 11 • Microsoft 0-day Internet Explorer – January 14 • In the wild as of Dec 22 • MS13-008 • Oracle Critical Patch Update – January 15 • MySQL, RDBMS, Fusion, ERP, CRM, VirtualBox, … • 80 vulnerabilities

7. February Patches • Oracle Java 0-day – February 1 • Exploit code in the wild – Java 7 update 13 • Java 6 now end of life

8. February Patches • Oracle Java 0-day – February 1 • Exploit code in the wild – Java 7 update 13 • Java 6 now end of life • Adobe Flash 0-day - Febuary 7 • Windows and Macintosh

9. February Patches • Oracle Java 0-day – February 1 • Exploit code in the wild – Java 7 update 13 • Java 6 now end of life • Adobe Flash 0-day - Febuary 7 • Windows and Macintosh • Microsoft February 12: 12 bulletins MS13-009 - MS13-020 • 5 critical, 7 important • Internet Explorer MS13-009 and MS13-010 • Exchange MS13-020

10. February Patches • Oracle Java 0-day – February 1 • Exploit code in the wild – Java 7 update 13 • Java 6 now end of life • Adobe Flash 0-day - Febuary 7 • Windows and Macintosh • Microsoft February 12: 12 bulletins MS13-009 - MS13-020 • 5 critical, 7 important • Internet Explorer MS13-009 and MS13-010 • Exchange MS13-020 • Adobe Flash – Febuary 12

11. February Patches • Oracle Java 0-day – February 1 • Exploit code in the wild – Java 7 update 13 • Java 6 now end of life • Adobe Flash 0-day - February 7 • Windows and Macintosh • Microsoft February 12: 12 bulletins MS13-009 - MS13-020 • 5 critical, 7 important • Internet Explorer MS13-009 and MS13-010 • Exchange MS13-020 • Adobe Flash – February 12 • Adobe Reader 0-day – February12 • In the wild – no patch yet

12. Patch Monitoring • Microsoft • Apple • Adobe • Flash • Reader • Oracle Java

13. Patch Monitoring • Microsoft • Apple • Adobe • Flash • Reader • Oracle Java

Patch Summary Webinar February 14

Recommended

Recommended

More Related Content

Similar to Patch Summary Webinar February 14

Similar to Patch Summary Webinar February 14 (20)

More from Wolfgang Kandek

More from Wolfgang Kandek (6)

Recently uploaded

Recently uploaded (20)

Patch Summary Webinar February 14