Skip to main content

Drupal Security Updates, Security Tips for ASUS Wireless Routers, Microsoft Update for EMET and GNU glibc Vulnerability



Connectikpeople recalls that, Drupal has released updates to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website.

Available updates include:
  • Drupal core 6.38 for 6.x users
  • Drupal core 7.43 for 7.x users
  • Drupal core 8.0.4 for 8.0.x users
Users and administrators are encouraged to review Drupal's Security Advisory and apply the necessary updates.

It is also indispensable to recall that:
The Federal Trade Commission (FTC) has provided network security tips for vulnerable ASUS-branded wireless routers. These routers were found to have major security flaws, allowing hackers to obtain sensitive personal information.
Therefore, FTC urges consumers to download the latest security updates for their routers and be cautious when setting up any personal cloud storage. Users and administrators are encouraged to visit FTC's blog for more information and review US-CERT's Tip on Securing Your Home Network ST15-002.

Connectikpeople is aware of a vulnerability in Microsoft Enhanced Mitigation Experience Toolkit (EMET) versions prior to 5.5. Exploitation of this vulnerability may allow a remote attacker to bypass or disable EMET to take control of an affected system.

Therefore, we recommend users and administrators visit the Microsoft Security TechCenter  and upgrade to EMET version 5.5. 

At the end, GNU glibc contains a buffer overflow vulnerability in the DNS resolver. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
Users and administrators are encouraged to review Vulnerability Note VU#457759 and the glibc Project Notification for additional details and to refer to their respective Linux or Unix-based OS vendor for an appropriate patch.

Popular posts from this blog

IBM Cloud, Bluemix + Apple Swift for mobile app front-end and back-end development

It is exciting to see progressively that, the compelling open source architecture brings peace in minds and boosts deep innovation within leading tech companies.Introduced in 2014, Swift which is henceforth open sourced is becoming one of the fastest growing and most widely used programming languages.
The momentum is profound at IBM with the release of its Swift Sandbox for early exploration of server-side programming in Swift.
By to bring Swift to the Cloud IBM is sharing its deep understanding of the advantages of Swift and the knowledge; the company is committed to maturing the use of Swift as a server-side language for enterprise development with the goal to break down barriers between front-end and back-end development, which can provide enterprises a single language to build rich experiences and back-end business logic.

Integrated Email in our mobile-driven world.

Email remains our faithful companion, when it comes to interact with others anywhere and anytime. With the increasing adoption of social platforms, the flexibility and the productivity brought by the emerging technologies, the traditional inbox becomes an intelligent and intuitive tool that makes you more effective from anywhere.
It can automatically surface your important email; help you, work across all your accounts; help you focus on what matters; schedule what you want at any time you want; share available times, schedule meetings; View and attach files from your Dropbox, Google Drive, Microsoft OneDrive and email accounts with just a few taps. Integrated email also helps you find your important emails, people and files; Discover the people with whom you communicate most; Access all related emails, meetings and files to manage relationships better than ever.
Acompli, paves its way within this vertical. 
It supports Microsoft Exchange, Office 365, Google Apps, Gmail, iCloud, Yahoo, Ou…

4D Geographic Information System (GIS) data

It is interesting to observe that, vendors are focusing on the development of 4D GIS software. 4D GIS data includes 2D data, 3Ddata, and data regarding time change. An integrated database with real-time monitoring is required to generate 4D data. 
4DMapper is an Australia-based company that puts multi-source and multi-format geospatial data, including 3D and 4D GIS, on the cloud and streams it to browsers after rasterization and vectoring.