Tageszusammenfassung - Mittwoch 14-05-2014

End-of-Shift report

Timeframe: Dienstag 13-05-2014 18:00 − Mittwoch 14-05-2014 18:00 Handler: Alexander Riepl Co-Handler: n/a

Microsoft Security Bulletin Summary for May 2014 - Version: 2.0

https://technet.microsoft.com/en-us/library/security/MS14-MAY

Assessing risk for the May 2014 security updates

Today we released eight security bulletins addressing 13 unique CVEs. Two bulletins have a maximum severity rating of Critical while the other six have a maximum severity rating of Important. The table is designed to help you prioritize the deployment of updates appropriately for your ..

http://blogs.technet.com/b/srd/archive/2014/05/13/assessing-risk-for-the-may-2014-security-updates.aspx

Operation Saffron Rose

There is evolution and development underway within Iranian-based hacker groups that coincides with Iran's efforts at controlling political dissent and expanding offensive cyber capabilities. The capabilities of ..

http://www.fireeye.com/blog/technical/malware-research/2014/05/operation-saffron-rose.html

Yokogawa Multiple Products Vulnerabilities

http://ics-cert.us-cert.gov//advisories/ICSA-14-133-01

DSA-2927 libxfont

http://www.debian.org/security/2014/dsa-2927

WordPress Formidable Forms Remote Code Execution

http://cxsecurity.com/issue/WLB-2014050069

Patchday: Adobe flickt Flash und Illustrator

Adobe hat am Mai-Patchday Sicherheitsupdates für Lücken im Flash-Player und in Adobe Illustrator CS6 herausgegeben. Die Updates für beide Programme werden von der Firma als kritisch eingeschätzt.

http://www.heise.de/security/meldung/Patchday-Adobe-flickt-Flash-und-Illustrator-2163246.html

Security updates available for Adobe Flash Player

Adobe has released security updates for Adobe Flash Player 13.0.0.206 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.356 and earlier versions for Linux. These updates address vulnerabilities that could ..

https://helpx.adobe.com/security/products/flash-player/apsb14-14.html

Security hotfix available for Adobe Illustrator (CS6)

Adobe has released a security hotfix for Adobe Illustrator (CS6) for Windows and Macintosh. This hotfix addresses a vulnerability that could be exploited to gain remote code execution on the affected system. Adobe recommends users ..

https://helpx.adobe.com/security/products/illustrator/apsb14-11.html

Heartbleed-Betroffene stecken Kopf in den Sand

Wer einen Server mit einer für Heartbleed anfälligen OpenSSL-Version betrieben hat, muss damit rechnen, dass seine Private Keys kompromittiert wurden. Trotzdem sind diese in den meisten Fällen immer noch im Einsatz.

http://www.heise.de/security/meldung/Heartbleed-Betroffene-stecken-Kopf-in-den-Sand-2188855.html