Jump to content
ritchie58

The Beast Has Been Slain!

Recommended Posts

A Microsoft Windows update today fixes a weakness in the protocols used to secure e-commerce sites, which was first exposed by researchers using a tool they dubbed "BEAST."

 

Microsoft planned to release the BEAST (Browser Exploit Against SSL/TLS)-related patch last month, but had to pull it because it created compatibility issues with SAP software. Researchers had demonstrated the vulnerability using BEAST in September, prompting fears that attackers would use the tool to snoop on protected Internet sessions in what is called a "man-in-the-middle" attack. MS12-006 patches a hole in the Secure Sockets Layer and Transport Layer Security protocols.

 

 

Related stories

The seven bulletins in Microsoft's Patch Tuesday release fix eight vulnerabilities and only one bulletin is rated "critical" -- MS12-004. It plugs two holes in Windows Media Player that could allow an attacker to take over a computer by sending a malicious MIDI or DirectShow file to a targeted user. More details are available at the Microsoft Technet blog.

 

The security bulletin summary for January also includes MS12-001 to address a security feature bypass flaw, a new category of issues that can't be directly exploited by an attacker, but which an attacker could use to facilitate use of another exploit.

 

Meanwhile, Adobe released updates today for Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, and Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh to resolve critical security issues. By: Elinor Mills, InSecurity Complex

 

 

 

Share this post


Link to post
Share on other sites

Today is Patch Tuesday. So get these security patches installed as soon as possible. I got four security patches and ran the Malicious Software Removal Tool from Microsoft today for my Win 7 64bit machine.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...