Mozilla Security Updates

The Mozilla Foundation has release security updates to address multiple vulnerabilities in Firefox, Firefox ESR and Thunderbird. These updates address vulnerabilities that could allow an attacker to obtain sensitive information or execute arbitrary code on an affected system.

The following updates are available:

. Firefox 36
. Firefox ESR 31.5
. Thunderbird 31.5

Users and administrators are encouraged to review the Security advisories released from Mozilla Foundation and apply the necessary updates.

For more information please visit: Firefox, Firefox ESR and Thunderbird

The Internet Systems Consortium (ISC) has released security updates for BIND. These updates address vulnerability that could potentially allow an attacker to cause a denial of service condition.

The following update is available:-

. BIND 9.9.6-P2
. BIND 9.10.1-P2

Users and administrators are encouraged to review the ISC Knowledge Base and apply the necessary updates.

Click here for more information

Google has released Chrome OS 40.0.2214.114 for Chrome devices. This update addresses multiple vulnerabilities (e.g. Use-after-free in DOM [CVE-2015-1209], Cross-origin-bypass in V8 bindings [CVE-2015-1210], Privilege escalation using service workers [CVE-2015-1211]) that could allow an attacker to cause a denial of service condition or obtain personal information.

Users and administrators are encouraged to review the Google Chrome release blog and apply the necessary updates.

Click here for more information

Microsoft has released security update for Internet Explorer. This update addresses vulnerabilities exist when Internet Explorer improperly accesses objects in memory.

Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected system if a user views a specially crafted webpage using Internet Explorer.

Affected Software:-

Internet Explorer 6

Windows Server 2003 Service Pack 2

Windows Server 2003 x64 Edition Service Pack 2

Windows Server 2003 with SP2 for Itanium-based Systems

Internet Explorer 7

Windows Server 2003 Service Pack 2

Windows Server 2003 x64 Edition Service Pack 2

Windows Server 2003 with SP2 for Itanium-based Systems

Windows Vista Service Pack 2

Windows Vista x64 Edition Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows Server 2008 for Itanium-based Systems Service Pack 2

Internet Explorer 8

Windows Server 2003 Service Pack 2

Windows Server 2003 x64 Edition Service Pack 2

Windows Vista Service Pack 2

Windows Vista x64 Edition Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

Internet Explorer 9

Windows Vista Service Pack 2

Windows Vista x64 Edition Service Pack 2

Windows Server 2008 for 32-bit Systems Service Pack 2

Windows Server 2008 for x64-based Systems Service Pack 2

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Internet Explorer 10

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows 8 for 32-bit Systems

Windows 8 for x64-based Systems

Windows Server 2012

Windows RT

Internet Explorer 11

Windows 7 for 32-bit Systems Service Pack 1

Windows 7 for x64-based Systems Service Pack 1

Windows Server 2008 R2 for x64-based Systems Service Pack 1

Windows 8.1 for 32-bit Systems

Windows 8.1 for x64-based Systems

Windows Server 2012 R2

Windows RT 8.1

Users and administrators are encouraged to review Microsoft Security Bulletins MS15-009 and apply the necessary updates.

Click here for more information

Microsoft has released security update for Windows. This update addresses vulnerability by improving how domain-configured systems connect to domain controllers prior to Group Policy accepting configuration data.

Exploitation of this vulnerability could allow an attacker to take complete control of an affected system if convinces a user with a domain-configured system to connect to an attacker-controlled network.

Affected Software:-

Windows Server 2003

Windows Server 2003 Service Pack 2
Windows Server 2003 x64 Edition Service Pack 2
Windows Server 2003 with SP2 for Itanium-based Systems

Windows Vista

Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2

Windows Server 2008

Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2

Windows 7

Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1

Windows Server 2008 R2

Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1

Windows 8 and Windows 8.1

Windows 8 for 32-bit Systems
Windows 8 for x64-based Systems
Windows 8.1 for 32-bit Systems
Windows 8.1 for x64-based Systems

Windows Server 2012 and Windows Server 2012 R2

Windows Server 2012
Windows Server 2012 R2

Windows RT and Windows RT 8.1

Windows RT
Windows RT 8.1

Server Core installation option

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2 (Server Core installation)

Users and administrators are encouraged to review Microsoft Security Bulletins MS15-011 and apply the necessary updates.

Click here for more information