CDSA News

Weekend Vulnerability and Patch Report, Jan. 11, 2015 (Citadel Information Group)

Important Security Updates

Dropbox: Dropbox has released version 3.0.5 for its file hosting program. Updates are available at Dropbox’s website. [See Citadel’s warning below]

WinZip: Winzip has released version 19.0.11294. Updates are available from within the program, look for “Check for Updates” on the Help menu, or download from the WinZip website.

Current Software Versions

Adobe Flash 16.0.0.235 [Windows 7: IE]

Adobe Flash 16.0.0.235 [Windows 7: Firefox, Mozilla]

Adobe Flash 16.0.0.235 [Windows 8: IE]

Adobe Flash 16.0.0.235 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.10

Dropbox 3.0.5

Firefox 34.0.5

Google Chrome 39.0.2171.95

Internet Explorer 11.0.9600.17501

Java SE 8 Update 25

QuickTime 7.76.80.95

Safari 5.1.7

Safari 7.1.1 [Mac OS X]

Skype 7.0.0.102

For Your IT Department

Cisco WebEx Meetings Server: Secunia reports Cisco has released updates for WebEx Meetings Server to fix vulnerabilities, some of which are moderately critical reported in previous versions. Update to a fixed version.

McAfee ePolicy Orchestrator: Secunia reports an unpatched vulnerability in McAfee’s ePolicy Orchestrator in versions 4.6.8 and prior and 5.1.1 and prior. Update to version 4.6.9 (scheduled to be released in February 2015) or 5.1.2 (scheduled to be released in Q2 2015) when available.