Microsoft Security Bulletin MS14-068 - Critical

November 18, 2014, Microsoft announced a critical security flaw in the Kerberos protocol bulletin MS14-068. The latter is referenced under code CVE-2014-6324.

Microsoft Security Bulletin MS14-066 - Critical

Update 2014-11-19 10:40 UTC + 1

November 18, Microsoft released a new version of its patch KB 2992611. If you had already patched, the patch must be re-applied. < br / > The latter is available through Windows Update.

Drupal SA-CORE-2014-005 security flaw

October 15, 2014, the Drupal security team discovered a critical security flaw, referenced under code CVE-2014-3704. On 29 October, Drupal has publicly announced the discovery of this vulnerability with a patch.

- What is it allows?

Major fault of the bash shell

Update 2014-09-26 12:30 UTC + 1

The CVE-2014-7169 fault seems to be patched by most of the package maintainers. We invite you to redo an update of your bash.

In the bash shell security flaw

A major vulnerability on the bash shell has just be discovered.

Since when does it exist?

This flaw has existed since at least version 3 of bash, which makes it is very widespread.

- What is it allows?

The flaw exploits the fact that the Shell bash, at the time or it is started, does not stop the interpretation to where it should when there are definitions of variables or functions of environment and executes orders placed in arguments.

Security Apache 2.2 & 2.4

July 14, 2014, several security flaws have been published about the servers using Apache2. This flaw has been published in a DSA (Debian Security Advisory).

- What is it allows?