Home News Hardware Downloads Dealer Registration Contact Us

Computer security ipfire hardened linux

Mailing List
Subscriibe to our mailing list and stay up2date with security threats and security advisories.

Enter your email address


IPFire Hardend Linux Firewall
IPFire was designed with both modularity and a high-level of flexibility in mind. You can easily deploy many variations of it, such as a firewall, a proxy server or a VPN gateway. The modular design ensures that it runs exactly what you've configured it for and nothing more. Everything is simple to manage and update through the package manager, making maintenance a breeze
Check it out at :
IPFire Website

OUR Y-2210-B FOR IPFIRE

 
Original release date: March 24, 2016

Google has released Chrome version 49.0.2623.108 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.

Original release date: March 24, 2016

Oracle has released Java SE 8u77 to address a vulnerability in prior versions of the software. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Oracle security alert and apply the necessary update.

Original release date: March 21, 2016

Apple has released security updates for iOS, watchOS, tvOS, Xcode, OS X El Capitan, OS X Server 5.1, and Safari to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Available updates include:

  • iOS 9.3 for iPhone 4s and later, iPod touch (5th generation) and later, and iPad 2 and later
  • watchOS 2.2 for Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes
  • tvOS 9.2 for Apple TV (4th generation)
  • Xcode 7.3 for OS X El Capitan v10.11 and later
  • OS X El Capitan v10.11.4 and Security Update 2016-002 for OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3
  • OS X Server 5.1 for OS X Yosemite v10.10.5 and later
  • Safari 9.1 for OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.3

Users and administrators are encouraged to review Apple security updates for iOS, watchOS, tvOS, Xcode, OS X El Capitan, OS X Server, and Safari and apply the necessary updates.

Original release date: March 11, 2016

OpenSSH version 7.2p2 has been released to address a vulnerability in all prior versions. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information.

US-CERT encourages users and administrators to review the OpenSSH Security Advisory and apply the necessary update.

Original release date: March 09, 2016

Apple has released a security update for Windows 7 and later to address a vulnerability in Apple Software Update. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Apple security website for Software Update 2.2 and apply the necessary update.

Original release date: March 09, 2016

The Internet Systems Consortium (ISC) has released updates that address three vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.

Available updates include:

  • BIND 9 version 9.9.8-P4
  • BIND 9 version 9.10.3-P4
  • BIND 9 version 9.9.8-S6

US-CERT encourages users and administrators to review ISC Knowledge Base Articles AA-01351, AA-01352, and AA-01353 and apply the necessary updates.

Original release date: March 02, 2016

Google has released Chrome version 49.0.2623.75 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.

Original release date: March 02, 2016

The Internal Revenue Service (IRS) has issued a news release addressing a new spear phishing scheme targeting payroll and human resource professionals.  In this scheme, cybercriminals pose as company executives requesting personal information on employees.

US-CERT encourages users and administrators to review the IRS news release for details and refer to US-CERT Security Tip ST15-001 for information on tax-themed phishing attacks.

Original release date: March 02, 2016

Cisco has released security updates to address vulnerabilities in multiple products. Exploitation of some of these vulnerabilities could allow a remote attacker to cause a denial-of-service condition.

Users and administrators are encouraged to review the following Cisco Security Advisories and apply the necessary updates:

Original release date: March 01, 2016

OpenSSL has released updates to address vulnerabilities in prior versions. Exploitation of some of these vulnerabilities may allow a remote attacker to obtain sensitive information. Updates available include:

  • OpenSSL 1.0.2g for 1.0.2 users
  • OpenSSL 1.0.1s for 1.0.1 users

Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary updates.

 Original release date: March 01, 2016

Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. Exploitation of this vulnerability - referred to as DROWN in public reporting - may allow a remote attacker to obtain the private key of a server supporting SSLv2.

US-CERT encourages users and administrators to review Vulnerability Note VU#583776 and the US-CERT OpenSSL Current Activity for additional information and mitigation details.

Original release date: February 25, 2016

Apple has released a security update for Apple TV to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected device.

US-CERT encourages users and administrators to review the Apple security update for Apple TV 7.2.1 (3rd generation) and apply the necessary update.


Original release date: February 24, 2016

Drupal has released updates to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website.

Available updates include:

  • Drupal core 6.38 for 6.x users
  • Drupal core 7.43 for 7.x users
  • Drupal core 8.0.4 for 8.0.x users

Users and administrators are encouraged to review Drupal's Security Advisory and apply the necessary updates.


Original release date: February 17, 2016

GNU glibc contains a buffer overflow vulnerability in the DNS resolver. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Vulnerability Note VU#457759 and the glibc Project Notification for additional details and to refer to their respective Linux or Unix-based OS vendor for an appropriate patch.


Original release date: February 11, 2016

The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

Available updates include:

  • Firefox 44.0.2
  • Firefox ESR 38.6.1

US-CERT encourages users and administrators to review the Security Advisory for Firefox and Firefox ESR and apply the necessary updates.

Original release date: February 09, 2016

Google has released Chrome version 48.0.2564.109 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.

Original release date: February 10, 2016

Cisco has released a security update to address a vulnerability in its ASA software. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system.                                               

US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary update.

Original release date: February 09, 2016

Adobe has released security updates to address vulnerabilities in Connect, Experience Manager, Flash Player, and Photoshop CC and Bridge CC. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Adobe Security Bulletins APSB16-07, APSB16-05, APSB16-04 APSB16-03, and apply the necessary updates.

Original release date: February 08, 2016

Oracle has released security updates to address a vulnerability in Java SE versions 6, 7, and 8 for Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Oracle security alert and apply the necessary update.

Original release date: January 26, 2016

Mozilla has released security updates to address multiple vulnerabilities in Firefox. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

Available updates include:

  • Firefox 44
  • Firefox ESR 38.6

US-CERT encourages users and administrators to review Mozilla Security Advisories for Firefox and Firefox ESR and apply the necessary updates.

Original release date: January 25, 2016

Apple has released a security update for tvOS to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Apple security update for tvOS 9.1.1 Apple TV (4th generation) and apply the necessary update.

Original release date: January 19, 2016

Apple has released security updates for iOS, OS X El Capitan, and Safari to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Available updates include:

  • iOS 9.2.1 for iPhone 4s and later, iPod touch (5th generation) and later, and iPad 2 and later
  • OS X El Capitan 10.11.3 for OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.2
  • Safari 9.0.3 for OS X Mavericks v10.9.5, OS X Yosemite v10.10.5, and OS X El Capitan v10.11 to v10.11.2


Original release date: January 19, 2016

The Internet Systems Consortium (ISC) has released security updates to address vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition.

Available updates include:

  • BIND 9 version 9.9.8-P3
  • BIND 9 version 9.10.3-P3
  • BIND 9 version 9.9.8-S4

US-CERT recommends that users and administrators review ISC Knowledge Base Articles AA-01335 and AA-01336 and apply the necessary updates.

Original release date: January 19, 2016

US-CERT is aware of a Linux kernel vulnerability affecting Linux PCs and servers and Android-based devices. Exploitation of this vulnerability may allow an attacker to take control of an affected system.

US-CERT recommends that users and administrators review the Redhat Security Blog and the Debian Security Bug Tracker for additional details and refer to their Linux or Unix-based OS vendors for appropriate patches.

Original release date: January 19, 2016

Oracle has released its Critical Patch Update for January 2016 to address 248 vulnerabilities across multiple products. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Oracle January 2016 Critical Patch Update and apply the necessary updates.

Original release date: January 14, 2016

OpenSSH version 7.1p2 has been released to address vulnerabilities in versions 5.4 through 7.1p1. Exploitation of one of these vulnerabilities may allow a remote attacker to obtain sensitive information from an affected system.

Users and administrators are encouraged to review the OpenSSH Release Notes and Vulnerability Note VU#456088 and apply the necessary update.

Original release date: January 13, 2016

Cisco has released security updates to address vulnerabilities in Wireless LAN Controller software, Identity Services Engine software, and Aironet 1800 Series Access Points. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected device.

US-CERT encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

Original release date: January 12, 2016

Internet Systems Consortium (ISC) has released security updates to address a vulnerability in the ISC Dynamic Host Configuration Protocol (DHCP) software. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition.

Available updates include:

  • DHCP version 4.1-ESV-R12-P1
  • DHCP version 4.3.3-P1

Users and administrators are encouraged to review ISC Knowledge Base Article AA-01334 and apply the necessary updates.

Original release date: January 12, 2016

Adobe has released security updates to address multiple vulnerabilities in Acrobat and Reader. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Adobe Security Bulletin APSB16-02and apply the necessary updates.

Original release date: January 12, 2016

Microsoft has released nine updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review Microsoft Security Bulletins MS16-001 through MS16-010 and apply the necessary updates.

Original release date: January 08, 2016

Apple has released a security update to address multiple vulnerabilities in QuickTime for Windows 7 and Windows Vista. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system.

Users and administrators are encouraged to review the Apple security update page for QuickTime 7.7.9 and apply the necessary update.

Original release date: January 08, 2016

Mozilla has released security updates to address a vulnerability in Firefox. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system.

Available updates include:

  • Firefox 43.0.2
  • Firefox ESR 38.5.2

US-CERT encourages users and administrators to review Mozilla Security Advisory 2015-150 and apply the necessary update.


Original release date: January 08, 2016

VMware has released security updates to address a vulnerability in VMware ESXi, Fusion, Player, and Workstation.  Exploitation of this vulnerability may allow escalation of privileges.

US-CERT encourages users and administrators to review VMware Security Advisory VMSA-2016-0001 and apply the necessary updates.


Original release date: January 06, 2016

WordPress 4.4 and prior versions contain a cross-site scripting vulnerability. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website.

Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade to WordPress 4.4.1.

Original release date: December 28, 2015

Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Adobe Security Bulletin APSB16-01 and apply the necessary updates.


Original release date: December 23, 2015

Joomla has released version 3.4.7 of its content management system (CMS) software to address two vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected website.

Users and administrators are encouraged to review the Joomla Release News and US-CERT's Alert on Content Management Systems Security and Associated Risks and apply the necessary update.

Original release date: December 15, 2015

Google has released Chrome version 47.0.2526.106 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review the Chrome Releases page and apply the necessary update.

Original release date: December 15, 2015

The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Available updates include:

Firefox 43
Firefox ESR 38.5

US-CERT encourages users and administrators to review the Security Advisories for Firefox and Firefox ESR and apply the necessary updates.

Original release date: December 15, 2015

Symantec has released Symantec Endpoint Encryption 11.1.0 to address a vulnerability that may allow an attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Security Advisory from Symantec and apply the necessary update.

Original release date: December 15, 2015

Joomla has released version 3.4.6 of its content management system (CMS) software to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website.

US-CERT encourages users and administrators to review the Joomla Release News and US-CERT's Alert on Content Management Systems Security and Associated Risks and apply the necessary update

 


Now accepting PayPal
  PayPal Acceptance Mark