Tenable Blog

Stinky, Aged Operating System?

It’s that time of the month again - Microsoft patch Tuesday of course! This month I expected to research several different vulnerabilities, how they work, methods to detect them, etc. However, Microsoft is only patching one vulnerability this month. I can’t believe there is only one vulnerability this month! In any case, this month's vulnerability occurs in the way applications handle Embedded OpenType fonts. I was a bit puzzled as to why so much effort was going into font rendering until I discovered that it is common for web sites to implement different languages and have them display correctly to the end user (primarily for “non-English” languages). The vulnerability is triggered when a user renders fonts on a web page or by opening a Microsoft Office document that contains embedded fonts. An interesting fact about this bulletin (which only covers one CVE entry, CVE-2010-0018) is:

"This security update is rated Critical for Microsoft Windows 2000, and is rated Low for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2."

Welcome to the Tenable Network Security Podcast - Episode 18

Announcements

• A new blog post has been released titled "Airport Security: Don't Make The Same Mistakes" and compares the current challenges of airport security to the very same challenges we face with computer and network security.
• You can provide feedback to this podcast and all of our social media outlets by visiting our discussions forum and adding messages to the "Tenable Social Media" thread. I would love to hear your feedback, questions, comments, and suggestions!
• We're hiring! - Visit the web site for more information about open positions, there are currently 12 open positions listed!
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, Nessus plugin statistics, and more!

Previously, we’ve blogged about the various advantages and disadvantages of using reputation based analysis of NetFlow, firewall and network sessions for event analysis. The basic concept is to use an external source of “badguy” IP addresses from commercial providers or free providers such as the SANS Internet Storm Center and see if any of your network IP addresses communicate with them.

Plugins, Glorious Plugins

In 2009, Tenable released over 8,100 new plugins (and the year isn’t over yet!). These plugins have covered several different types of vulnerabilities, including web applications, embedded systems, local checks for operating systems and much more. We polled Tenable employees in our research and content groups to find some of our favorite plugins released this year,and compiled the following list:

Welcome to the Tenable Network Security Podcast - Episode 17

Announcements

• A new blog post has been released from Marcus Ranum titled, "Afterbites with Marcus Ranum: Gartner & Two-Factor Authentication"
• You can provide feedback to this podcast and all of our social media outlets by visiting our discussions forum and adding messages to the "Tenable Social Media" thread. I would love to hear your feedback, questions, comments, and suggestions!
• We're hiring! - Visit the web site for more information about open positions, there are currently 14 open positions!
• You can subscribe to the Tenable Network Security Podcast on iTunes!
• Tenable Tweets - You find us on Twitter at http://twitter.com/tenablesecurity where we make various announcements, Nessus plugin statistics, and more!