MICROSOFT: Outlook Security Patches Intentionally Break Custom Forms. While the language-changing bug in KB 4011089 wasn’t intended, Microsoft now says the unannounced part that breaks VBScript printing in custom forms is a feature, not a bug. Read more
WORDPRESS: Patches Nine Security Vulnerabilities. WordPress.org released version 4.8.2 of its content management system that fixes nine security issues, five of which involve cross-site scripting (XSS) vulnerabilities. Click here for key takeaways.
ANDROID: Google Patches Dozens of Dangerous Bugs, Including Some in Oreo. Pixel and Nexus owners will get the September Android patch as part of the Android 8.0 Oreo rollout. Find out more
EQUIFAX: Failure to Patch Enabled Massive Hack. Last week, a massive hack of the credit bureau Equifax stole critical personally identifiable information (PII) on 143 million US citizens. The company’s response to the incident has been strongly criticized, and now we know the incompetence isn’t limited to the customer-facing sections of the company. The flaws that allowed hackers to penetrate Equifax and steal its customer data were patched several months ago. The flaw in question is within Apache Struts and is identified CVE-2017-5638. It’s described as a flaw in file upload handling. Read more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems August 2017 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-june-2017.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.