Tag: security

Google Nexus 7 (2013) Got a OTA Update

Google start its monthly security update since November 2015.  November Security Update here. December Security Update here. The Android version is still 6.0.1. The date of Android security patch level was changed. Build number was changed when update too. Before January update, the Nexus 7 information is shown as [...]
Read More

Upgrade Dir-850L router firmware to v1.13

It is time to upgrade router firmware. There is a alert notice on the support.dlink.ca Security Advisory: New firmware has been released that fixes the latest HNAP Privilege Escalation Vulnerability. Please ensure to upgrade your router to the latest firmware version. Click on on the Downloads tab below. What [...]
Read More

Linode has a security updates

Received an email from Linode about the security updates. It happened on yesterday. The Email said: Linode recently received several Xen Security Advisories (XSAs) that require us to perform updates to our host servers. In order to apply the updates, hosts and the Linodes running on them must be [...]
Read More

Disable SSLv2 and SSLv3 in Apache

As we always disable SSLv2 in Apache. Now it is SSLv3 turn. The recent news about the SSL 3 vulnerability is so important that I have to disable it as well. So just modify the ssl.conf of Apache [ssh]SSLProtocol All -SSLv2 -SSLv3[/ssh] The web site still has TLS 1.0, [...]
Read More

How to config PHP to secure Web Server

There are certain PHP configuration tat affect security features.  The following recommended security configuration options is for production servers. register_globals set to off safe_mode set to off error_reporting set to off disable these functions: system(), exec(), passthru(), shell_exec(), proc_open(), and popen() open_basedir set for both the /tmp directory and [...]
Read More

Windows Update 2013-08

Windows Update in August 2013 on my Windows 7 64bit. Threr are three critical updates. All must-see. Cumulative Security Update for Internet Explorer (2862772) Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2850869) Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2876063) [...]
Read More