macOS QuickLook Feature Leaks Data Despite Encrypted Drive

Researchers are cautioning macOS users that not all the data they store on their encrypted hard drive is protected. In a report published Monday, Apple security expert Patrick Wardle revealed that a macOS feature called QuickLook stores unprotected previews of images and other file types. “Apple...

Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for Hyper-V

Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect formerly Tivoli Storage Manager for Virtual Environments: Data Protection for Hyper-V. IBM Spectrum Protect for Virtual Environments: Data Protection for Hyper-V has addressed the applicable CVEs...

Security Bulletin: Multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware

Summary There are multiple vulnerabilities in the IBM GSKit component of IBM Spectrum Protect formerly Tivoli Storage Manager for Virtual Environments: Data Protection for VMware. IBM Spectrum Protect for Virtual Environments: Data Protection for VMware has addressed the applicable CVEs...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware

Summary OpenSSL vulnerabilities were disclosed on December 7, 2017 by the OpenSSL Project. OpenSSL, used by the IBM Spectrum Protect formerly Tivoli Storage Manager Client and IBM Spectrum Protect for Virtual Environments formerly Tivoli Storage Manager for Virtual Environments: Data Protect for...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware

Summary OpenSSL vulnerabilities were disclosed on January 26, 2017 by the OpenSSL Project. OpenSSL, used by the IBM Spectrum Protect formerly Tivoli Storage Manager Client and IBM Spectrum Protect for Virtual Environments formerly Tivoli Storage Manager for Virtual Environments: Data Protect for...

Security Bulletin: vCenter password disclosure via application tracing in IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware

Summary The IBM Spectrum Protect formerly Tivoli Storage Manager Client and IBM Spectrum Protect for Virtual Environments formerly Tivoli Storage Manager for Virtual Environments: Data Protection from VMware may display the obfuscated VMware vCenter userID and password during VM related operation...

Security Bulletin: Multiple Vulnerabilities in OpenSSL affect IBM Spectrum Protect (formerly Tivoli Storage Manager) Client and IBM Spectrum Protect (formerly Tivoli Storage Manager) for Virtual Environments: Data Protection for VMware

Summary OpenSSL vulnerabilities were disclosed on June 11, 2015 and December 3, 2015 by the OpenSSL Project. OpenSSL, used by the IBM Spectrum Protect formerly Tivoli Storage Manager Client and IBM Spectrum Protect for Virtual Environments formerly Tivoli Storage Manager for Virtual Environments:...

Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect Tivoli Storage Manager (IBM Spectrum Protect) for Virtual Environments: Data Protection for VMware and FlashCopy Manager (IBM Spectrum Protect Snapshot) for VMware

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by Tivoli Storage Manager for Virtual Environments IBM Spectrum Protect for Virtual Environments: Data Protection for VMware and FlashCopy Manager IBM Spectrum Protect Snapshot for VMware. These issues were disclose...

Security Bulletin: Multiple vulnerabilites in IBM Java Runtime affect Tivoli Storage Manager (IBM Spectrum Protect) for Virtual Environments: Data Protection for VMware (CVE-2016-5597)

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ used by Tivoli Storage Mangaer for Virtual Environments IBM Spectrum Protect for Virtual Enviornments: Data Protection for VMware. These issues were disclosed as part of the IBM Java SDK updates in October 2016...

Security Bulletin: vCenter password disclosure via application tracing in IBM Tivoli Storage Manager Client and IBM Tivoli Storage Manager for Virtual Environments:Data Protection for VMware (CVE-2016-6110)

Summary The IBM Tivoli Storage Manager Client may display the obfuscated VMware vCenter userID and password during VM backup with the INCLUDE.VMTSMVSS option when application tracing is enabled with VMTSMVSS flag. This problem only manifests when the Tivoli Storage Manager Client is used as the I...

Security Bulletin: Vulnerabilities in IBM WebSphere Application Server affect Tivoli Storage Manager (IBM Spectrum Protect) for Virtual Environments: Data Protection for VMware (CVE-2016-5986, CVE-2016-3092)

Summary Security vulnerabilities exist in IBM WebSphere Application Server that affect Tivoli Storage Manager for Virtual Environments IBM Spectrum Protect for Virtual Environments: Data Protection for VMware. Vulnerability Details CVEID: CVE-2016-5986 DESCRIPTION: IBM WebSphere Application Serve...

Security Bulletin: A security vulnerability has been identified in IBM Tivoli Storage Manager that affects IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (CVE-2016-2894)

Summary The IBM Tivoli Storage Manger IBM Spectrum Protect Client is used as a component of IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware IBM Spectrum Protect for Virtual Environments. Information about a security vulnerability affecting the IBM Tivoli Manager...

Security Bulletin: IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware GUI User May Gain Administrator Authority

Summary A vulnerability exists in the IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware GUI IBM Spectrum Protect™ for Virtual Environments where an authenticated user can execute GUI functions that require the Tivoli Storage Manager administrative credentials without...

Security Bulletin: SQL Server Password Disclosure via IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server and IBM Tivoli Storage FlashCopy Manager for Microsoft SQL Server (CVE-2016-3059)

Summary When using IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server or IBM Tivoli Storage FlashCopy Manager for Microsoft SQL Server, the Microsoft SQL Server's user ID and password is presented in plain text via task completion status details available within th...

Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager for Virtual Environments: Data Protection for Microsoft Hyper-V (CVE-2016-2542)

Summary InstallShield generates installation executables which are vulnerable to a DLL-planting that affects IBM Tivoli Storage Manager for Virtual Environments: Data Protection for Microsoft Hyper-V IBM Spectrum Protect for Virtual Environments on Windows platforms. Vulnerability Details CVEID:...

Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server (CVE-2016-2542)

Summary InstallShield generates installation executables which are vulnerable to a DLL-planting that affects IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server IBM Spectrum Protect for Mail on Windows platforms. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTIO...

Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager for Mail: Data Protection for Domino (CVE-2016-2542)

Summary InstallShield generates installation executables which are vulnerable to a DLL-planting that affects IBM Tivoli Storage Manager for Mail: Data Protection for Domino IBM Spectrum Protect for Mail on Windows platforms. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera...

Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager for Databases: Data Protection for Oracle (CVE-2016-2542)

Summary InstallShield generates installation executables which are vulnerable to a DLL-planting that affects IBM Tivoli Storage Manager for Databases: Data Protection for Oracle IBM Spectrum Protect for Databases on Windows platforms. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexer...

Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (CVE-2016-2542)

Summary InstallShield generates installation executables which are vulnerable to a DLL-planting that affects IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server IBM Spectrum Protect for Databases on Windows platforms. Vulnerability Details CVEID: CVE-2016-2542...

Security Bulletin: Vulnerability in InstallShield affects IBM Tivoli Continuous Data Protection for Files (CVE-2016-2542)

Summary InstallShield generates installation executables which are vulnerable to a DLL-planting that affects the IBM Tivoli Continuous Data Protection for Files Client. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a local attacker to gain elevated...