Feed aggregator

IBM Power Systems S814 and S824 Technical Overview and Introduction

IBM News Feed - 14 hours 11 min ago
Draft Redpaper, last updated: Tue, 22 Jul 2014

- Outstanding performance based on POWER8 processor technology
- 4U scale-out desktop and rack-mount server
- Improved RAS features

This IBM® Redpaper™ publication is a comprehensive guide covering the IBM Power System S814 (8286-41A) and IBM Power System S824 (8286-42A) servers that support IBM AIX, IBM i, and Linux operating systems.

DS8000 Thin Provisioning

IBM News Feed - Thu, 07/03/2014 - 13:30
Redpaper, published: Thu, 3 Jul 2014

- Avoid allocating unused capacity
- Read about new ESE repository capability and new controls
- Understand applications and OS implications

Ever-increasing storage demands have a negative impact on an organization's IT budget and complicate the overall storage infrastructure and management.

Modernizing IBM i Applications from the Database up to the User Interface and Everything in Between

IBM News Feed - Fri, 06/27/2014 - 13:30
Redbook, published: Fri, 27 Jun 2014

- Learn about preferred practices for modern development
- Use modern tools for a modern world
- Incorporate data-centric programming for success

This IBM® Redbooks® publication is focused on melding industry preferred practices with the unique needs of the IBM i community and providing a holistic view of modernization.

Live Partition Mobility Preparation Checklist

IBM News Feed - Sat, 05/24/2014 - 13:30
Web Doc, published: Sat, 24 May 2014

When attempting to do Live Partition Mobility (LPM) in your environment, use the Live Partition Mobility Preparation Checklist.

Live Partition Mobility Setup Checklist

IBM News Feed - Sat, 05/24/2014 - 13:30
Web Doc, published: Sat, 24 May 2014

When setting up Live Partition Mobility (LPM) for the first time in your environment, use the Live Partition Mobility Setup Checklist.

IBM PowerVM Enhancements What is New in VIOS 2.2.3

IBM News Feed - Thu, 05/22/2014 - 13:30
Redbook, published: Thu, 22 May 2014

- PowerVP and mobile CoD activations explained
- Shared Storage Pool enhancements explained
- Power Integrated Facility for Linux described

IBM® Power Systems™ servers coupled with IBM PowerVM® technology are designed to help clients build a dynamic infrastructure, helping to reduce costs, manage risk, and improve service levels.

IBM Power Systems SR-IOV Technical Overview and Introduction

IBM News Feed - Tue, 05/20/2014 - 13:30
Draft Redpaper, last updated: Tue, 20 May 2014

- Hardware-based solution minimizes contention with CPU and memory resources
- Powerful adapter-based virtualization for logical partition
- Industry standard PCI specification for Fibre Channel and Ethernet

This IBM® Redpaper™ publication describes the new adapter-based virtualization capabilities that are being deployed in high-end POWER7+™ processor-based servers.

IBM i and IBM Storwize Family: A Practical Guide to Usage Scenarios

IBM News Feed - Tue, 04/22/2014 - 13:30
Redbook, published: Tue, 22 Apr 2014

- Explaining VIOS from an IBM i perspective
- Using PowerHA together with IBM Storwize Familyy
- Configuring BRMS in a high available solution

The use of external storage and the benefits of virtualization became a topic of discussion in the IBM® i area during the last several years.

DS8000 Thin Provisioning

IBM News Feed - Wed, 04/16/2014 - 13:30
Draft Redpaper, last updated: Wed, 16 Apr 2014

- Avoid allocating unused capacity
- Read about new ESE repository capability and new controls
- Understand applications and OS implications

Ever-increasing storage demands have a negative impact on an organization's IT budget and complicate the overall storage infrastructure and management.

IBM PowerVC Version 1.2 Introduction and Configuration

IBM News Feed - Wed, 04/16/2014 - 13:30
Draft Redbook, last updated: Wed, 16 Apr 2014

- Just 20 minutes to get a virtual machine up and running
- Deep integration with PowerVM virtualization technologies
- Intelligent virtual machine deployment

IBM PowerVC is an advanced enterprise virtualization management offering for IBM Power Systems based on the OpenStack technology.

TA13-051A: Oracle Java Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: February 20, 2013 | Last revised: -- Systems Affected Any system using Oracle Java including JDK and JRE 7 Update 13 and earlier JDK and JRE 6 Update 39 and earlier JDK and JRE 5.0 Update 39 and earlier SDK and JRE 1.4.2_41 and earlier Web browsers using the Java plug-in are at high risk. Overview Multiple vulnerabilities in Java could allow an attacker to execute arbitrary code on a vulnerable system. Description The Oracle Java SE Critical Patch Update Advisory Update for February 2013 addresses multiple vulnerabilities in the Java Runtime Environment (JRE). An additional five fixes that had been previously planned for delivery are in this update. This distribution therefore completes the content for all originally planned fixes to be included in the Java SE Critical Patch Update for February 2013.  Both Java applets delivered via web browsers and stand-alone Java applications are affected, however web browsers using the Java plug-in are at particularly high risk. The Java plug-in, the Java Deployment Toolkit plug-in, and Java Web Start can be used as attack vectors. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate website and upload a malicious Java applet (a "drive-by download" attack). Some vulnerabilities affect stand-alone Java applications, depending on how the Java application functions and how it processes untrusted data. Reports indicate that at least one of these vulnerabilities is being actively exploited. Impact By convincing a user to load a malicious Java applet or Java Network Launching Protocol (JNLP) file, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process. Stand-alone java applications may also be affected. Solution Update Java The Oracle Java SE Critical Patch Update Advisory Update for February 2013 states that Java 7 Update 15 and Java 6 Update 41 address these vulnerabilities. Disable Java in web browsers These and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, consider disabling Java in web browsers until adequate updates have been installed. As with any software, unnecessary features should be disabled or removed as appropriate for your environment. Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. From Setting the Security Level of the Java Client: For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab. If you are unable to update to at least Java 7 Update 10, please see the solution section of Vulnerability Note VU#636312 for instructions on how to disable Java on a per-browser basis. Restrict access to Java applets Network administrators unable to disable Java in web browsers may be able to help mitigate these and other Java vulnerabilities by restricting access to Java applets using a web proxy. Most web proxies have features that can be used to block or whitelist requests for .jar and .class files based on network location. Filtering requests that contain a Java User-Agent header may also be effective. For environments where Java is required on the local intranet, the proxy can be configured to allow access to Java applets hosted locally, but block access to Java applets on the internet. References Oracle Java SE Critical Patch Update Advisory Update - February 2013 Setting the Security Level of the Java Client The Security Manager How to disable the Java web plug-in in Safari How to turn off Java applets NoScript Securing Your Web Browser Vulnerability Note VU#636312 Revision History February 20, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-043B: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: February 12, 2013 | Last revised: -- Systems Affected Microsoft Windows Microsoft Internet Explorer Microsoft Office Microsoft Server Software Microsoft .NET Framework Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for February 2013 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for February 2013, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for February 2013 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History February 12, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-043A: Adobe Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: February 12, 2013 | Last revised: -- Systems Affected Adobe Flash Player 11.5.502.149 and earlier versions for Windows and Macintosh Adobe Flash Player 11.2.202.262 and earlier versions for Linux Adobe Flash Player 11.1.115.37 and earlier versions for Android 4.x Adobe Flash Player 11.1.111.32 and earlier versions for Android 3.x and 2.x Adobe AIR 3.5.0.1060 and earlier versions Adobe AIR 3.5.0.1060 SDK and earlier versions Adobe Shockwave Player 11.6.8.638 and earlier versions for Windows and Macintosh Overview Select Adobe software products contain multiple vulnerabilities. Adobe has released updates to address these vulnerabilities. Description Adobe Security Bulletin APSB13-05 and APSB13-06 describe multiple vulnerabilities in Adobe software. Adobe has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Adobe has provided updates for these vulnerabilities in Adobe Security Bulletin APSB13-05 and APSB13-06. References APSB13-05: Security updates available for Adobe Flash Player APSB13-06: Security updates available for Adobe Shockwave Player Revision History February 12, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-032A: Oracle Java 7 Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: February 01, 2013 | Last revised: -- Systems Affected Any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7) Java SE Development Kit (JDK 7) Java SE Runtime Environment (JRE 7) All versions of Java 7 before Update 13 are affected. Web browsers using the Java 7 plug-in are at high risk. Overview Multiple vulnerabilities in Java 7 could allow an attacker to execute arbitrary code on a vulnerable system. Description The Oracle Java SE Critical Patch Update Advisory for February 2013 addresses multiple vulnerabilities in the Java Runtime Environment (JRE). Both Java applets delivered via web browsers and stand-alone Java applications are affected, however web browsers using the Java 7 plug-in are at particularly high risk. Java 7 versions below Update 13 are affected. The Java 7 plug-in, the Java Deployment Toolkit plug-in, and Java Web Start can be used as attack vectors. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate web site and upload a malicious Java applet (a "drive-by download" attack). Some vulnerabilities affect stand-alone Java applications, depending on how the Java application functions and how it processes untrusted data. Reports indicate that at least one of these vulnerabilities is being actively exploited. Further technical details are available in Vulnerability Note VU#858729. Impact By convincing a user to load a malicious Java applet or Java Network Launching Protocol (JNLP) file, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process. Stand-alone java applications may also be affected. Solution Update Java The Oracle Java SE Critical Patch Update Advisory for February 2013 states that Java 7 Update 13 addresses these vulnerabilities. Disable Java in web browsers These and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, consider disabling Java in web browsers until adequate updates have been installed. As with any software, unnecessary features should be disabled or removed as appropriate for your environment. Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. From Setting the Security Level of the Java Client: For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab. If you are unable to update to at least Java 7 Update 10 please see the solution section of Vulnerability Note VU#636312 for instructions on how to disable Java on a per-browser basis. Restrict access to Java applets Network administrators unable to disable Java in web browsers may be able to help mitigate these and other Java vulnerabilities by restricting access to Java applets using a web proxy. Most web proxies have features that can be used to block or whitelist requests for .jar and .class files based on network location. Filtering requests that contain a Java User-Agent header may also be effective. For environments where Java is required on the local intranet, the proxy can be configured to allow access to Java applets hosted locally, but block access to Java applets on the internet. References Vulnerability Note VU#858729 Oracle Java SE Critical Patch Update Advisory - February 2013 Setting the Security Level of the Java Client The Security Manager How to disable the Java web plug-in in Safari How to turn off Java applets NoScript Securing Your Web Browser Vulnerability Note VU#636312 Java SE Development Kit 7, Update 13 (JDK 7u13) Do Devs Care About Java (In)Security? (Comment about proxy filtering) Revision History February 01, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-015A: Microsoft Releases Update for Internet Explorer Vulnerability CVE-2012-4792

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: January 15, 2013 | Last revised: -- Systems Affected Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Overview Microsoft has released Security Bulletin MS13-008 to address the CButton use-after-free vulnerability (CVE-2012-4792). Description Microsoft Internet Explorer versions 6, 7, and 8 are susceptible to a use-after-free vulnerability. This vulnerability is being actively exploited in the wild. Microsoft has released Security Bulletin MS13-008 to address this vulnerability. Additional information is available in Vulnerability Note VU#154201. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution US-CERT recommends that Internet Explorer users run Windows Update as soon as possible to apply the MS13-008 update. References Revision History January 15, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-010A: Oracle Java 7 Security Manager Bypass Vulnerability

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: January 10, 2013 | Last revised: -- Systems Affected Any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7) Java SE Development Kit (JDK 7) Java SE Runtime Environment (JRE 7) All versions of Java 7 through update 10 are affected.  Web browsers using the Java 7 plug-in are at high risk. Overview A vulnerability in the way Java 7 restricts the permissions of Java applets could allow an attacker to execute arbitrary commands on a vulnerable system. Description A vulnerability in the Java Security Manager allows a Java applet to grant itself permission to execute arbitrary code. An attacker could use social engineering techniques to entice a user to visit a link to a website hosting a malicious Java applet. An attacker could also compromise a legitimate web site and upload a malicious Java applet (a "drive-by download" attack). Any web browser using the Java 7 plug-in is affected. The Java Deployment Toolkit plug-in and Java Web Start can also be used as attack vectors. Reports indicate this vulnerability is being actively exploited, and exploit code is publicly available. Further technical details are available in Vulnerability Note VU#625617. Impact By convincing a user to load a malicious Java applet or Java Network Launching Protocol (JNLP) file, an attacker could execute arbitrary code on a vulnerable system with the privileges of the Java plug-in process. Solution Disable Java in web browsers This and previous Java vulnerabilities have been widely targeted by attackers, and new Java vulnerabilities are likely to be discovered. To defend against this and future Java vulnerabilities, disable Java in web browsers. Starting with Java 7 Update 10, it is possible to disable Java content in web browsers through the Java control panel applet. From Setting the Security Level of the Java Client: For installations where the highest level of security is required, it is possible to entirely prevent any Java apps (signed or unsigned) from running in a browser by de-selecting Enable Java content in the browser in the Java Control Panel under the Security tab. If you are unable to update to Java 7 Update 10 please see the solution section of Vulnerability Note VU#636312 for instructions on how to disable Java on a per browser basis. References Vulnerability Note VU#625617 Setting the Security Level of the Java Client The Security Manager How to disable the Java web plug-in in Safari How to turn off Java applets NoScript Securing Your Web Browser Vulnerability Note VU#636312 Revision History January 10, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA13-008A: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: January 08, 2013 | Last revised: -- Systems Affected Microsoft Windows Microsoft Office Microsoft Server Software Microsoft .NET Framework Microsoft Developer Tools Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for January 2013 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for January 2013, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for January 2013 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History January 08, 2013: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-346A: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: December 11, 2012 | Last revised: -- Systems Affected Microsoft Windows Microsoft Office Microsoft Server Software Internet Explorer Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for December 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for December 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for December 2012 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History December 11, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-318A: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: November 13, 2012 | Last revised: -- Systems Affected Microsoft Windows Microsoft Office Microsoft .NET Framework Internet Explorer Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for November 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for November 2012 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History November 13, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-283A: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: October 09, 2012 | Last revised: -- Systems Affected Microsoft Windows Microsoft Office Microsoft Server Software Microsoft Lync Microsoft SQL Server Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for October 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for October 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for October 2012 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History October 09, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.
Syndicate content