Posted by Chris Travers on Jan 25 Hi all; It has been brought to our attention that a number of security vulnerabilities have been noted in SQL-Ledger. Several of these affect earlier versions of LedgerSMB, and three hotfixes have been released for problems that continue to affect the LedgerSMB codebase

So a couple of folks have been reporting in the listserves that their clients have been getting a message indicating that a server upgrade will take place and to install the SSL update. Given that this is the patch Tuesday week, it would probably be a good idea to remind your client base that you don’t send them links to install like this. Remind them of what your emails look like.

Corporate administrators should apply SP2 to keep WSUS patched to ensure they have the most recent WSUS patches and functions (including future support for Windows 7 and Windows Server 2008 R2) WSUS 3.0 SP2 released http://isc.sans.org/diary.html?storyid=7018 http://support.microsoft.com/kb/972455 QUOTE: The most important feature is probably the integration with up and coming versions of Windows like 2008 R2 and Windows 7 .

Apple today released a security update for its QuickTime media player. The new version, QuickTime 7.6, is available for both Mac and Windows systems. This release fixes at least seven security vulnerabilities