Cisco Blogs


Cisco Blog > Security > Threat Research

Microsoft Patch Tuesday for December 2014: Light Month, Some Changes

This post was authored by Yves Younan.

Today, Microsoft is releasing their final Update Tuesday of 2014. Last year, the end of year update was relatively large. This time, it’s relatively light with a total of seven bulletins, covering 24 CVEs. Three of those bulletins are rated critical and four are considered to be important. Microsoft has made a few changes to the way they report their bulletins. Microsoft has dropped the deployment priority (DP) rating, which was very much environment-specific and might not be all that useful for non-default installations. Instead, they are now providing an exploitability index (XI), which ranges from zero to three. With zero denoting active exploitation and three denoting that it’s unlikely that the vulnerability would be exploited. Another change is to more clearly report on how the vulnerability was disclosed: was Microsoft notified via coordinated vulnerability disclosure or was the vulnerability publicly known before being released? Read More »

Tags: , , , , ,

Microsoft Update Tuesday November 2014: Fixes for 3 0-day Vulnerabilities

This month Microsoft is releasing 14 security bulletins. Originally they had planned to release 16, but due to issues that emerged in late testing, two bulletins that were announced in the Advance Security Notification, MS14-068 and MS14-075, have been postponed. Of the 14 bulletins, four are considered critical, eight are important, while two are moderate. They cover a total of 33 CVEs.

Read More »

Tags: , , , , ,

Microsoft Update Tuesday October 2014: Fixes for 4 0-day Vulnerabilities

This post was authored by Yves Younan

Microsoft Tuesday is here once again and this month they are releasing a total of eight bulletins. Three of which are rated as critical, while the remaining five are rated as important. There’s a total of 24 CVEs this month, 20 of which were privately disclosed to Microsoft and four which are either publicly known or under active attack, making them 0-day vulnerabilities. Of those four, two are being actively attacked, while two have been publicly disclosed but do not seem to be under attack for supported software. Of the 24 CVEs, 15 are categorized as allowing remote code execution, four as elevation of privilege and three as security feature bypasses.

Read More »

Tags: , , , , ,

Behind the WiFi Network @ Mobile World Congress 2014: Site Surveys

In my last blog I discussed setting the stage in preparation for the Wi-Fi network for Mobile World Congress 2014 which supported more than 80k devices over a span of 4 days. Today I’ll talk about one of the many site surveys we conducted at the Fira Gran Via to ensure the success of our high density network.  Full details in the white paper here.

High Density Wi-Fi deployments and site surveys go hand in hand. Pre-installation and post-installation site surveys account for the most effective way to identify the contours of your RF coverage and eliminate potential multipath distortions, hidden nodes, and other coverage issues. Special attention was given to the large keynote auditorium halls in order to keep a check on the additional RF coverage needs to accommodate the high density of users packed in a very close range.

sitesurvey1

View of inside the Hall-4 Keynote Auditorium (23000 sq ft) before the Facebook keynote session

Site Survey analysis used to measure the RF coverage in Hall-4 keynote auditorium

Site Survey analysis used to measure the RF coverage in Hall-4 keynote auditorium

The Hall-4 auditorium was one example of such a high density area with the 2000 person capacity area had a peak connection of 1924 concurrently connected Wi-Fi devices distributed across 16 Cisco APs while the Facebook keynote was in progress, with a max load of 530 Mbps of internet traffic. To avoid an RF overlap, the ceiling mounted APs above the auditoriums were converted to monitor mode. Using the final pre-keynote site survey data, the RF profile for the Hall-4 auditorium was tweaked, and RRM automatically optimized the coverage to the desired degree by adjusting the Tx power levels. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Behind the WiFi Network @ Mobile World Congress 2014: Setting the Stage

Every year a new attendance record is set at Mobile World Congress by networkers participating from over 200 countries across the globe. This grand attendance of industry-defining vendors, technology enthusiasts and exhibitors triggers an explosive growth in the number of Wi-Fi capable devices being brought to the event. For MWC 2014, Cisco partnered with Fira Gran Via and GSMA to pull off one of the most successful high density Wi-Fi network deployments in the history of global tech events. This blog kicks off a series to provide a glimpse of behind the network, into the design stages, and the course of actions undertaken to implement a robust high density wireless network which served more than 22,000 concurrently connected unique devices and a total of 80,880 devices throughout the event. Full details in whitepaper here.

Setting the Scene

Divided into eight massive exhibition halls, Fira Gran Via covers around 3 million square feet (280,000 square meters) of area which also includes outdoor areas, restaurants, conference rooms, network lounges and a continuous elevated walkway flowing through the entire venue. Higher the environmental complexity, the more fun and challenging it is to achieve the right wireless design for a pervasive network that meets all the needs.

An aerial view of Mobile World Congress 2014 arena at Fira Gran Via, Barcelona

An aerial view of Mobile World Congress 2014 arena at Fira Gran Via, Barcelona

Generally, the physical design of large convention and exhibition halls bear an impish knack of unfavorable conditions for a ubiquitous high density Wi-Fi network, owing mostly to the lofty ceiling heights and construction components. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,