Time to Flee Windows XP

Microsoft and the IT community have been talking about it for months (if not years), but the time is almost here where Windows XP will no longer be supported by Microsoft.  This means no new security updates or patches will ever be created – the final and last set of updates will be coming out on April 8, 2014.  At that time, no official support will be provided to problems with Windows XP, and any vulnerabilities discovered will remain unfixed until the end of time.  This is bad news, as any remaining XP systems could be easily exploited by attackers intent on stealing your data or controlling your computer.

If you have a computer that is still running Windows XP, please finalize any plans to upgrade or replace it during the next month.  Information regarding some of your options can be found here:

http://windows.microsoft.com/en-us/windows/end-support-help

Official publications regarding this situation can be found here:

https://www.us-cert.gov/ncas/alerts/TA14-069A-0

Linux GnuTLS Vulnerability

It looks like Apple is not the only big player to have issues with SSL/TLS.  The GnuTLS library is commonly used by Linux systems for secure communications, and a vulnerability (CVE-2014-0092) has been discovered with regards to certificate verification functions which may cause an attacker to view confidential information without your knowledge or authorization.  This vulnerability has been confirmed on major distributions, including Ubuntu, RHEL, Slackware and Oracle Enterprise Linux.

System administrators should patch or upgade their computer systems when possible.  This is currently classified as a medium level vulnerability, so while immediate resolution is not necessarily required, please take note and work this into your next upgrade cycle.

More information can be found at the following URLs:
http://www.securityfocus.com/bid/65919
http://www.ubuntu.com/usn/usn-2127-1/
http://rhn.redhat.com/errata/RHSA-2014-0247.html