Archive for July, 2009

Dont forget to patch your flash.

Friday, July 31st, 2009

The new adobe flash was released today. Its version 10.0.32.18 http://get.adobe.com/flashplayer/ Adobe Flash Player version 10.0.32.18Windows | 1.83MB

iPhone compromise via text message to be released on jul 30

Thursday, July 30th, 2009

http://www.forbes.com/2009/07/28/hackers-iphone-apple-technology-security-hackers.html On Thursday, two researchers plan to reveal an unpatched iPhone bug that could virally infect phones via SMS. If you receive a text message on your iPhone any time after Thursday afternoon containing only a single square character, Charlie Miller would suggest you turn the device off. Quickly. That small cipher will likely be […]

Out of band patch to be issued for IE and Visual Studio vulnerabilities – July 28

Monday, July 27th, 2009

http://blogs.technet.com/msrc/archive/2009/07/24/advance-notification-for-july-2009-out-of-band-releases.aspx Friday, July 24, 2009 2:19 PM by MSRCTEAM Advance Notification for July 2009 Out-of-Band Releases We have just published our advance notification for an out-of-band security bulletin release, with a target of 10:00 AM Pacific Time next Tuesday, July 28, 2009.  While this release is to address a single, overall issue, in order to […]

Vulnerabilities in Firefox prior to version 3.0.12

Thursday, July 23rd, 2009

http://secunia.com/advisories/35914/ Critical:       Highly criticalImpact:     Cross Site Scripting        System accessWhere:     From remoteSolution Status:     Vendor PatchDescription:Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct cross-site scripting attacks or compromise a user’s system. 1) Multiple errors in the browser engine can be exploited to corrupt […]

UNPATCHED – Vulnerabilities in Adobe Flash player

Thursday, July 23rd, 2009

http://secunia.com/advisories/35948/ Critical:       Highly criticalImpact:     System accessWhere:     From remoteSolution Status:     Unpatched Software:    Adobe Flash Player 10.xAdobe Flash Player 9.x Description:A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to an unspecified error and can be […]

Unpatched vulnerability in Adobe Reader 9.1.2

Thursday, July 23rd, 2009

http://secunia.com/advisories/35949/2/ Critical:     Extremely criticalImpact:     System accessWhere:         From remoteSolution Status:     UnpatchedSoftware: Adobe Acrobat 9.x Adobe Reader 9.x Description:A vulnerability has been reported in Adobe Reader and Acrobat, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to an error in authplay.dll when processing SWF […]

Autoruns from Sysinternals – cool tool

Thursday, July 16th, 2009

http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx Introduction This utility, which has the most comprehensive knowledge of auto-starting locations of any startup monitor, shows you what programs are configured to run during system bootup or login, and shows you the entries in the order Windows processes them. These programs include ones in your startup folder, Run, RunOnce, and other Registry keys. […]

Symantec has created a flash webpage about staying safe online

Tuesday, July 14th, 2009

Symantec site offers advice on staying safe online Website looks at securing networks and avoiding ID thefthttp://viewfromthebunker.com/keepyourdatasafe/ Click and flip any of the tiles below for advice on keeping your data safe.When you’re done exploring, click here to read our blog 

Firefox Memory corruption in version 3.5

Tuesday, July 14th, 2009

I suggest holding off on version 3.5 for a while. It is still a bit new to deploy. http://secunia.com/advisories/35798/ Mozilla Firefox Memory Corruption Vulnerability Secunia Advisory: SA35798 Release Date: 2009-07-14 Popularity: 1,884 views Critical: Highly critical Impact: System access Where: From remote Solution Status: Unpatched Software: Mozilla Firefox 3.5.x

Vulnerability in Microsoft Office Web components

Tuesday, July 14th, 2009

http://www.microsoft.com/technet/security/advisory/973472.mspx Microsoft Security Advisory (973472) Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution Microsoft is investigating a privately reported vulnerability in Microsoft Office Web Components. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. When using Internet Explorer, code execution is remote and […]