Archive for December, 2009

Groupolicy registry Mod to disable Javascript for Adobe reader

Wednesday, December 16th, 2009

The current Adobe advisory (  regarding the new Adobe Reader zero-day exploit instructs to disable Javascript within Adobe Reader as a workaround.    I just did a quick test and confirmed that this setting uses the following registry key, which could be used to disable Javascript within Adobe Reader en masse within your organization (via […]

Firefox Update – update to versions 3.0.16 or 3.5.6

Wednesday, December 16th, 2009

Today is a good day to patch firefox. Firefox Multiple VulnerabilitiesCritical:    Highly criticalImpact:     Security BypassSpoofingManipulation of dataExposure of sensitive informationSystem access    Where:     From remoteSolution Status:     Vendor PatchSolution:Update to version 3.0.16 or 3.5.6 Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct spoofing attacks, […]

Vulnerability in Adobe Reader and Acrobat version 9.2 (current)

Tuesday, December 15th, 2009 This afternoon, Adobe received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild (CVE-2009-4324). We are currently investigating this issue and assessing the risk to our customers. We will provide an update as soon as we have more information. Please continue monitoring the Adobe PSIRT […]

DIR Cyber Security Tips for December – Online Holiday Shopping tips

Tuesday, December 8th, 2009

Cyber Security Tips for December – Online Holiday Shopping tips>>> “Luevano, Ana” <> 12/8/2009 3:53 PM >>>The December issue, entitled “Online Holiday Shopping Tips,” offersadvice on how to stay safe and secure while shopping online during theholiday season. The newsletter is available on DIR’s Reading Room web page located at Please direct suggestions or comments […]

U.S. not fully prepared to stop cyber attacks, federal report says.

Monday, December 7th, 2009

>>> “Perez, Bill” <> 12/7/2009 9:09 AM >>>December 3, CNSNews – (National) U.S. not fully prepared to stop cyberattacks, federal report says. A government audit found that the threat of cyber attacks on federalcomputer networks is increasing and that the United States is notentirely prepared to deal with the threat. The Government Accountability Office (GAO) […]

Dec 8 to be a big patch day – Microsoft and Adobe

Monday, December 7th, 2009

In addition to an update for Firefox to version 3.5.5 over the last few days, it appears that both Microsoft and Adobe will have patches to apply on Tuesday, December 8. Microsoft Security Bulletin Advance Notification for December 2009 Published: December 03, 2009 Looks like the critical updates (see for the definition of […]