Archive for August, 2010
Vulnerabilities in Windows APPLICATIONS that are currently being exploited
Thursday, August 26th, 2010The most recent exploit that has been identified for windows systems is in fact, NOT a vulnerability for the Windows OS itself, but more a vulnerability in possibly hundreds of windows APPLICATIONS that are coded incorrectly. This means that it can’t be fixed by Microsoft and will require application patches. Below are just four of …
Adobe Reader Patch expected Thursday – All versions of Reader and Acrobat will require patching
Wednesday, August 18th, 2010http://www.computerworld.com/s/article/9180846/Adobe_to_patch_Reader_zero_day_bug_ThursdayAdobe to patch Reader zero-day bug ThursdayCompany knew of critical flaw before Black Hat, says researcherTwo weeks ago, Adobe had promised to fix the flaw during the week of Aug. 16 with an emergency, or “out-of-band” security update, but had not slated a specific date. Computerworld had pegged the likely release date as Aug. 17 …
Log reviews – what to look for
Tuesday, August 17th, 2010One thing that the SAPs require (especially if you have a mission critical/confidential risk assessment), is log review. Here is a quick takeaway for those of you that might not know what to look for. http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml?articleID=226700346Threat DataVerizon Business’ latest Data Breach Investigations Report shows insiders as a growing threat — but increase comes from a …
Adobe issues updates for Flash, Flash media server and Cold Fusion
Wednesday, August 11th, 2010Update – a new version of flash – 10.1.85.3 has been released and can be downloaded from http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player.exe (non IE browsers) http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe (internet explorer) These are direct downloads that do not use Adobe Download Manager. Flash – http://www.adobe.com/support/security/bulletins/apsb10-16.html Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.53.64 and earlier. These vulnerabilities could cause …
Looks like Aug 2010 Microsoft patches will be big
Friday, August 6th, 2010Today we’re releasing our advance notification for the June (I think they meant July) security bulletin release, which is scheduled for Tuesday, August 10. This month’s release is composed of 14 bulletins addressing 34 vulnerabilities in Windows, Microsoft Office, Internet Explorer, SQL, and Silverlight. Eight of the bulletins carry a Critical severity rating, and six …
