Archive for August, 2010

Vulnerabilities in Windows APPLICATIONS that are currently being exploited

Thursday, August 26th, 2010

The most recent exploit that has been identified for windows systems is in fact, NOT a vulnerability for the Windows OS itself, but more a vulnerability in possibly hundreds of windows APPLICATIONS that are coded incorrectly. This means that it can’t be fixed by Microsoft and will require application patches. Below are just four of […]

Adobe Reader Patch expected Thursday – All versions of Reader and Acrobat will require patching

Wednesday, August 18th, 2010

http://www.computerworld.com/s/article/9180846/Adobe_to_patch_Reader_zero_day_bug_ThursdayAdobe to patch Reader zero-day bug ThursdayCompany knew of critical flaw before Black Hat, says researcherTwo weeks ago, Adobe had promised to fix the flaw during the week of Aug. 16 with an emergency, or “out-of-band” security update, but had not slated a specific date. Computerworld had pegged the likely release date as Aug. 17 […]

Log reviews – what to look for

Tuesday, August 17th, 2010

One thing that the SAPs require (especially if you have a mission critical/confidential risk assessment), is log review. Here is a quick takeaway for those of you that might not know what to look for. http://www.darkreading.com/insiderthreat/security/attacks/showArticle.jhtml?articleID=226700346Threat DataVerizon Business’ latest Data Breach Investigations Report shows insiders as a growing threat — but increase comes from a […]

Adobe issues updates for Flash, Flash media server and Cold Fusion

Wednesday, August 11th, 2010

Update – a new version of flash – 10.1.85.3 has been released and can be downloaded from http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player.exe (non IE browsers) http://fpdownload.adobe.com/get/flashplayer/current/install_flash_player_ax.exe  (internet explorer) These are direct downloads that do not use Adobe Download Manager. Flash – http://www.adobe.com/support/security/bulletins/apsb10-16.html Critical vulnerabilities have been identified in Adobe Flash Player version 10.1.53.64 and earlier. These vulnerabilities could cause […]

Looks like Aug 2010 Microsoft patches will be big

Friday, August 6th, 2010

Today we’re releasing our advance notification  for the June (I think they meant July) security bulletin release, which is scheduled for Tuesday, August 10. This month’s release is composed of 14 bulletins addressing 34 vulnerabilities in Windows, Microsoft Office, Internet Explorer, SQL, and Silverlight. Eight of the bulletins carry a Critical severity rating, and six […]