Archive for September, 2010

ASP.Net vulnerability

Wednesday, September 22nd, 2010

Update – September 28 – Microsoft to release an Out of Band update for ASP.Net applications. See for additional details. On September 17, a major vulnerability was identified in all ASP.Net applications. The condition has been recognized by Microsoft and efforts are underway to develop a patch. The URLs provided below include most of […]

Autoupdates for Firefox 3.5.11 and 3.6.9 have been temporarily halted

Wednesday, September 15th, 2010

 As an aside –  I have patched at least 4 personal machines to version 3.6.9 with no problem. has stopped providing security updates to Firefox users as it investigates a bug that caused computers to crash last week. Computerworld blogger Michael Horowitz first reported on the problem last Sunday after he tried to update […]

Microsoft patches for September

Thursday, September 9th, 2010

Microsoft has just announced the patches that are scheduled to be released for September –  The patches are scheduled to be released on September 14. As has been the trend, the older operating systems (generally XP and Server 2003)  have the larger number of applicable bulletins and also more often receive the critical classification. […]

Updated versions of Firefox, Thunderbird and Seamonkey

Wednesday, September 8th, 2010 Advisory SA41297Mozilla Firefox Multiple VulnerabilitiesSecunia Advisory     SA41297     Release Date     2010-09-08 Criticality level        Highly critical Impact     Cross Site ScriptingExposure of sensitive informationSystem accessWhere     From remote DescriptionMultiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting […]

Vulnerability in Adobe Reader & Acrobat – all windows versions

Wednesday, September 8th, 2010

Update – October 5 –  A new version of Adobe Reader and Acrobat are available. Please do a check for updates. For users on XP machines you will need to be logged in as an administrator.  Secunia announcement Secunia Advisory SA41340 Adobe Reader / Acrobat Font Parsing Buffer Overflow Vulnerability level        Extremely critical Impact […]

Quicktime vulnerability

Wednesday, September 1st, 2010

>>> “White, Kevin” <> 9/1/2010 8:49 AM >>>MS-ISAC ADVISORY NUMBER:2010-072 DATE(S) ISSUED:8/30/2010 SUBJECT:Vulnerability in Apple QuickTime Player Could Allow for Remote Code ExecutionOVERVIEW: A vulnerability has been discovered in Apple QuickTime Player that could allow remote code execution. Apple QuickTime Player is used to play media files on Microsoft Windows and Mac OS X operating […]