Archive for September, 2011

Several vulnerabilities have been identified in Firefox, Thunderbird and SeaMonkey

Thursday, September 29th, 2011

A number of vulnerabilities have recently been identified in Firefox 6 and all 3.6 versions prior to 3.6.23.  It is recommended that version 7 be installed as soon as possible.   Similar vulnerabilities have been identified in Thunderbird and SeaMonkey versions prior to 2.4. Please download the latest versions from mozilla.com   Some problems have been […]

By keeping 5 common windows products patched, the windows attack footprint goes down 99.8 percent.

Wednesday, September 28th, 2011

http://www.theregister.co.uk/2011/09/28/window_malware_infection_exposed/ Java, Adobe vulns blamed for Windows malware mayhem Five products hit in 99.8% of hacks Failure to patch third-party applications has become the main reason that Windows machines get infected with malware. …. Systems running vulnerable versions of Java JRE, Adobe Reader and Acrobat, and Adobe Flash were particularly at risk of attack. Vulnerabilities […]

Vulnerability on SSL version 3.0 and TLS version 1.0 for man in the middle attacks.

Tuesday, September 27th, 2011

Since September 19, a couple of news items have  (http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/  https://threatpost.com/en_us/blogs/new-attack-breaks-confidentiality-model-ssl-allows-theft-encrypted-cookies-091611 ) been released that do not provide much confidence with the viability of ebanking security with SSL.  More details are expected in the next few days. As a work around, the preferred solution would be to use a web browser that only supports TLS1.1 […]

Update for Adobe Flash expected on September 21

Wednesday, September 21st, 2011

Adobe is scheduled to release an emergency update for Flash on September 21. The update will address several flash vulnerabilities that are currently being exploited by malicious code.  Please have your customers install the update as soon as it is available.  Update – September 21 12:45 p.m. Flash version 10.3.183.10 is available from – http://get.adobe.com/flashplayer/ […]

Securing databases – seven things you don’t want to do.

Thursday, September 15th, 2011

http://www.darkreading.com/database-security/167901020/security/news/231601414/seven-ways-you-give-thieves-dibs-on-your-database.html Seven Ways You Give Thieves Dibs On Your Database Bad database security habits make life easy for hackers and malicious insiders Every new data breach that hits the headlines snowballs the embarrassment for the IT security community, especially because this constant follies show revolves around recurring themes. Data breaches tend to happen because organizations […]

Updates for Reader and Acrobat to be released on September 13

Monday, September 12th, 2011

On Tuesday, September 13, Adobe will release an update to versions 9.4.6 and 10.1 of Adobe Reader and Adobe Acrobat. Additional information will be available from the following URL on Tuesday – http://www.adobe.com/support/security/bulletins/apsb11-24.html Current announcement – http://www.adobe.com/support/security/bulletins/apsb11-24.html Prenotification Security Advisory for Adobe Reader and Acrobat Release date: September 8, 2011 Vulnerability identifier: APSB11-24 Platform: Windows […]

Advance notification of September Microsoft Patches

Thursday, September 8th, 2011

Based on the information provided by Microsoft, it appears that September will be a light patch month for Microsoft. There will be a total of five patches with none designated as critical. All patches are identified as important. Two of the patches are for Windows Operating Systems and Three are for Windows Office applications. Patch […]