tag:blogger.com,1999:blog-46355677202050120552012-01-19T07:12:43.378-07:00Working in Computer Consulting for fun and (sometimes) profit. These are recent security news items everybody who is online should be aware of.Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.comBlogger1551100tag:blogger.com,1999:blog-4635567720205012055.post-19766437033247838022011-12-30T08:11:00.001-07:002011-12-30T08:11:09.019-07:00

This one shouldn't affect most people, but system admins would be well advised to take a look at this seriously.  For Microsoft to issue an out-of-cycle patch on a Thursday is very unusual, so there may be some serious side-effects they're not disclosing.  Even if you don't think you're running an ASP.NET server you might be, as many modern services actually run a web server inside your

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-25654177958788281452011-12-16T16:41:00.001-07:002011-12-16T16:41:32.318-07:00

This patch fixes an in-the-wild exploit.  Adobe Reader X has the same vulnerability but in its default configuration has protections which prevent the exploit from working.  If you have AR9, PATCH NOW.  If you have AR X, make sure your settings are configured properly.  Foxit Software has issued a press release claiming their software is not affected by this flaw.Adobe - Security Bulletins:

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-27249063226206221592011-12-16T08:36:00.001-07:002011-12-16T08:36:04.061-07:00

The December Windows Updates were released on Tuesday, and one of them is rated PATCH NOW! by SANS as it is actively being exploited already.  The patches are widely documented both on user-friendly blogs and Microsoft's Technet blog.ISC Diary | December 2011 Microsoft Black Tuesday SummarySecurity Updates for Microsoft Windows, Java — Krebs on SecurityMicrosoft today issued software updates to

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-84976612614344156822011-12-09T09:09:00.001-07:002011-12-09T09:12:52.714-07:00

This is a revision of my earlier post titled "Download.com may be safe to use again"They have taken what appears to be corrective steps. A blog posting by them claims they have removed any toolbar bundles from open-source software and that they have removed the requirement that you have to be a "registered member") in other words "give them your email address") to download files directly without

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-77745547309233110922011-12-08T08:58:00.001-07:002011-12-08T08:58:49.446-07:00

If you use the Foxit Reader instead of Adobe's bloated, insecure PDF reader, you should update.Foxit Reader Unspecified Memory Corruption Vulnerability - Secunia.comDescription: A vulnerability has been reported in Foxit Reader, which can be exploited by malicious people to compromise a user's system.The vulnerability is caused due to an unspecified error. No further information is currently

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-43867134428375930072011-12-08T06:30:00.005-07:002011-12-09T09:13:18.307-07:00

revised and reposted on Fri 09 Dec 2011 at 09:10 AM MSTThey have taken what appears to be corrective steps. A blog posting by them claims they have removed any toolbar bundles from open-source software and that they have removed the requirement that you have to be a "registered member") in other words "give them your email address") to download files directly without using their "download

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-84226068090100370492011-12-07T09:52:00.001-07:002011-12-07T09:52:46.818-07:00

Apparently the change started this summer.  I usually choose to download from other sources, and since I have scripting disabled when I browse, even when I chose to get software from CNet's site I never saw this.  But other bloggers are reporting this, and it has been confirmed.  DO NOT USE DOWNLOAD.COM to get any downloads until this is corrected.  If you need to know where to get something that

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-79106719998423047992011-12-07T09:37:00.001-07:002011-12-07T09:37:56.461-07:00

I've seen a lot of stories about this yesterday and today.  Apparently there is a flaw in Adobe Reader that is being exploited right now.   Adobe is expected to release a patch next week, but for now, I recommend using an alternate PDF reader.  The lightest-weight alternative is Sumatra PDF, which I use, but I also use Foxit Reader. If you use Foxit Reader, be sure to disable Javascript.The last

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-59084921249919610732011-12-01T12:46:00.000-07:002011-12-01T12:46:00.136-07:00

Folks, this looks like a bad one to have out in the wild.  If you don't run Firefox with NoScript, you have Java enabled in your browser, and have not patched, you are at risk regardless of whether you run Windows or OS X.Public Java Exploit Amps Up Threat Level — Krebs on SecurityAn exploit for a recently disclosed Java vulnerability that was previously only available for purchase in the

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-41024145419705861592011-11-15T15:15:00.001-07:002011-11-15T15:16:01.460-07:00

Just lost a long post with lots of links, but if you haven't done Windows Updates, or updated Flash Player this month, you need to update both ASAP as there are exploits either in the wild or imminent for both. Search older posts here for pertinent download links. If you run Firefox, update to either 8.0 or 3.6.24 as both have security fixes. Thunderbird is now also at version 8 with security

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-72116893932836547982011-11-03T06:42:00.001-07:002011-11-03T06:42:38.381-07:00

If you use these apps, you should probably update them.  The Enterprise version of Foxit Reader has not been updated yet, so rolling the update out will be problematic for system admins.  I prefer VLC to WinAmp but many still use WinAmp.Foxit ReaderFoxit Reader 5.1.027 October 2011The free Foxit PDF Reader has been updated to to Version 5.1.0.1021. This version contains new features including

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-29364805881552018152011-10-28T07:38:00.001-07:002011-10-28T07:38:45.482-07:00

Unpatched QuickTIme is one of the primary ways by which Windows gets infected, so if you use QuickTime instead of my preferred media player VLC, you should patch.  Apple's security bulletin is here:About the security content of QuickTime 7.7.1QuickTime 7.7.1 QuickTime Available for: Windows 7, Vista, XP SP2 or later Impact: Viewing a maliciously crafted movie file may lead to an

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-50233800129914364912011-10-20T21:11:00.001-07:002011-10-20T21:11:35.153-07:00

If you have Java installed (XP users check "Add/Remove Programs", Vista/Windows 7 users check "Programs and Features") you either need to uninstall it or update it. Two articles which are 'less user-hostile (most people say "more user-friendly") that the links I posted earlier are here:Critical Java Update Fixes 20 Flaws — Krebs on SecurityOracle Corp. released a critical update to plug at least

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-72181241871540621462011-10-19T22:37:00.001-07:002011-10-19T22:37:28.618-07:00

System Admins have another patch to roll out.  This one is IMHO not critical high-priority for internal computers which do little on the Internet, but it should be rolled out to your heavier Internet-using computers, especially roaming laptops as they would probably be more susceptible to the MITM attacks that BEAST requires.Oracle updates Java to stop SSL-chewing BEAST • The RegisterFirefox

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-39210458245397386982011-10-13T07:34:00.001-07:002011-10-13T07:34:44.502-07:00

It's going to be a busy week for sysadmins.  On Tuesday Microsoft issued the monthly update set and Apple updated iTunes.  Both patch sets fix critical flaws, and I haven't seen any reports of problems so business admins should roll out the patch sets ASAP.  Anyone who is still using IE needs to patch ASAP as all current versions of IE have a vulnerability which allows "drive-by" infection.  See

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-66645153182014122442011-10-03T09:00:00.002-07:002011-10-03T09:47:55.672-07:00

PATCH YOUR SYSTEMS! According to Danish security company CSIS, most Windows infections by commercial malware are the result of failure to patch a few vulnerable apps:  Java JRE (37%), Adobe Reader/Acrobat (32%), Adobe Flash (16%), Internet Explorer (10%), Windows Help (3%), and Apple Quicktime (2%).  MSIE and Windows Help are patched automatically by Windows Update (which home users should have

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-68231550267454961622011-09-21T19:05:00.001-07:002011-09-21T19:05:37.246-07:00

Once again the Adobe Flash Player needs to be updated.  As of this writing the MSI installer for the plugin version is NOT available (the ActiveX MSI is), but one hopes it will available soon.  Although the ZDNet story only says "Windows and Mac users", the Adobe Security Bulletin also mentions Linux and Solaris and Android users are vulnerable and need to update.Adobe to rush out Flash Player

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-80091837141447922682011-09-20T09:34:00.001-07:002011-09-20T09:34:35.928-07:00

If you are still running XP and you apply updates manually, download and re-install KB2616676 manually - re-running Windows Update will NOT apply this patch.  A reboot is required.Microsoft fixes SSL 'kill switch' blooperMicrosoft re-released an update today for Windows XP to correct a snafu that left users vulnerable to potential "man-in-the-middle" attacks for most of last week.Monday's update

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-79897478124592928952011-09-14T11:16:00.001-07:002011-09-14T11:16:18.300-07:00

If you are a system admin, you are going to have a busy week.  Adobe patched Acrobat and Adobe Reader (versions 8, 9, and 10) and Microsoft patched Microsoft Office 2003 and later -- Office 2000 users are no longer supported and should switch to LibreOffice instead.  If you are still using Adobe Reader 8, please note that support for it ends on November 3, 2011, so it might be time to replace it

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-52808087065538037062011-09-14T10:52:00.001-07:002011-09-14T10:52:13.963-07:00

If you are running OS X 10.5 a.k.a. Leopard this won't help you, so see How to: Disable DigiNotar security certificate.Apple strikes stolen SSL certificates from OS XApple had to issue a Mac OS X update because Safari, unlike Chrome and Firefox, relies on the operating system to tell it which certificates have been revoked or banned. The browser then either blocks access to sites that don't have

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-64188626087555204182011-09-06T22:11:00.001-07:002011-09-06T22:11:15.279-07:00

Dutch certificate authority Diginotar was compromised recently, and as a result Microsoft has issued an out-of-cycle WIndows Update to remove them from the Trusted Certificates list.  If you use Internet Explorer (or Safari on Windows) as your preferred browser you need to apply this ASAP as one of the certificates that was spoofed is for *.google.com.   Firefox and Thunderbird have also been

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-53835518820895119562011-08-16T22:35:00.001-07:002011-08-16T22:35:07.655-07:00

The Mozilla group has been busy, issuing updates with security fixes to Firefox 3.6, Thunderbird, and Firefox 5 (upgrading it to 6).  I foresee a busy couple of weeks ahead.One comment -- Mozilla is shooting itself in the foot as far as corporate deployment by not providing us with MSI installers that we can script.  Upgrading computers one at a time is very expensive.ISC Diary | Firefox 3.6.20

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-25149440989273526852011-08-10T12:42:00.006-07:002011-08-10T13:02:13.014-07:00

It has been too long since I posted here.  Microsoft's July update cycle was a small one with only one critical patch affecting Windows Vista/7 users, so I didn't bother blogging about it. However, the August patch set is much larger -- two critical patches including one for Internet Explorer which Microsoft says is likely to be exploited soon. The updates for M$ Windows and Microsoft Office

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-24948116879335778892011-08-10T09:20:00.001-07:002011-08-10T09:20:10.383-07:00

I should have blogged this when it first was announced, but today was the first day that I was able to download QT 7.7 from Apple's manual download site.  Previous to this you had to update your existing QT using Apple Software Update, and that didn't work for network managers.Apple QuickTime flaws haunt Windows users | ZDNetBy Ryan Naraine | August 3, 2011, 7:21pm PDTApple has shipped a

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-90235138957229019942011-06-29T09:59:00.001-07:002011-06-29T09:59:31.133-07:00

Microsoft delivers Office 2010 Service Pack 1 | ZDNetSP1 consists of cumulative and public updates to date for the various point products that are part of Office 2010 and SharePoint 2010. Products that will get fixes and updates include Office 2010 suites, Project 2010, Visio 2010, Office 2010 servers, Office Web Apps, Search Server 2010, SharePoint 2010 Products and FAST Search Server 2010 for

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-13943827934130945772011-06-29T09:19:00.001-07:002011-06-29T09:19:26.376-07:00

Mozilla has consolidated their Thunderbird and Firefox websites under mozilla.org and has upgraded both Firefox and Thunderbird to version 5.0. Apple has issued security updates to OS X and its version of Java.  I'm running Firefox 5 without issues on several systems, although my main system still has 3.6.18 because of the large number of extensions I use there.ISC Diary | Update: Thunderbird

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-64961279528885658422011-06-15T09:21:00.002-07:002011-06-15T09:34:01.118-07:00

System admins will be very busy this week as Microsoft's Patch Tuesday is a big one affecting many products and requiring a reboot, while Adobe rolled out simultaneous patches to Adobe Reader (8.3, 9.4.5, and 10.1.0), Flash Player (10.3.181.26, the second patch in a week), and Shockwave Player (11.6.0.626).  Combine that with last week's must-install patch to Java (6.0.26) and any system admin is

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-11325029465846842232011-06-07T16:51:00.001-07:002011-06-07T16:51:17.823-07:00

Another day, another program to patch.ISC Diary | Oracle Releases Java Version 1.6.0.26 http://java.com/en/download/manual.jspOracle Releases Java Version 1.6.0.26 http://java.com/en/download/manual.jspJava Patch Plugs 17 Security Holes — Krebs on SecurityOracle today released an update to its ubiquitous Java software that fixes at least 17 security vulnerabilities in the program.The company is

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-63954480920722283072011-06-06T07:39:00.001-07:002011-06-06T07:39:00.925-07:00

A new version of the free multimedia player VLC was released today to fix some security issues.VideoLAN - VLC: Official site - Free multimedia solutions for all OS!VLC 1.1.102011-06-06VideoLAN and the VLC development team present VLC 1.1.10, a minor release of the 1.1 branch.This release, 2 months after 1.1.9, was necessary because some security issues were found, and the VLC development team

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-89584829209713700972011-06-06T07:27:00.001-07:002011-06-06T07:27:37.776-07:00

On Sunday Adobe released an update to Flash Player to combat a 0-day -- an exploit previously unknown which is "in the wild".  This may also affect Adobe Reader 9 and 10, so watch this space for updates for those programs in the next few days.ISC Diary | Adobe releases Flash Player patch on a Sunday to combat latest 0dayAdobe releases Flash Player patch on a Sunday to combat latest 0dayhttp://

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-44849493354220071132011-05-13T11:57:00.001-07:002011-05-13T11:57:56.296-07:00

This has much better privacy controls, comes with a new Control Panel applet (in Windows), and includes some security fixes.  Download it and install it soon, the Bad Guys will be sure to take advantage of security holes in the older versions soon.Adobe Flash Player 10.3 released (new Privacy Controls) - Security | DSLReports Forums Adobe Flash Player 10.3.181.14 released May 12, 2011Download

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-5874725920866046692011-05-11T08:04:00.001-07:002011-05-11T08:04:55.495-07:00

If you shop at Michael's and have used your debit card there, I recommend you pay close attention to your bank account, or maybe even request a new debit card number by "losing" your debit card.Breach at Michaels Stores Extends Nationwide — Krebs on SecurityEarlier this month, arts & crafts chain Michaels Stores disclosed that crooks had tampered with some point-of-sale devices at store registers

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-34537537283726840612011-05-11T08:00:00.001-07:002011-05-11T08:00:12.783-07:00

Sysadmins deserve a light month every once in a while.  Microsoft's Patch Tuesday this month has only two patches, one of which affects servers on company networks and the other of which affects PowerPoint.  No reboot has been required on any workstation I have patched so far.  SANS rates both patches "Critical", meaning they need to be patched but exploitation is not widespread right

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-14480848285204325842011-05-11T07:51:00.001-07:002011-05-11T07:51:56.466-07:00

As is typical of a new standard, after it has been out for a while people start discovering security flaws.  WebGL is no exception.  If you are running Firefox 4, use "about:config: to disable it.US CERT: WebGL Security Risksadded May 10, 2011 at 11:35 amUS-CERT is aware of reports indicating that WebGL contains multiple significant security issues. The impact of these issues includes arbitrary

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-87406368085281714012011-04-29T15:11:00.001-07:002011-04-29T15:11:39.191-07:00

Security patches included, be sure to update when you can.Mozilla Firefox 3.6.17 Release NotesWhat’s New in Firefox 3.6.17v.3.6.17, released April 28th, 2011Firefox 3.6.17 fixes the following issues found in previous versions of Firefox 3.6: Fixed several security issues.Fixed several stability issues. Please see the complete list of changes in

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-56811201477692738202011-04-21T12:26:00.002-07:002011-04-21T20:37:33.527-07:00

I use Foxit Reader or SumatraPDF in preference to Adobe Reader, but most users have Adobe installed. Update 8:30 PM: added Krebs-on-Security blog reference info at bottom. Adobe Reader and Acrobat Security Updates Adobe released important security updates for Adobe Reader X (10.0.2) and earlier 10.x and 9.x versions for Windows and Macintosh OS. The bulletin is posted here. [snip] Affected

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-51996103980687559362011-04-18T21:38:00.001-07:002011-04-18T21:38:18.554-07:00

Apple releases iTunes 10.2.2, includes security fixApple releases iTunes 10.2.2, includes security fix. More here: http://support.apple.com/kb/DL1103About the security content of iTunes 10.2.2

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-32818461817369922832011-04-18T21:27:00.001-07:002011-04-18T21:27:12.585-07:00

Don't forget you need different patches for Internet Explorer and Firefox/Opera.Adobe patches latest Flash zero-dayGoogle Chrome users got the the update Thursday By Gregg Keizer, Computerworld April 15, 2011 04:26 PM ET Adobe today patched a critical vulnerability in Flash Player that the company said criminals were already exploiting with

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-33703455160103318702011-04-15T20:18:00.001-07:002011-04-15T20:18:44.826-07:00

If you run any Apple devices (anything running OS X or iOS, such as a Mac computer, iPad, or iPhone), you will want to check your patch status.US-CERT Current Activity: Apple Releases Security Updatesadded April 15, 2011 at 09:40 amApple has released the following security updates:Security Update 2011-002 addresses a vulnerability in the Certificate Trust Policy for Mac OS X v10.5.8, Mac OS X

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-89886506116648233462011-04-15T20:10:00.002-07:002011-04-15T20:15:43.202-07:00

Of course it would come out on a Friday.  This is a "PATCH NOW" situation as this vulnerability is being exploited now. For corporate installation, you may need to wait.  As of 19:03 MST on Fri 15 Apr 2011 the MSI installers are still the old version .  The EXEs are current, for manual installation. Google has patched Chrome separately, since they have their own version of the Flash player. Adobe

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-30994939045416407392011-04-13T10:10:00.001-07:002011-04-13T10:10:42.962-07:00

VideoLAN has patched their VLC player to fix some security issues.  VideoLAN - NewsVLC 1.1.92011-04-12VideoLAN and the VLC development team present VLC 1.1.9, a minor release of the 1.1 branch.This release, not long after 1.1.8, was necessary because some security issues were found, and the VLC development team cares about security.This release also brings updated translations and a lot of small

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-43691804814069291772011-04-13T08:31:00.001-07:002011-04-13T08:31:40.371-07:00

It's the biggest one since last December's record, and it patches more vulnerabilities than that one.  SANS has given several of the patches its highest rating: "PATCH NOW!". All the systems I have patched are stable, so if you're a home user, go ahead and run Microsoft Update. Microsoft delivers monster security update for Windows, IEMicrosoft today patched a record 64 vulnerabilities in

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-23313763883468384472011-04-11T20:02:00.001-07:002011-04-11T20:02:08.914-07:00

Be very careful with any documents (Word documents, Excel spreadsheets) you receive in email.  Do NOT just open them from your email program.  If you think they are legitimate, SAVE them to your hard drive, then submit them to VirusTotal for analysis by over 40 different anti-virus products.New Adobe Flash Zero Day Being Exploited? — Krebs on SecurityAttackers are exploiting a previously unknown

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-31741894809633790512011-03-25T13:03:00.001-07:002011-03-25T13:03:56.485-07:00

I use VLC in preference to Windows Media player and iTunes/QuickTime.US-CERT: VideoLAN Releases VLC Media Player 1.1.8added March 25, 2011 at 07:43 amVideoLAN has released VLC Media Player 1.1.8 to address two vulnerabilities. These vulnerabilities are due to the improper handling of .AMV and .NSV files. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.US-CERT

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-69748701777783082282011-03-24T01:35:00.001-07:002011-03-24T01:35:04.094-07:00

Wonderful news: on Wednesday, 23 March: an "out-of-cycle" Windows Update was released.  These are only rolled out when there are active attacks that can be fixed quickly.  Mozilla and Google have also rolled out patches, so if you run Firefox, please update it as well (Chrome auto-updates, while Firefox usually checks once a day).  The ZDNet ZeroDay article below has the "friendliest" write-up

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-57620920748358831432011-03-22T12:39:00.001-07:002011-03-22T12:39:59.521-07:00

Apple patches Pwn2Own flaw in massive Mac OS X update | ZDNetBy Ryan Naraine | March 22, 2011, 9:20am PDTApple has shipped another Mac OS X mega-update with fixes for 54 security vulnerabilities, including one that was used to hijack an iPhone 4 device at this year’s CanSecWest Pwn2Own hacker challenge.The Pwn2Own vulnerability, exploited by researchers Charlie Miller (right) and Dion Blazakis,

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-54093283506912656532011-03-17T07:31:00.001-07:002011-03-17T07:31:36.652-07:00

I have seen reports of a new flaw in Adobe Flash player in many places on the 'net over the past few days. Adobe warns of Flash Player zero-day attack | ZDNetMalicious hackers are using rigged Microsoft Excel files to exploit a zero-day flaw in Adobe’s ubiquitous Flash Player software.A security advisory from Adobe says the “critical” vulnerability affects the latest versions of Adobe Flash

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-77956529469646120772011-03-09T21:26:00.001-07:002011-03-09T21:26:04.053-07:00

A SysAdmin's work is never done.  Brian Krebs has a good write-up on this week's need for patches:Patch Tuesday, Etc. — Krebs on SecurityMicrosoft has issued security updates to fix at least four security holes in its Windows operating system and other software. Not exactly a fat Patch Tuesday from Microsoft, but depending on how agile you are in updating third-party applications like Flash,

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-3071665854394131112011-03-09T11:03:00.001-07:002011-03-09T11:03:20.037-07:00

Windows Updates were released on Tuesday. My XP system didn't require a reboot. Windows 7 SP1 is out, with reports of some troubles. Brian Krebs has a story on it: Before You Install Windows 7 Service Pack 1 — Krebs on SecurityApple updated Java a few days ago:Apple updates JavaApple has also released a couple of updates today. Apparently, they are catching up on some Java updates that Oracle

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-71812594384239391992011-03-03T12:51:00.001-07:002011-03-03T12:51:55.547-07:00

In addition to Windows Updates this month, system admins have their hands full patching lots of Internet-touching software:Apple plugs 57 major security holes in iTunes | ZDNetIf you use Apple’s iTunes software — whether on Windows or Mac OS X — it’s important that you immediately apply the latest software update.Apple has shipped iTuens [sic] 10.2 as a highly-critical patch to cover a whopping

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-79835830026125129312011-02-15T20:02:00.001-07:002011-02-15T20:02:40.840-07:00

I thought I was done patching after that incredible Tuesday last week:February 2011 Microsoft Black Tuesday SummaryAdobe - Security Bulletins: APSB11-01 - Security update available for Shockwave PlayerAdobe - Security Bulletins: APSB11-02 - Security update available for Adobe Flash PlayerAdobe - Security Bulletins: APSB11-03 - Security updates available for Adobe Reader and AcrobatAt least they

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-59210331637488576792010-12-10T10:29:00.003-07:002010-12-10T18:34:23.456-07:00

The second week in December is starting with a bunch of patching.  So far this week, we have QuickTime, Firefox, and Thunderbird with security updates, and next Tuesday promises to be another record Patch Tuesday with patches for IE among other things.  (Updated Fri 10 Dec 2010  18:31 MST) Apple QuickTime Patch Fixes 15 Flaws — Krebs on Security Apple this week issued an update that plugs at

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-83129544440554974872010-12-10T10:02:00.001-07:002010-12-10T10:02:07.355-07:00

It has been a busy month, and I have not been keeping up with timely posting here.  I will try to keep this a little more current from now on.  We'll start with November's Patch Tuesday and go forward from there.  The final article linked below is definitely something anyone who uses open WiFi hotspots in Starbucks and other places should read.  Also, if you use Flash Player or Adobe Reader, both

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-79129081123931534512010-11-04T09:05:00.001-07:002010-11-04T09:05:26.580-07:00

More patching: Firefox has been patched to plug a 0-day flaw that was being exploited "in the wild", and Mozilla Thunderbird has been patched to fix the same bug (which was not exploitable in TBird).  Adobe's Flash Player and Adobe Reader 9 both have a vulnerability that is also currently being exploited; Adobe is supposed to issue a patch for the Flash player today (November 4, 2010) but Reader

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-49414390919813298602010-11-04T08:17:00.001-07:002010-11-04T08:17:35.816-07:00

This hit the blogs and tech news sites yesterday.  In one of Microsoft's write-ups, they point out that running as a "Limited User" (an account that doesn't have administrator privileges) is one way to avoid this exploit.  Firefox and Chrome are also not subject to this problem.  The Symantec article has the best technical details.Vulnerability in Internet Explorer Could Allow Remote Code

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-52593055272588524732010-10-21T10:13:00.000-07:002010-10-21T10:13:00.373-07:00

Time for another round of patching, boys and girls.  Mozilla has patched both Firefox and Thunderbird, and Chrome has some more updates (although Chrome automatically updates itself silently).  If you have the Real Player installed, it, too, needs patching.SANS: Firefox 3.6.11 and 3.5.14 released Thunderbird 3.1.4 and 3.0.9 releasedFirefox 3.6.11 and 3.5.14 released, includes security updates (

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-58640744691798909802010-10-12T21:00:00.001-07:002010-10-12T21:00:09.760-07:00

It's looking like there really are some PATCH NOW! patches in today's set of fixes for Microsoft Windows.  Also, Oracle released a major patch for the Java Runtime Engine (JRE), taking it to 6u22.  If you have Java installed, you should patch that as well.  Get your Java patch here: Java Downloads for All Operating Systems.  Here are links to two stories with "user-friendly" discussions of why

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-2034949846785046582010-10-12T11:22:00.001-07:002010-10-12T11:22:06.160-07:00

Today was Microsoft's biggest Patch Tuesday in a long time, possible ever.  SANS (first link below) rates several of these PATCH NOW!, their highest rating.  Anyone who runs as administrator on XP should probably patch ASAP.  I'm patching my work systems and home systems now and will report if I have any problems over the next day or so.SANS: October 2010 Microsoft Black Tuesday SummaryMicrosoft

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-69793759944256565522010-10-05T20:56:00.001-07:002010-10-05T20:56:51.553-07:00

Finally the active 0-day exploit is being patched.  Brian Krebs has the most consumer-friendly write-up on it.Reader, Acrobat Patches Plug 23 Security Holes — Krebs on SecurityA new security update from Adobe plugs at least 23 security holes in its PDF Reader and Acrobat software, including two vulnerabilities that attackers are actively exploiting to break into computers.Adobe is urging Reader

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-87535746415082011292010-10-01T08:52:00.001-07:002010-10-01T08:52:00.945-07:00

If you are still running Windows XP, it's really time to stop using Internet Explorer (except for Windows Update) and switch to Firefox or Google Chrome.  There is an active zero-day active that Microsoft has acknowledged in a Security Advisory that affects all XP+IE users without warning when they click a malicious link. People whose firewall blocks Windows file sharing at the network perimeter

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-45056146835329322022010-09-21T08:51:00.001-07:002010-09-21T08:51:45.993-07:00

The US-CERT article and the ZDNet article linked below both have more information.  I have patched my systems without problems.  If you watch online videos or don't have an adblocker, you should update ASAP as the vulnerability this fixes is being exploited as I type.Adobe released Flash Player 10.1.85.3. Download it at http://www.adobe.com/support/flashplayer/downloads.htmlAdobe released Flash

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-7748101266577744302010-09-16T09:53:00.001-07:002010-09-16T09:53:47.535-07:00

I have already patched all my computers without issue.  These stories all have more technical details and links for those who want to know more.Patch Tuesday recap: Exploits expected for Windows security holes | ZDNetMicrosoft has shipped nine security bulletins with patches for at least 11 documented vulnerabilities in Windows and Microsoft office and is urging customers to pay special

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-22532895109556082382010-09-15T11:11:00.001-07:002010-09-15T11:11:11.357-07:00

I am going to start accumulating links for weekly posts.  Here's the first set:"Patch Tuesday" includes two CRITICAL patches rated "PATCH NOW" by SANSSANS issued the unusual "PATCH NOW" recommendation for two of this month's "Patch Tuesday" patches.  One is rated "Critical" for Windows XP by Microsoft, and the other affects IIS (Microsoft's web-server software).  If you are running XP on a

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-88437434041802638752010-09-14T09:47:00.001-07:002010-09-14T09:47:37.152-07:00

I'm seeing reports of this everywhere.  Adobe Flash Player and Adobe Reader 9.3.4 and earlier versions are both subject to 0-day exploits which are "in the wild".  Supposedly the Flash flaw will be fixed in two weeks, the Adobe Reader flaw in four weeks.  That's a long time to go with active exploits.  No word on whether or not this affects other PDF readers.Adobe Flash v10.1.82.76 and earlier

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-88653630059642981232010-09-09T09:31:00.001-07:002010-09-09T09:31:22.482-07:00

Unless you absolutely have to have QuickTime (iTunes requires it), you're better off without it.  The VLC media player will play QuickTime media so you don't really need it.Active exploits targeting Apple QuickTime 0-day - SC Magazine USAttackers are now actively exploiting a recently published zero-day vulnerability in Apple QuickTime, security firm Websense disclosed Tuesday.The flaw, details

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-82962981035205190502010-09-09T08:43:00.001-07:002010-09-09T08:43:43.927-07:00

If you use Safari, you should patch, although Windows users who don't use Safari but have had it installed by Apple without knowing they did should just uninstall it. Google has patched Chrome, Opera has been patched, and Mozilla has patched Firefox and Thunderbird to fix the Windows DLL-loading issue that has been made public recently. It's going to be a busy week for sysadmins ...Apple

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-60361894539625650322010-09-09T08:35:00.001-07:002010-09-09T08:35:54.790-07:00

More fun for system administrators: patch your iTunes and Chrome installations.Apple patches 13 iTunes security holes | ZDNetBy Ryan Naraine | September 2, 2010, 8:38am PDTApple has shipped a new version of its iTunes media player to fix 13 security flaws that cold be exploited to launch attacks against Windows machines.The patches in the new iTunes 10 covers vulnerabilities in WebKit, the

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-33937055236268948482010-09-09T08:30:00.001-07:002010-09-09T08:30:30.290-07:00

I've seen multiple reports of this, all referring to Adobe Reader 9.3.4 and Adobe Reader 8.2.4 (the latest versions).   I've seen no mention of whether or not this affects Foxit Reader or other PDF readers.  FWIW on my home machine, where I do most of my "surfing", I use Foxit Reader as my default PDF reader and SumatraPDF when opening PDFs directly from web links.Computer Security Research -

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-9025825877504075742010-09-01T20:44:00.001-07:002010-09-01T20:44:33.091-07:00

If you have Real Player (AOL often installs it), you need to patch it.  The ZDNet article below has the best explanation I have seen.US-CERT Current Activity: RealNetworks Releases Update to Address Vulnerabilities in RealPlayeradded August 31, 2010 at 08:23 amRealNetworks, Inc. has released an update for RealPlayer to address multiple vulnerabilities. These vulnerabilities may allow a remote,

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-6697487620015028052010-09-01T20:38:00.001-07:002010-09-01T20:38:16.435-07:00

This has been getting a lot of play in the trade press over the past week or so.  It's a complicated issue, and there is no simple patch.  The Microsoft "Fixit" isn't just a one-click fix like most of their "Fixits", either.  The Krebs on Security article below has a good but technical discussion of the problem.FWIW I haven't patched any of my personal computers, but I never browse the Internet

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-29977696492786022010-08-24T23:04:00.001-07:002010-08-24T23:04:30.986-07:00

Apple patches 13 Mac OS X vulnerabilities | ZDNetBy Ryan Naraine | August 24, 2010, 2:19pm PDTApple has shipped a new Mac OS X security update to fix 13 documented vulnerabilities, some serious enough to expose users to remote code execution attacks.The patch includes fixes for security holes in several open-source components, including ClamAV and PHP.Here’s a quick look at the vulnerabilities

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-40788992359456969342010-08-20T13:41:00.001-07:002010-08-20T13:41:25.120-07:00

The patch treadmill rolls along.  Google Chrome was patched just recently, and here it is again.  Ditto for VLC.  I was glad to read the Microsoft blog entry as that may explain how some of my out-of-date home users were infected recently.US-CERT Current Activity: Google Releases Chrome 5.0.375.127added August 20, 2010 at 08:47 amGoogle has released Chrome 5.0.375.127 for Windows, Mac, and Linux

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-28108634966312293542010-08-19T21:38:00.001-07:002010-08-19T21:38:58.756-07:00

Well, Adobe shipped an "emergency" set of patches for Adobe Reader 8.x and 9.x.  If you are updating manually you can get them here: Adobe.com - New downloads.  So far they appear to be working fine on all the systems where I have installed them.Adobe ships critical PDF Reader patch | ZDNetAdobe has shipped a security bulletin with patches for two critical vulnerabilities in its PDF Reader and

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-62835519716948424462010-08-13T21:45:00.001-07:002010-08-13T21:45:24.155-07:00

No details are provided on what has been patched.  If you use the Google Chrome browser, it should auto-update.&nbsp. One of the Chrome alternatives (which don't feed your surfing life to Google), Iron Browser isn't keeping up -- their newest version is dated late June, but ChromePlus was just updated today (13 Aug 2010) and can be downloaded [HERE].US-CERT Current Activity: Google Releases

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-31299824256884774352010-08-11T08:50:00.001-07:002010-08-11T08:50:25.372-07:00

I have applied the Windows Update patches and Flash updates to my systems and I haven't seen any issues, but I don't use Microsoft Office and there are critical patches to Office this month.  According to Brian Krebs, the Office patch is very important: "... a patch that fixes at least four vulnerabilities in Microsoft Office, the most severe of which could lead to users infecting their PCs with

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-47257348993069029312010-08-08T16:47:00.001-07:002010-08-08T16:47:52.159-07:00

Foxit Fix for “Jailbreak” PDF Flaw — Krebs on SecurityOne of the more interesting developments over the past week has been the debut of jailbreakme.com, a Web site that allows Apple customers to jailbreak their devices merely by visiting the site with their iPhone, iPad or iTouch. Researchers soon learned that the page leverages two previously unknown security vulnerabilities in the PDF reader

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-6237258660304712562010-08-06T22:34:00.001-07:002010-08-06T22:34:55.723-07:00

Foxit Software moved a little faster on this than Adobe did ...US-CERT Current Activity: Foxit Releases Foxit Reader 4.1.1.0805added August 6, 2010 at 10:31 am Foxit has released Foxit Reader 4.1.1.0805 to address a vulnerability associated with the improper rendering of PDF documents. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.US-CERT

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-48233015018887706132010-08-05T23:19:00.001-07:002010-08-05T23:19:40.824-07:00

Looks like SysAdmins are going to be busy little pupplies this coming week.  Not only will we have to patch Adobe Reader, Microsoft has announced another record-tying Patch Tuesday.Microsoft readies record 14 fixes, eight critical - SC Magazine USMicrosoft on Thursday announced that next week it plans to deliver a record 14 patches to resolve 34 vulnerabilities across its product line.The 34

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-43307796616514153072010-08-05T23:16:00.001-07:002010-08-05T23:16:06.107-07:00

Patching Adobe products is just getting OLD (not to mention expensive). FWIW I use both the Foxit Reader and the Sumatra PDF viewer rather than Adobe Reader on Windows.Adobe confirms critical flaw in Reader and Acrobat - SC Magazine USThe vulnerability affects the current version of the software, Adobe Reader 9.3.3, and earlier versions for Windows, Macintosh and UNIX, Adobe said. It also

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-12605183328537397232010-08-03T12:54:00.001-07:002010-08-03T12:54:59.193-07:00

SANS gave this their ultimate "PATCH NOW" rating.  I have patched and only noticed one minor issue with an icon in one user's "Quick Launch" taskbar area on XP Pro.As attacks escalate, Microsoft ships emergency Windows patch | ZDNetMicrosoft has rushed out and emergency patch for all supported versions of Windows to cover a gaping — and under attack — security flaw in the way shortcuts are

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-25330386171417233442010-07-30T09:52:00.001-07:002010-07-30T09:52:27.748-07:00

This was the week for worrying about the Microsoft LNK 0-day exploit (I found at least one laptop with 54 instances of it), browser patches, and a nasty flaw in a banking app for the iPhone:SophosLabs Released Free Tool to Validate Microsoft ShortcutSophosLabs has just released a free tool that provides detection against the Windows shortcut exploit that we published last week here and here.

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-70989039085248217462010-07-21T10:11:00.002-07:002010-07-25T07:20:45.604-07:00

Well, I predicted Microsoft would patch this problem, but first they want us to "FixIt" manually.  I ran this FixIt on my main workstation and the main effect is to change some of your "Quick Start" and desktop icons to generic ones:  becomes This mike look like a problem but it is really only a minor inconvenience.  When you hover your mouse over an icon, a tooltip pops up with its name.  And

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-32065670344175421492010-07-21T09:57:00.001-07:002010-07-21T09:57:08.520-07:00

Good write-up at the Zero Day blog at ZDNet about what has been fixed in Firefox 3.6.7 and why you need to update, especially if you are running as a local administration.Firefox hit by drive-by download security holes | ZDNetMozilla has shipped a mega patch for Firefox to fix a total of 16 security flaws that expose Web surfers to drive-by download, data theft and local bar spoofing attacks.The

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-21540912990882038322010-07-20T19:04:00.001-07:002010-07-20T19:04:20.650-07:00

If you buy gas using a DEBIT card, you're particularly at risk since when your debit-card account is compromised, the effects on you are much worse than when a credit-card account is stolen.  The scary thing about these "skimmers" is that they're INTERNAL -- inside the gas pumps -- and can't be seen from the outside.  The Krebs on Security blog has a lot more than the stuff I've excerpted

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-29094235575422445702010-07-20T18:58:00.001-07:002010-07-20T18:58:24.092-07:00

Mozilla Firefox 3.6.7 Release Notes What’s New in Firefox 3.6.7 Firefox 3.6.7 fixes the following issues found in previous versions of Firefox 3.6: Fixed several security issues.Fixed several stability issues. Please see the complete list of changes in this version. You may also be interested in the Firefox

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-37213671756051503202010-07-20T11:18:00.001-07:002010-07-20T11:18:15.830-07:00

Here's another patch that needs to be installed on any Windows computer running iTunes.iTunes buffer overflow vulnerabilityApple is reporting new version of iTunes (9.2.1), which address CVE-2010-1777: A buffer overflow exists in the handling of itpc: URLs, which might lead to application termination or arbitrary code execution.More information at http://support.apple.com/kb/HT4263.This affects

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-13812864694071220202010-07-20T11:14:00.001-07:002010-07-20T11:14:13.540-07:00

This one looks very serious to me, and I expect Microsoft will be forced to release an "out-of-band" patch to correct this problem. Unfortunately both the workarounds proposed by Microsoft in its Security Advisory have significant effects on the usability of Windows PCs -- disabling the use of icons for shortcuts means all your desktop shortcuts and all your "Quick Start" icons will be identical

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-61642858079255892552010-07-14T18:12:00.001-07:002010-07-14T18:12:16.791-07:00

Two quickies about phone security issues and one surprising report about which company had the most vulnerabilities.Slashdot News Story | Hack AT&T Voicemail With AndroidAn anonymous reader writes "It is shockingly easy to gain access to an AT&T customer's voicemail using caller ID spoofing techniques. What's worse is that AT&T knows about it. On your Android phone, download one of the two caller

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-61929552364232226182010-07-14T18:04:00.002-07:002010-07-14T18:07:18.748-07:00

Microsoft's Patch Tuesday for July, 2010, was a small but very important one.  SANS rates patch MS10-042 as "PATCH NOW", their highest rating. It affects Windows XP and Windows 2003 Server only, not Vista or Windows 7.  This patch fixes a vulnerability which is being actively exploited right now, so if you are still running XP, get patching!  Here are links to and some wording from articles

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-8375641016173429162010-07-12T23:01:00.001-07:002010-07-13T06:50:35.737-07:00

Since the last time I posted I have driven 7,000 miles, from Tucson, Arizona, to Mt. Desert Island and Acadia National Park in Maine, and back. Most of the driving west of the Mississippi and about half the driving east of it was on non-Interstate highways to avoid traffic. I need a vacation to recover from my vacation. Of course, the Bad Guys don't take vacations, or if they do, they don't

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-21553737843259490722010-06-23T09:52:00.002-07:002010-06-24T09:46:35.405-07:00

It seems to be a little faster than 3.6.3 ... and it includes some better crash protection. Go get it! Mozilla Releases Firefox 3.6.4 The Mozilla Foundation has released Firefox 3.6.4 and Firefox 3.5.10 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-68554948542323111692010-06-23T09:49:00.001-07:002010-06-23T09:49:43.376-07:00

Just one more reason to browse the Internet using Firefox with NoScript and as a non-administrator.  Use a limited account or use DropMyRights when you browse from machines where you must run as administrator.Lenovo Support Website Loads Malicious IFrame, Infects Visitors With Trojan | CyberInsecure.comThe support site of leading Chinese PC manufacturer Lenovo has been compromised by unknown

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-58007347939262016302010-06-17T22:30:00.001-07:002010-06-17T22:30:11.601-07:00

WebKit security flaws haunt Apple's iTunes | ZDNetApple has shipped a critical security patch for its iTunes media player to fix several gaping security holes that expose Windows users to hacker attacks.The vulnerabilities could be exploited to launch remote code execution attacks if a user simply opens an image file or surfs to a rigged Web site. The update applies to Windows 7, Windows Vista

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-78663971289978473932010-06-16T14:06:00.001-07:002010-06-16T14:06:38.978-07:00

Apple Security Update 2010-004 / Mac OS X v10.6.4 Shipping with Outdated Version of Adobe Flash Player - Adobe Product Security Incident Response Team (PSIRT)Earlier today, Apple released security update 2010-004 / Mac OS X v10.6.4. This update includes an earlier version of Adobe Flash Player (version 10.0.45.2) than available from Adobe.com. While the Mac OS X v10.6.4 update does not appear to

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-86524459892822611892010-06-16T09:10:00.001-07:002010-06-16T09:10:23.123-07:00

Apple releases advisory for Mac OS X - Multiple vulnerabilities discoveredApple released today an advisory for multiple vulnerabilities discovered in Mac OS X. Impacted programs includes CUPS, Desktop Services, Folder Manager, Help Viewer, iChat, ImageIO, Kerberos, libcurl, Network Autorization, Open Directory, Printer Setup, Printing, Ruby, SMB File Server, Squirrelmail, and Wiki Server. Mac

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-21394035254541467362010-06-16T09:08:00.001-07:002010-06-16T09:08:49.893-07:00

There are multiple reports of drive-by downloads appearing. Drive-by downloads are dangerous because you can be infected without taking any action other than browsing to a webpage which carries the infection. If you are running Windows XP as an administrator, you should probably immediately apply one of the workarounds described on the Microsoft page linked below.Microsoft confirms exploits

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-61131890780353037072010-06-10T23:12:00.002-07:002010-06-10T23:19:42.649-07:00

A nasty hole in Adobe Flash (all platforms: Windows, Mac, Linux) has been patched on the Windows version. A related hole in Adobe Reader 9 is still unpatched. I have patched my Adobe Flash players and am in the process of patching Flash on business client computers. For home users, links to the Flash patches can be found here: Adobe - Security Bulletins: APSB10-14 Security update available for

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-29512779276781781012010-06-10T22:41:00.002-07:002010-06-10T23:22:39.606-07:00

Windows Vista, Windows 7, Windows Server 2008/2008 R2 all appear immune. XP and Server 2003 are vulnerable. If you run as "Administrator" and use IE, your are particularly at risk. Those of us who run as non-admin users and use Firefox or Chrome are pretty safe, as far as I can tell at this early time. Microsoft Security Advisory 2219475 Microsoft has issued a Security Advisory for the

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-382806614705109772010-06-10T09:40:00.001-07:002010-06-10T09:40:35.211-07:00

People surfing with ad blockers and script blockers would have been less likely to have been caught by this, which is one more reason I use the Firefox Browser with the Adblock Plus and NoScript add-ons. Even ChromePlus doesn't block scripts, although you can get an ad-blocker that uses the same lists as the Firefox ad-blocker and also a Flash blocker.Thousands Of High-Ranked Webpages Infected

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0tag:blogger.com,1999:blog-4635567720205012055.post-57771166293794669792010-06-08T13:48:00.001-07:002010-06-08T13:48:57.936-07:00

Well, this month's set of Microsoft patches have been released, and it's a big set. Microsoft is urging that system admins roll out several of these ASAP as exploit code is either "in the wild" or easy to develop.Microsoft finally fixes Pwn2Own browser flaw | ZDNetThe Microsoft Patch Tuesday train rolled into town today, dropping off a massive 10 security bulletins with fixes for at least 34

Angus Scott-Fleminghttp://www.blogger.com/profile/00881345250007488266noreply@blogger.com0