Tuesday, June 29. 2010Adobe releases emergency patch for Reader and Acrobat
Adobe has released an emergency update that patches at least 17 holes in its Reader and Acrobat applications. Adobe was to release patches on July 13, but since the critical vulnerabilities were actively being exploited, the company released the fixes ahead of time.
The fixes address a vulnerability in Windows, Mac, and Linux versions of the reader that allows hackers to remotely install malware on end-users' machines by tricking them into opening a booby-trapped document. The flaw resided in the authplay.dll, AuthPlayLib.bundle, or libauthplay.so.0.0.0 files on Windows, Mac, and Linux machines respectively. Researcher Didier Stevens had shown that by misusing a feature in the PDF specification, hackers could embed a malicious payload in a document and trick Adobe's Reader and Acrobat applications (as well as the competing FoxIT Reader) into executing it. Rajesh had blogged about the “/Launch” attack here. Adobe said it has added code to block any attempts to launch an executable file by default. Moreover they have also altered the way the existing warning dialog appears so as to foil known social-engineering attacks. Wednesday, June 23. 2010Update Mozilla Firefox
Firefox 3.6.4 has been released, this version address 7 vulnerabilities which range from critical issues such as denial of service or arbitrary code execution bugs along with a few lower level issues. Below is list of critical vulnerabilities fixed in this version
MFSA 2010-30 Integer Overflow in XSLT Node Sorting MFSA 2010-29 Heap buffer overflow in nsGenericDOMDataNode::SetTextInternal MFSA 2010-28 Freed object reuse across plugin instances MFSA 2010-26 Crashes with evidence of memory corruption (rv:1.9.2.4/ 1.9.1.10) For full list of fixed vulnerabilities click here. In this version they have also improved the handling of plugin crashes, now if a plugin crash or freez while visiting or browsing a website it will now crash the plugin without killing the browser (process end). User and reader if you have not update visit below link to download. http://www.mozilla.com/en-US/firefox/3.6.4/releasenotes/ Friday, June 18. 2010Growing cyber crime rate indicates lack of skilled staff
Looking at the number of unique malwares that we are receiving in our lab on day to day basis, it clearly points to the fact that the cyber crime activity is growing exponentially. I was wondering when this will stop or come under control and the answer unfortunately is at least not in near future.
The government authorities in charge of computer security and cyber crime are not able to catch up with it. There is huge lack of skilled staff that is needed to do this job. Right from heights authority to the on ground staff there is lot of gap in the actual demand in skills and staff and the actual number of people working on it. This is not the case with government authorities but it also reflects the scenario in private enterprises and corporate organizations. Lack of awareness with respect to computer security which is reflected in lack of demand of security professionals which has reflected in lack of interest in security as a profession and that is finally reflected in lack of degrees and courses in computer security at the education level. All this is helping in growing the cyber crime rate and the cyber crime industry. Cyber security should become a top priority for every body, government authorities, government and private institutes, educational institutes. There is tremendous need for increasing computer security awareness among all the computer users. It is also a high time for all the private and government organizations to improve and increase the security standards for their networks. If no action taken on time cyber crime can become most serious economic and national security challenge. Each computer users if takes responsibility of being security aware and take basic steps to protect his/her computer from getting infected and infecting others, can help in solving the problem to great extend. Thursday, June 17. 2010Time to update Adobe Flash Player and Adobe AIR
Adobe has released a Security Bulletin on the second week of June that lists out vulnerabilities identified for the following software:
- Adobe Flash Player 10.0.45.2 and earlier versions for Windows, Macintosh, Linux and Solaris - Adobe AIR 1.5.3.9130 and earlier versions for Windows, Macintosh and Linux A total of 32 vulnerabilities were identified. Adobe has categorized these vulnerabilities as 'Critical' and recommends all affected users to update their installations to the newest versions. Users of Adobe Flash Player 10.0.45.2 and earlier versions can update to Adobe Flash Player 10.1.53.64 by downloading it from the Adobe Flash Player Download Center or by using the auto-update mechanism within the product when prompted. Users of Adobe AIR 1.5.3.9130 and earlier versions can update to Adobe AIR 2.0.2.12610 by downloading it from the Adobe AIR Download Center. I recommend users of Adobe Flash Player and Adobe AIR 1.5.3.9130 to update to the newest versions, as the mentioned vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system. For detailed information of the Security Update please visit Adobe’s Security Bulletin page. Wednesday, June 16. 2010Microsoft to discontinue support for Windows XP SP2 and Windows 2000
Microsoft has announced that it will discontinue support for Windows XP Service Pack 2 and Windows 2000 after July 13, 2010. Support for Windows Vista Release to Manufacturing (RTM) has already been discontinued since April 2010.
Microsoft has also announced that users with unsupported version of Windows or Service Pack will not be eligible for any support options. Updates, including security updates released with bulletins from the Microsoft Security Response Center, will be reviewed and built for the supported versions and service packs only. To know complete details of this announcement please visit the following webpage: http://www.microsoft.com/windows/enterprise/products/windows-7/end-of-support.aspx Tuesday, June 15. 2010Microsoft Windows Help and Support Center vulnerability
The vulnerability for Microsoft Windows Help and Support Center is being exploited in the wild. More information for this vulnerability at http://www.microsoft.com/technet/security/advisory/2219475.mspx . The vulnerability allows for infecting a Windows system by visiting manipulated web sites, for example (drive-by-download).
Microsoft now has released a “Fix It” tool which unregisters the HCP protocol as a workaround, because there is currently no patch available. We recommend users to use this tool to block the vulnerability from being exploited. Wednesday, June 9. 2010Microsoft Security Bulletin released for the month of June
Microsoft has released its security bulletin for June 2010. This month Microsoft has released 10 bulletins, addressing total 30 vulnerabilities.
Out of the 10 bulletins three bulletins have been rated “Critical” and seven bulletins have been rated “Important”. Six bulletins are related to “Remote Code Execution” vulnerability, three bulletins are related to “Elevation of Privilege” vulnerability and one bulletin is related to "Tampering" vulnerability. The following vulnerabilities have been rated Critical:
For detailed information of all the bulletins and the corresponding vulnerabilities addressed, please visit Microsoft Security Bulletin Summary - June 2010 page. I will recommend users to set Windows Update in Install updates automatically mode. So the important patches get applied automatically. Saturday, June 5. 2010Connecting a newly purchased gadget to your PC can be un-safe.
We are very much used to connect a new trendy gadget to our laptop to explore its features and configure etc. Many gadgets has memory card or storage in it to support lot of features like digital camera, music players video players, Mobile phones. All of these when connected to PC are showed as storage or removable drives on PC.
It has been observed that many of these product manufacturers and vendors are not security aware and while packing these devices they are not following security practices and end up with infecting the memory storage/card in the brand new device. This takes place in the shop floor or place where the gadget is being tested and configured before it is being packaged for sale. These devices are packed and made available to customers with the infection as on it. There had been few instances of such infected devices being widely sold and customer unaware believing the new device is safe and connects it to the PC. To the customers surprise the PC gets infected. Recently cases of such infection were reported by few customers of Samsung S8500 Wave phone which was shipped with infected MicrosSD card. For complete story please visit http://bit.ly/9OIzgz So be careful the next time you are connecting a brand new device to your PC, make sure you have your anti-virus up and running and already updated. Thursday, June 3. 2010Adobe releases security update for Adobe Photoshop CS4
Adobe has released an update for Adobe Photoshop CS4 to provide remedial measures for the vulnerabilities identified in Adobe Photoshop CS4 11.0.1 and its earlier versions. The vulnerabilities identified in Adobe Photoshop CS4, allows an attacker to take control of an affected system whenever a user opens a malicious file having extensions like ‘.ASL’, ‘.ABR’ or ‘.GRD’.
Adobe has categorized these vulnerabilities as ‘Critical’ and encourages all customers to update their installations to Adobe Photoshop 11.0.2. The vulnerabilities identified do not affect Adobe Photoshop CS5. Adobe Photoshop CS4 users are recommended to download and apply this update. For detailed information of the Security Update please visit Adobe’s Security Bulletin page. |
ArchivesCalendarSyndicate This Blog |
