DarkFiber Consulting – IT Managed Services

Adobe Releases Flash 10.1

June 23rd, 2010 . by DarkFiber Consulting

Adobe has released a Security Bulletin to address vulnerabilities in Adobe Flash Player 10.0.45.2 and earlier versions and in Adobe AIR 1.5.3.9130 and earlier versions.  Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Adobe Security Bulletin APSB10-14 and to update to Adobe Flash Player 10.1 to help mitigate the risks.

Adobe Reader and Acrobat JavaScript Vulnerabilities

May 9th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of two vulnerabilities affecting Adobe Reader and Acrobat. The JavaScript methods customDictionaryOpen() and getAnnots() do not safely handle specially crafted arguments and can be manipulated to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to disable JavaScript in Adobe Reader to help mitigate the risk:

  1. Open the General Preferences dialog box
  2. From the Edit menu, select Preferences and then choose JavaScript
  3. Un-check Enable Acrobat JavaScript

Additional information regarding these vulnerabilities can be found in the Adobe PSIRT blog entry and in the Vulnerability Notes Database. DarkFiber Consulting will provide additional information as it becomes available.