DarkFiber Consulting – IT Managed Services

Sun Releases Update 17 for Java SE 6

December 10th, 2009 . by DarkFiber Consulting

Sun has released update 17 for Java SE JDK 6 and Java SE JRE 6 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, denial of service, and information disclosure.

DarkFiber Consulting encourages users and administrators to review the Java SE 6 Update 17 release notes and apply any necessary updates to help mitigate the risks.

Apple has released Java for Mac OS X 10.6 Update 1 and Java for Mac OS X 10.5 Update 6 to address these vulnerabilities. Mac users are encouraged to review Apple articles HT3969 and HT3970 and apply any necessary updates to help mitigate the risks.

Apple Releases Security Updates for Multiple Vulnerabilities

December 15th, 2008 . by DarkFiber Consulting

Apple has released Security Update 2008-008 and Mac OS X v10.5.6 to address multiple vulnerabilities in Mac OS X and related products. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, denial of service, or information disclosure.

DarkFiber Consulting encourages users to review Apple article HT3338 and apply the appropriate updates.

Mozilla Releases Updates to Address Vulnerabilities in Multiple Products

November 13th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox 2.0.0.18, Firefox 3.0.4, and SeaMonkey 1.1.13 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, security bypass, cross-site scripting, denial of service, and information disclosure. As described in the Mozilla Foundation security advisories, some of these vulnerabilities may also affect Thunderbird.

DarkFiber Consulting encourages users to review the Mozilla Foundation security advisories and apply any necessary updates to help mitigate the risks.

OpenOffice.org Releases Two Security Bulletins

October 29th, 2008 . by DarkFiber Consulting

OpenOffice.org has released bulletins to address two vulnerabilities. These bulletins address heap-based buffer overflow vulnerabilities in the processing of WMF and EMF files. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to review the following OpenOffice.org security bulletins and apply the resolutions provided by the vendor:

Microsoft Releases Security Advisory 958963

October 27th, 2008 . by DarkFiber Consulting

Microsoft has released Security Advisory 958963 to alert users that exploit code is publicly available for the Windows Server Service vulnerability addressed in Microsoft Security Bulletin MS08-067. The advisory states that this exploit code has demonstrated arbitrary code execution on Windows 2000, XP and Server 2003.

DarkFiber Consulting encourages users and administrators to review Microsoft Security Advisory 958963 and apply the update or workarounds listed in Microsoft Security Bulletin MS08-067 to help mitigate the risks.

Additional information regarding the Windows Server Service vulnerability is available in:

Mozilla Releases Firefox 3.0.2

September 24th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox 3.0.2 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, enabling cross-site scripting, privilege escalation, information disclosure, and denial of service. As described in the Mozilla Foundation Security Advisories, some of these vulnerabilities may also affect Thunderbird and SeaMonkey.

DarkFiber Consulting encourages users to do the following to help mitigate the risks:

Apple Releases Security Updates for Multiple Vulnerabilities

September 16th, 2008 . by DarkFiber Consulting

Apple has released Security Update 2008-006 and Mac OS X v10.5.5 to address multiple vulnerabilities in Mac OS X and related products. The impacts of these vulnerabilities include arbitrary code execution, information disclosure, denial of service, privilege escalation, or DNS cache poisoning.

DarkFiber Consulting encourages users to review Apple article HT3137 and apply the appropriate updates as soon as possible.

DarkFiber Consulting will provide additional details as the they become available.