DarkFiber Consulting – IT Managed Services

Google Releases Chrome 7.0.517.41

October 23rd, 2010 . by DarkFiber Consulting

Google has released Chrome 7.0.517.41 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, conduct URL spoofing, or bypass security restrictions.

DarkFiber Consulting encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

Google Releases Chrome 5.0.375.125

August 6th, 2010 . by DarkFiber Consulting

Google has released Chrome 5.0.375.125 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information.

DarkFiber Consulting encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

Google Releases Chrome 5.0.375.70

June 23rd, 2010 . by DarkFiber Consulting

Google has released Chrome 5.0.375.70 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site scripting attacks, bypass security restrictions, or obtain sensitive information.

DarkFiber Consulting encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 5.0.375.70 to help mitigate the security risks.

Google Releases Chrome 4.0.249.89

March 1st, 2010 . by DarkFiber Consulting

Google has released Chrome 4.0.249.89 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information.

DarkFiber Consulting encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 4.0.249.89 for Windows to help mitigate the risks.

Google Releases Chrome 4.0.249.78

January 27th, 2010 . by DarkFiber Consulting

Google has released Chrome 4.0.249.78 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions, or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 4.0.249.78 for Windows to help mitigate the risks.

Adobe Releases Shockwave Player Update and Flash Player Update

July 30th, 2009 . by DarkFiber Consulting

Adobe has released Shockware Player 11.5.1.601 because previous versions used a vulnerable version of the Microsoft Active Template Library (ATL). Additionally, Adobe has released Flash Player 10.0.22.87 and 9.0.246.0 to address the ATL issue and additional vulnerabilities in Flash Player. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to review Adobe security bulletins APSB09-11 and APSB09-10 and apply any necessary updates to help mitigate the risks. Additional information can be found in the Adobe PSIRT blog and in Adobe security advisory APSA09-04.

Adobe Reader and Acrobat JavaScript Vulnerabilities

May 9th, 2009 . by DarkFiber Consulting

DarkFiber Consulting is aware of public reports of two vulnerabilities affecting Adobe Reader and Acrobat. The JavaScript methods customDictionaryOpen() and getAnnots() do not safely handle specially crafted arguments and can be manipulated to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to disable JavaScript in Adobe Reader to help mitigate the risk:

  1. Open the General Preferences dialog box
  2. From the Edit menu, select Preferences and then choose JavaScript
  3. Un-check Enable Acrobat JavaScript

Additional information regarding these vulnerabilities can be found in the Adobe PSIRT blog entry and in the Vulnerability Notes Database. DarkFiber Consulting will provide additional information as it becomes available.