DarkFiber Consulting – IT Managed Services

Microsoft Releases Out-of-Band Security Bulletin to Address Shortcut Vulnerability

August 6th, 2010 . by DarkFiber Consulting

Microsoft has released security bulletin MS10-046 to address a critical vulnerability affecting Microsoft Windows. This vulnerability is due to the failure of Microsoft Windows to properly obtain icons for shortcut files. By convincing a user to display a specially crafted shortcut file, a remote attacker may be able to execute arbitrary code.

DarkFiber Consulting strongly encourages users and administrators to review Microsoft security bulletin MS10-046 and apply any necessary updates to mitigate the risks.

Additional information regarding this vulnerability can be found in the following:

Firefox Releases Firefox 3.6.8

August 6th, 2010 . by DarkFiber Consulting

The Mozilla Foundation has released Firefox 3.6.8 to address a critical vulnerability. This vulnerability may allow an attacker to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to review the Mozilla Foundation security advisory MFSA 2010-48 and update to Firefox 3.6.8 to help mitigate the risks.

Adobe Releases Security Bulletins for Acrobat, Reader, and Flash Player

March 1st, 2010 . by DarkFiber Consulting

Adobe has released two security bulletins to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player.

The first bulletin, APSB10-06, is a security update for Adobe Flash Player and Adobe AIR that addresses a critical vulnerability. Exploitation of these vulnerabilities may allow an attacker to make unauthorized cross-domain requests. The bulletin indicates that the update also addresses a potential denial-of-service issue.

The second bulletin, APSB10-07, indicates that security updates are available for Adobe Reader and Acrobat. These updates address two critical vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, make unauthorized cross-domain requests, or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Adobe Bulletins APSB10-06 and APSB10-07 and apply any necessary updates to help mitigate the risks.

Adobe Releases Security Bulletin for Critical Vulnerability

October 14th, 2009 . by DarkFiber Consulting

Adobe has released security bulletin APSB09-15 to alert users of a critical vulnerability in Adobe Reader and Acrobat. Adobe indicates that it has received reports of active exploitation of this vulnerability. Release of an update for this vulnerability is scheduled for Tuesday, October 13.

DarkFiber Consulting encourages users and administrators to take the following actions to help mitigate the risks:

  • Review Adobe Security Bulletin APSB09-15.
  • Disable JavaScript in Adobe Reader and Acrobat. Acrobat JavaScript can be disabled in the General preferences dialog (Edit, Preferences, JavaScript, and un-check “Enable Acrobat JavaScript”).