DarkFiber Consulting – IT Managed Services

Mozilla Releases Firefox 3.6.11

October 23rd, 2010 . by DarkFiber Consulting

The Mozilla Foundation has released Firefox 3.6.11 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, or cause a denial-of-service condition. The Mozilla Foundation has also released Firefox 3.5.14 to address these same vulnerabilities. Some of these vulnerabilities also affect Thunderbird and SeaMonkey and are addressed in Thunderbird 3.1.5 and 3.0.9 and SeaMonkey 2.0.9.

DarkFiber Consulting encourages users and administrators to review the Mozilla Foundation Security Advisories released on October 19, 2010 and apply any necessary updates to help mitigate the risks.

Google Releases Chrome 7.0.517.41

October 23rd, 2010 . by DarkFiber Consulting

Google has released Chrome 7.0.517.41 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, conduct URL spoofing, or bypass security restrictions.

DarkFiber Consulting encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

Apple Releases Java for Mac OS X 10.5 Update 8 and Java for Mac OS X 10.6 Update 3

October 23rd, 2010 . by DarkFiber Consulting

Apple has released Java for Mac OS X 10.5 update 8 and Java for Mac OS X 10.6 update 3 to address multiple vulnerabilities affecting the Java package. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Apple articles HT4417 and HT4418 and apply any necessary updates to help mitigate the risks.

RIM Releases Security Advisory for BlackBerry Enterprise Server

October 23rd, 2010 . by DarkFiber Consulting

RIM has released a security advisory to address a vulnerability in the PDF distiller of the BlackBerry attachment service for the BlackBerry Enterprise Server. This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review BlackBerry security advisory KB24547 and apply any necessary updates to help mitigate the risks.

Microsoft Releases October Security Bulletin

October 23rd, 2010 . by DarkFiber Consulting

Microsoft has released updates to address vulnerabilities in Microsoft Windows, .NET Framework, Server Software, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for October 2010. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, operate with elevated privileges, cause a denial-of-service condition, or tamper with data.

DarkFiber Consulting encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

Foxit Releases Foxit Reader 4.2

October 23rd, 2010 . by DarkFiber Consulting

Foxit has released Foxit Reader 4.2 to address multiple vulnerabilities. Exploitation of  these vulnerabilities may allow an attacker to execute arbitrary code, compromise the digital signature of PDF signatures or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review the Foxit security bulletin released on September 29, 2010, review the bug fix list for Foxit Reader 4.2, and apply any necessary updates to help mitigate the risks.

Cisco Releases Security Advisory for Firewall Services Module

August 6th, 2010 . by DarkFiber Consulting

Cisco has released a security advisory to address multiple vulnerabilities in the Cisco Firewall Services Module. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Cisco security advisory cisco-sa-20100804-fwsm and apply any necessary updates to help mitigate the risks.

Apple Releases Safari 5.0.1 and Safari 4.1.1

August 6th, 2010 . by DarkFiber Consulting

Apple has released Safari 5.0.1 and Safari 4.1.1 for Windows and Mac OS X to address multiple vulnerabilities in Safari and WebKit. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information.

DarkFiber Consulting encourages users and administrators to review Apple article HT4276 and apply any necessary updates to help mitigate the risks.

Apple Releases Security Update 2010-004 and Mac OS X v10.6.4

June 23rd, 2010 . by DarkFiber Consulting

Apple has released Security Update 2010-004 and Mac OS X v10.6.4 to address multiple vulnerabilities that affect a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code,  cause a denial-of-service condition, operate with elevated privileges, conduct man-in-the-middle attacks, alter configuration settings, or conduct cross-site scripting attacks.

Note that these Apple updates include Adobe Flash Player plugin version 10.0.45.2, which contains vulnerabilities previously identified in Adobe Security Bulletin APSB10-14. The Adobe Product Security Incident Response Team (PSIRT) has published a blog entry recommending that Mac OS X users upgrade to the latest version of the Flash Player (version 10.1.53.64) after applying these Apple updates.

DarkFiber Consulting encourages users and administrators to review Apple Article HT4188 and the Adobe PSIRT blog entry and apply any necessary updates to help mitigate the risks.

Apple Releases iTunes 9.2

June 23rd, 2010 . by DarkFiber Consulting

Apple has released iTunes 9.2 for Windows systems to address multiple vulnerabilities affecting the ColorSync, ImageIO, and WebKit packages. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Apple article HT4220 and apply any necessary updates to help mitigate the risks.

« Previous Entries