DarkFiber Consulting – IT Managed Services

Foxit Reader Contains Multiple Vulnerabilities

July 2nd, 2009 . by DarkFiber Consulting

Foxit Reader has released updates for multiple vulnerabilities. By convincing a user to open a malicious PDF file, an attacker may be able to execute code or cause a vulnerable PDF viewer to crash. The PDF could be emailed as an attachment or hosted on a website.

DarkFiber Consulting encourages users to review the Foxit Security Bulletin and Vulnerability Note VU#251793 and apply any necessary updates.

Research In Motion Releases Advisory for BlackBerry PDF Distiller Vulnerabilities

May 9th, 2009 . by DarkFiber Consulting

Research In Motion has released a security advisory to address multiple vulnerabilities in the PDF distiller of some released versions of the BlackBerry Attachment Service. The advisory lists the affected versions as BlackBerry Enterprise Server 4.1.3 through 4.1.6 and BlackBerry Professional Software 4.1.4.  By convincing a user to view a specially crafted PDF file, an attacker may be able to execute arbitrary code on the system that hosts the Blackberry Attachment Service.

DarkFiber Consulting encourages users to review BlackBerry security advisory KB17953 and apply any necessary updates.

Additional information is available in the Vulnerability Notes Database.

Microsoft Releases Security Advisory (961051)

December 11th, 2008 . by DarkFiber Consulting

Microsoft has released Security Advisory 961051 to address reports of attacks against a new vulnerability in Internet Explorer 7. By convincing a user to view a specially crafted XML document, an attacker may be able to execute arbitrary code with the privileges of the user. Additionally, Microsoft indicates that it is aware of limited and targeted attacks using this vulnerability.

DarkFiber Consulting encourages users to review the Microsoft Security Advisory 961051 and implement any Suggested Actions to help mitigate the risks.

Additional information is available in the Vulnerability Notes database. DarkFiber Consulting will provide further details as they become available.

Apple Releases iPhone OS 2.2 and iPhone OS for iPod touch 2.2

November 24th, 2008 . by DarkFiber Consulting

Apple has released OS 2.2 for the iPhone and iPod touch to address multiple vulnerabilities. These vulnerabilities affect CoreGraphics, ImageIO, Networking, Office Viewer, Password Lock, Safari, and Webkit. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, place arbitrary calls, cause a denial-of-service condition, spoof user interface,  and obtain sensitive information.

DarkFiber Consulting encourages users to review Apple Article HT3318 and apply any necessary updates.

Microsoft Releases Advance Notification for November Security Bulletin

November 7th, 2008 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that its November release cycle will contain two bulletins, one of which will have the severity rating of Critical. The notification states that this Critical bulletin is for Microsoft Windows and Office. There will also be one Important bulletin for Microsoft Windows. Release of these bulletins is scheduled for Tuesday,  November 11.

DarkFiber Consulting will provide additional information as it becomes available.