DarkFiber Consulting – IT Managed Services

Mozilla Releases Firefox 3.6.4

June 23rd, 2010 . by DarkFiber Consulting

The Mozilla Foundation has released Firefox 3.6.4 and Firefox 3.5.10 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct cross-site scripting attacks. Some of these vulnerabilities also affect Thunderbird and SeaMonkey.

DarkFiber Consulting encourages users and administrators to review the security advisories for Firefox 3.6 and Firefox 3.5 and apply any necessary updates to help mitigate the risks.

Cisco Releases Multiple Security Advisories

March 1st, 2010 . by DarkFiber Consulting

Cisco has released three security advisories to address vulnerabilities.

Security advisory, cisco-sa-20100217-fwsm, addresses a vulnerability in the Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers. Successful and repeated exploitation of this vulnerability could result in a denial-of-service condition.

Security advisory, cisco-sa-20100217-asa, addresses multiple vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances. These vulnerabilities may allow an attacker to gain unauthorized access to an affected system or cause a denial-of-service condition.

Security advisory, cisco-sa-20100217-csa, addresses multiple vulnerabilities in the Cisco Security Agent. These vulnerabilities may allow an attacker to execute arbitrary SQL commands, view and download arbitrary files, or cause a denial-of-service condition.

DarkFiber Consulting encourages users and systems administrators to review Cisco security advisory cisco-sa-20100217-fwsm, cisco-sa-20100217-asa, and cisco-sa-20100217-csa and apply any necessary updates to mitigate the risks.

Symantec Releases Security Advisories

May 9th, 2009 . by DarkFiber Consulting

Symantec has released three security advisories to address multiple vulnerabilities in Symantec Alert Management System, Log Viewer, and Reporting Server. These vulnerabilities may allow an attacker to execute arbitrary code, bypass security mechanisms, or leverage phishing attacks.

DarkFiber Consulting encourages users and administrators to review the following Symantec Security Advisories and apply any necessary updates or workarounds to help mitigate the risks:

DarkFiber Consulting also encourages users to continue following the best practices provided in the advisories to minimize future risks.

VMware Releases Security Advisory VMSA-2008-0018 and Updates VMSA-2008-0016.1

November 10th, 2008 . by DarkFiber Consulting

VMware has released Security Advisory VMSA-2008-0018 and has updated Security Advisory VMSA-2008-0016.1 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to conduct directory traversal attacks, operate with escalated privileges, or obtain sensitive information.

DarkFiber Consulting encourages users and administrators to review VMware Security Advisories VMSA-2008-0018 and VMSA-2008-0016.1 and apply any necessary updates to help mitigate the risks.

Mozilla Releases Firefox and Thunderbird Updates

September 29th, 2008 . by DarkFiber Consulting

Mozilla has released Firefox and Thunderbird v2.0.0.17 and Firefox v3.0.3 to address multiple vulnerabilities. These may allow an attacker to execute arbitrary code, obtain sensitive information, conduct cross-site scripting attacks, cause a denial-of-service condition, operate with escalated privileges, or conduct Clickjacking attacks. Note that Firefox v3.0.2 was initially released to address these vulnerabilities. Version 3.0.3 was released to correct a flaw that was unrelated to the vulnerabilities.

DarkFiber Consulting encourages users and administrators to do the following to help mitigate the risks:

Opera Releases Version 9.52

August 21st, 2008 . by DarkFiber Consulting

Opera Software has released version 9.52 of the Opera web browser to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, inject malicious content into a page on a trusted website, obtain sensitive information, or cause a denial-of-service condition.

DarkFiber Consulting encourages users to review the latest Opera Security Advisories and upgrade to Opera 9.52 to help mitigate the risks.