DarkFiber Consulting – IT Managed Services

Adobe Releases Security Bulletins for Acrobat, Reader, and Flash Player

March 1st, 2010 . by DarkFiber Consulting

Adobe has released two security bulletins to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player.

The first bulletin, APSB10-06, is a security update for Adobe Flash Player and Adobe AIR that addresses a critical vulnerability. Exploitation of these vulnerabilities may allow an attacker to make unauthorized cross-domain requests. The bulletin indicates that the update also addresses a potential denial-of-service issue.

The second bulletin, APSB10-07, indicates that security updates are available for Adobe Reader and Acrobat. These updates address two critical vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, make unauthorized cross-domain requests, or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Adobe Bulletins APSB10-06 and APSB10-07 and apply any necessary updates to help mitigate the risks.

Adobe Releases Shockwave Player Update and Flash Player Update

July 30th, 2009 . by DarkFiber Consulting

Adobe has released Shockware Player 11.5.1.601 because previous versions used a vulnerable version of the Microsoft Active Template Library (ATL). Additionally, Adobe has released Flash Player 10.0.22.87 and 9.0.246.0 to address the ATL issue and additional vulnerabilities in Flash Player. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to review Adobe security bulletins APSB09-11 and APSB09-10 and apply any necessary updates to help mitigate the risks. Additional information can be found in the Adobe PSIRT blog and in Adobe security advisory APSA09-04.

Microsoft Releases Advance Notification for Out-of-Band Security Bulletins

July 30th, 2009 . by DarkFiber Consulting

Microsoft has issued a Security Bulletin Advance Notification indicating that it will be releasing two out-of-band security bulletins. The first bulletin will address issues with Internet Explorer and has the severity rating of critical. The second bulletin will address issues with Visual Studio and has the severity rating of moderate. The notification states that release of these bulletins is scheduled for July 28, 2009.

DarkFiber Consulting will provide additional information as it becomes available.

OpenOffice.org Releases Two Security Bulletins

October 29th, 2008 . by DarkFiber Consulting

OpenOffice.org has released bulletins to address two vulnerabilities. These bulletins address heap-based buffer overflow vulnerabilities in the processing of WMF and EMF files. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to review the following OpenOffice.org security bulletins and apply the resolutions provided by the vendor: