December 10th, 2009 . by DarkFiber Consulting
Research In Motion has released a security advisory to address multiple vulnerabilities in the PDF distiller of some released versions of the BlackBerry Attachment Service. The advisory lists the affected versions as BlackBerry Enterprise Server 5.0.0 running on Microsoft Windows version 2003 or 2008, BlackBerry Enterprise Server 5.0.0 running on Microsoft Windows 2000, BlackBerry Enterprise Server software versions 4.1.3 through 4.1.7, and BlackBerry Professional Software 4.1.4. By convincing a user to view a specially crafted PDF file, an attacker may be able to execute arbitrary code or cause a denial-of-service condition on the system that hosts the BlackBerry Attachment Service.
DarkFiber Consulting encourages users and administrators to review BlackBerry security advisory KB19860 and apply any necessary updates.
Posted in Security Alerts | No Comments »
Tagged With: Amp Nbsp • Arbitrary Code • Attacker • Blackberry Server • Blackberry Software • Denial Of Service • Enterprise Server Software • Microsoft • Microsoft 2000 • Microsoft Server • Microsoft Software • Microsoft Windows 2000 • Microsoft Windows Version • Necessary Updates • Pdf Distiller • Pdf File • Professional Software • Research In Motion • Software Versions • Windows 2000
December 9th, 2008 . by DarkFiber Consulting
Microsoft has released Security Advisory 960906 to address reports of a vulnerability in the WordPad Text Converter for Word 97 files. The advisory indicates that Windows 2000 Service Pack 4, Windows XP Service Pack 2, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2 are affected by this vulnerability. Exploitation of this vulnerability may allow an unauthenticated attacker to execute arbitrary code or obtain local user rights. Additionally, Microsoft indicates that they are aware of limited and targeted attacks using this vulnerability.
DarkFiber Consulting encourages users to review Microsoft Security Advisory 960906 and implement any necessary Suggested Actions to help mitigate the risks.
DarkFiber Consulting will provide additional information as it becomes available.
Posted in Security Alerts | No Comments »
Tagged With: Address • Arbitrary Code • Attacker • Microsoft • Microsoft Releases Security Advisory • Microsoft Security Advisory • Pack 2 Windows • Service Pack 1 • Service Pack 2 • Service Pack 4 • Text Converter • Vulnerability Exploitation • Windows 2000 • Windows 2000 Service • Windows 2000 Service Pack • Windows Server • Windows Xp • Windows Xp Service Pack • Word 97 • Xp Service Pack 2
October 27th, 2008 . by DarkFiber Consulting
Microsoft has released Security Advisory 958963 to alert users that exploit code is publicly available for the Windows Server Service vulnerability addressed in Microsoft Security Bulletin MS08-067. The advisory states that this exploit code has demonstrated arbitrary code execution on Windows 2000, XP and Server 2003.
DarkFiber Consulting encourages users and administrators to review Microsoft Security Advisory 958963 and apply the update or workarounds listed in Microsoft Security Bulletin MS08-067 to help mitigate the risks.
Additional information regarding the Windows Server Service vulnerability is available in:
Posted in Security Alerts | No Comments »
Tagged With: Arbitrary Code Execution • Current • Microsoft • Microsoft Releases Security Advisory • Microsoft Security Advisory • Microsoft Security Bulletin • Server Service • Service Vulnerability • Vulnerability Note • Windows 2000 • Windows 2000 Xp • Windows Server • Workarounds