March 1st, 2010 . by DarkFiber Consulting
Cisco has released an advisory to address multiple vulnerabilities in IronPort Encryption Appliance. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information.
DarkFiber Consulting encourages users and administrators to review Cisco Security Advisory cisco-sa-20100210-ironport and apply any necessary workarounds to help mitigate the risks. Additional information regarding these vulnerabilities can be found in Cisco Applied Mitigation Bulletin 111668.
Posted in Security Alerts | No Comments »
Tagged With: Address • Arbitrary Code • Attacker • Cisco • Cisco Security Advisory • Encryption • Ironport • Mitigation • Vulnerabilities • Workarounds
December 10th, 2009 . by DarkFiber Consulting
Microsoft has released security advisory 977981 to address a vulnerability in Microsoft Internet Explorer. This vulnerability may allow an attacker to execute arbitrary code.
DarkFiber Consulting encourages users and administrators to review Microsoft Security Advisory 977981 and implement the suggested workarounds listed in the advisory to help mitigate the risks.
Posted in Security Alerts | No Comments »
Tagged With: Address • Amp Nbsp • Arbitrary Code • Attacker • Internet Explorer • Microsoft • Microsoft Explorer • Microsoft Internet • Microsoft Releases Security Advisory • Microsoft Security Advisory • Vulnerability • Workarounds
December 10th, 2009 . by DarkFiber Consulting
Microsoft has released security advisory 977544 to address a vulnerability in the Server Message Block (SMB) protocol. This vulnerability may allow an attacker to cause a denial-of-service condition. This vulnerability only affects Windows 7 and Server 2008 software.
DarkFiber Consulting encourages users and administrators to review Microsoft security advisory 977544 and apply the workarounds.
Posted in Security Alerts | No Comments »
Tagged With: Address • Attacker • Denial Of Service • Microsoft • Microsoft Releases Security Advisory • Microsoft Security Advisory • Protocol • Server Message Block • Vulnerability • Workarounds
July 30th, 2009 . by DarkFiber Consulting
Microsoft has released two out-of-band security bulletins. The first bulletin, MS09-034, is a cumulative security update for Internet Explorer that addresses several vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code. The second bulletin, MS09-035, addresses vulnerabilities in the Visual Studio Active Template Library (ATL). Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.
Additionally, Microsoft has released security advisory 973882 to provide specific guidance for developers, IT professionals, consumers, and home users regarding the vulnerabilities in Active Template Library (ATL).
DarkFiber Consulting encourages users and administrators to review Microsoft Security Bulletins MS09-034 and MS09-035 and Microsoft Security Advisory 973882 and apply any necessary updates or workarounds to help mitigate the risks. Additional information can be found in Technical Cyber Security Alert TA09-209A.
Posted in Security Alerts | No Comments »
Tagged With: Active Template Library • Arbitrary Code • Atl • Attacker • Consumers • Cumulative Security Update • Cyber Security • Developers • Guidance • Home Users • Internet Explorer • Microsoft • Microsoft Security Advisory • Microsoft Security Bulletins • Necessary Updates • Visual Studio • Workarounds
July 30th, 2009 . by DarkFiber Consulting
Cisco has released a security advisory to address multiple vulnerabilities in Wireless LAN Controllers. The advisory addresses the following:
- Malformed HTTP or HTTPS authentication response denial-of-service vulnerability.
- SSH connections denial-of-service vulnerability.
- Crafted HTTP or HTTPS request denial-of-service vulnerability.
- Crafted HTTP or HTTPS request unauthorized configuration modification vulnerability.
Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or gain full control over the Wireless LAN Controller.
DarkFiber Consulting encourages users and administrators to review Cisco Security Advisory cisco-sa-20090727-wlc and apply any necessary updates or workarounds to help mitigate the risks.
Posted in Security Alerts | No Comments »
Tagged With: Address • Addresses • Attacker • Authentication • Cisco • Cisco Security Advisory • Cisco Wireless • Control • Denial Of Service • Full Control • Lan Controller • Lan Controllers • Necessary Updates • Service Vulnerability • Vulnerabilities • Vulnerability Exploitation • Wireless Lan • Wlc • Workarounds
July 30th, 2009 . by DarkFiber Consulting
Adobe has released a security advisory to address a vulnerability in Adobe Reader and Acrobat 9.1.2 and Flash Player 9 and 10. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition.
DarkFiber Consulting encourages users and administrators to review the security advisory and implement the following workarounds until a fix is available:
- Disable Flash in Adobe Reader 9 on Windows platforms by renaming the following files: “%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll” and “%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll”.
Additional information regarding this vulnerability can be found in Technical Cyber Security Alert TA09-204A.
DarkFiber Consulting will provide additional information as it becomes available.
Posted in Security Alerts | No Comments »
Tagged With: Acrobat Adobe • Address • Adobe Acrobat • Adobe Reader • Arbitrary Code • Attacker • Cyber Security • Denial Of Service • Dll Reader • Flash Content • Flash Player 9 • Flash Reader • Programfiles • Reader Acrobat • Vulnerability • Windows Platforms • Workarounds
July 2nd, 2009 . by DarkFiber Consulting
Mozilla Foundation has released Firefox 3.0.11 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, mislead users, or obtain sensitive information. The Mozilla Foundation Security Advisories also indicate that many of these vulnerabilities also affect Thunderbird and SeaMonkey; however, updated versions of those packages are not currently available.
DarkFiber Consulting encourages users to review the Mozilla Foundation Security Advisories released on June 11, 2009 and apply any necessary updates or workarounds to help mitigate the risks.
Posted in Security Alerts | No Comments »
Tagged With: Address • Arbitrary Code • Attacker • Information Security • Mozilla Foundation Security Advisories • Necessary Updates • Thunderbird • Workarounds
May 9th, 2009 . by DarkFiber Consulting
Symantec has released three security advisories to address multiple vulnerabilities in Symantec Alert Management System, Log Viewer, and Reporting Server. These vulnerabilities may allow an attacker to execute arbitrary code, bypass security mechanisms, or leverage phishing attacks.
DarkFiber Consulting encourages users and administrators to review the following Symantec Security Advisories and apply any necessary updates or workarounds to help mitigate the risks:
DarkFiber Consulting also encourages users to continue following the best practices provided in the advisories to minimize future risks.
Posted in Security Alerts | No Comments »
Tagged With: Address • Alert Management • Arbitrary Code • Attacker • Best Practices • Javascript • Leverage • Log Viewer • Management System • Necessary Updates • Security Advisories • Security Mechanisms • Symantec • Symantec Security • Vulnerabilities • Workarounds
December 17th, 2008 . by DarkFiber Consulting
Microsoft has released Security Bulletin MS08-078 to address a vulnerability in Internet Explorer. This vulnerability is due to an invalid pointer reference in the data binding function. By convincing a user to view a specially crafted document that performs data binding (e.g., a web page, email message, or attachment), a remote, unauthenticated attacker may be able to execute arbitrary code.
DarkFiber Consulting encourages users to review Microsoft Security Bulletin MS08-078 and apply the update or workarounds listed in the bulletin to help mitigate the risks. Users may also want to consider implementing the best security practices listed in the Securing Your Web Browser document to strengthen their web browsers against future vulnerabilities.
Additional information regarding this vulnerability can be found in the Vulnerability Notes Database.
Posted in Security Alerts | No Comments »
Tagged With: Address • Arbitrary Code • Attacker • Best Security • Internet Explorer • Invalid Pointer • Microsoft • Microsoft Security Bulletin • Security Practices • Vulnerability Notes Database • Web Browser • Web Browsers • Web Page • Workarounds
November 4th, 2008 . by DarkFiber Consulting
Adobe has released a Security Bulletin to address multiple vulnerabilities in Adobe Reader 8 and Acrobat 8. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
DarkFiber Consulting encourages users and administrators to review Adobe Security Bulletin APSB08-19 and apply the solution provided in that document to help mitigate the risks.
Additional information and workarounds regarding these vulnerabilities can be found in the Vulnerability Notes Database.
Posted in Security Alerts | No Comments »
Tagged With: Acrobat • Address • Adobe Reader 8 • Arbitrary Code • Attacker • Denial Of Service • Security Bulletin • Vulnerabilities • Vulnerability Notes Database • Workarounds