May 18, 2012

Posts Comments

You are here: Home / Archives for exploits

Google Chrome Vulnerabilities – Joe Reviews SB10-053 Cert Report (Video)

February 24, 2010 By Leave a Comment

Here is a review of this weeks Cert Advisory. Surprising number of Google Chrome issues this week, luckily Chrome is updated constantly and quietly without prompting. This is a weekly feature here at Managed Solutions.

    Popularity: 2% [?]

    Filed Under: IT Professionals, Security, Videos Tagged With: , , , ,

    Run Windows Updates – Joe Reviews SB10-046 Cert Report (Video)

    February 15, 2010 By Leave a Comment

    Here is a review of this weeks Cert Advisory. This week is Microsoft triage week, there are a ton of 9.3 severity and above (out of 10) vulnerabilities. This is a weekly feature here at Managed Solutions. What can you do to protect yourself:

    1. Perform Windows updates when prompted or visit http://update.microsoft.com/windowsupdate
    2. Perform Office Updates if you use any of the Micrososft Office family products at http://office.microsoft.com
    3. Be cautious with file attachments and links in Email and practice more careful browsing habits.

    Popularity: 2% [?]

    Filed Under: IT Professionals, Security, Videos Tagged With: , , , ,

    Joe Reviews SB10-040 Cert Report (Video)

    February 9, 2010 By Leave a Comment

    Here is a review of this weeks Cert Advisory. The main highlight are the vulnerabilities in Internet Explorer version 5, which is not broadly used. This is a weekly feature here at Managed Solutions.

    Popularity: 2% [?]

    Filed Under: IT Professionals, Security, Videos Tagged With: , , , ,

    Joe Reviews SB10-32 Cert Report (Video)

    February 1, 2010 By Leave a Comment

    These are weekly reviews of the reports from CERT. The main highlights are some Realplayer vulnerabilities and the Cisco Unified Meeting Place. This is a weekly feature here at Managed Solutions.

    Cisco Unified Meeting Place Bulletins

    Popularity: 2% [?]

    Filed Under: IT Professionals, Security, Videos Tagged With: , , , ,

    ADP Warns of Phishing Emails to Payroll Clients

    January 26, 2010 By 1 Comment

    We were made aware of an issue that ADP is reporting with some of their Payroll customers. Here is the text of the warning message they are sending their clients:

    “ADP is receiving reports of a phishing email scam targeting ADP EasyPayNet clients who perform their payroll via the Internet.  Phishing email scams are designed to mimic legitimate websites and are intended to compromise your login credentials.  The email is fraudulent and did not come from ADP.  Please immediately delete the email and do not click on any links in the email or enter any login information.  Please be aware that ADP would never send an email asking you to provide or enter your login credentials for any reason.”

    Here is a screenshot of the Phishing Email:

    Sample of ADP Phishing Email

    Sample of ADP Phishing Email

    Popularity: 24% [?]

    Filed Under: IT Professionals, News, Security Tagged With: , , , , , ,

    Joe Reviews SB10-25 Cert Report (Video)

    January 25, 2010 By Leave a Comment

    These are weekly reviews of the reports from CERT. Nothing too horrible this week, but I provide more insights into what to look for and why. I did review the Shockwave Player vulnerability after recording the video and determined that since it is not a common component for most of our audience it did not merit a separate bulletin and notice. This is a weekly feature here at Managed Solutions.

    Popularity: 2% [?]

    Filed Under: IT Professionals, Security, Videos Tagged With: , , , ,

    Update Your Adobe Acrobat Products Immediately

    January 18, 2010 By 9 Comments

    Here at Managed Solutions we do not raise the red flag often, but after reviewing the latest CERT advisory, we’ve done just that. Do not delay, upgrade your Adobe Acrobat and Acrobat Reader Products immediately to the latest version, apply the security patches or install adobe updater recommended updates. The US-CERT Bulletin for today SB10-018 indicates 6 different CVSS Score of 10 vulnerabilities for Adobe Acrobat and Acrobat Reader. Basically a CVSS Score of 10 indicates the highest threat level due to the remote code execution capability and these issues should be taken very seriously. There is a link at the bottom of this article to the resources at Adobe’s website as well as a download for the Windows Version of Adobe Acrobat, please pass the word.

    Access the security updates

    We’ve learned that some people are having problems downloading the update directly from Adobe’s website so we’ve put the Windows version of Adobe Acrobat Reader 9.3 here for download.

    Popularity: 7% [?]

    Filed Under: Security Tagged With: , , ,

    Firefox and Safari More Vulnerable than Internet Explorer Q1-Q2 2009

    November 9, 2009 By 1 Comment

    According to an Internetnews.com article this morning a study released today by security vendor Cenzic Firefox accounts for 44% of all browser vulnerabilities for January through June 2009. Safari (Apple) is second at 35% and Internet Explorer (Microsoft) is third at 15%. If you follow the space this will not come as a surprise. My advice would not be to recommend changing back to Internet Explorer if you use Firefox or Safari and like it. The advice would be to minimize the add-ons you use and always run the updater when prompted to do so.

    If you are interested in learning about issues like this as they emerge, sign up for our alerts.

    Popularity: 2% [?]

    Filed Under: News, Security, Technology Tagged With: , , , ,

    Internet Explorer Users Run Windows Updates – VU#180513 KB #972890 – ActiveX control

    July 15, 2009 By Leave a Comment

    Update 7/15/2009 – the link to “Disable” below will now take you to a page with a link to the security update for this issue. Not long ago an exploitable flaw with ActiveX control for streaming video was discovered and is being exploited. The flaw itself has not been patched and there are only work-arounds that involve disabling the controls. For this reason we are advising the following until a patch is available:

    1. Use an alternative browser such as Mozilla Firefox.
    2. Disable the vulnerable Active X controls.
    3. Be extremely cautious about what links are clicked/web pages are visited. (Only recommend to very experienced users)

    If you have questions about this vulnerability feel free to contact us.

    Popularity: 1% [?]

    Filed Under: Security, Technology Tagged With: , , , , , ,

    IE7 and Adobe Security Alert

    October 24, 2007 By Leave a Comment

    We have received a notice from US-CERT about a security flaw involving Internet Explorer 7 and Adobe Acrobat. The flaw only affects windows based machines that have Internet Explorer 7 and Adobe Acrobat products. If you have both of these products installed your system could be compromised if you opened a pdf file that was crafted to exploit this flaw. This flaw has been labelled critical, and we are prioritizing addressing this flaw with our customers.

    Who should be concerned?

    1. Anyone with both Internet Explorer version 7 and Adobe Acrobat installed.
    2. Anyone using Adobe Acrobat products version 8.1 or earlier in conjunction with Internet Explorer 7.

    If I meet the criteria that makes me vulnerable, what should I do?

    1. You should avoid opening PDF files from untrusted sources.
    2. You should apply an update for your Adobe Acrobat as soon as possible.
    3. If unable to install an update, you should disable the mailto: URI handler on your Adobe Product (See Adobe Security Bulletin APSB07-18 for details on how to do this).

    Where can I get more information about this problem?

    Related Posts Plugin for WordPress, Blogger...

    Popularity: 1% [?]

    Filed Under: Security, Technology Tagged With: , , , , , ,
    « Older Posts
    Newer Posts »