MAAS History
Archives

Entries by drStrangeP0rk (171)

Thursday
Feb182010

Mozilla Updates Older Versions of Firefox, Thunderbird and SeaMonkey

DateThursday, February 18, 2010 at 08:17AM

Firefox has updated older versions to address vulnerabilities related to memory corruption forcing users to disable Javascript. Version 3.6 is already patched and these updates only affect older versions such as 3.5X, 3.01X. Why update older version you say, well many companies update cycles are different and if they have internal web applications which have not been tested on the newer version they are hesitant to perform the upgrade right away. Home users should perform the upgrade right away.

Users should apply the patches, more importantly they should make sure they are running the latest version which can be found here.  

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in ,
Friday
Feb122010

Pre-announcement of Acrobat and Reader Update Related to 0day

DateFriday, February 12, 2010 at 07:37AM

The release of the recent Flash update has resulted in providing a template for attackers to exploit a 0day in Acrobat and Reader. Adobe's pre-announcement states they attend to make the update available February 16, 2010. 

Users should make sure that Preview.app is the default application for PDF files. There is very little reason to use Acrobat Reader for PDF files. In addition users should install Click to Flash which is available for Safari and Chrome. If you update to he latest Beta of Chrome you can install Extensions, one which we like is Flash Block which as the name suggest blocks Flash content.

The lesson is there is always residual and new risk in any update cycle, your process and policies should deal with this risk. Information Assurance is all about risk management.

AuthordrStrangeP0rk | CommentPost a Comment | Reference2 References |
in , , , ,
Thursday
Feb112010

Adobe Issues Critical Flash and Air Update

DateThursday, February 11, 2010 at 08:04PM

Adobe has issued a update for both Flash Player 10.0.42.34 and Air 1.5.4.1920 to address a critical vulnerabilities CVE-2010-0186 and CVE-2010-0187 which an attacker could subvert the domain sandbox and conduct unauthorized cross-domain requests. Users can visit the About Flash page to determine the version they are currently using. The download can be acquired from Flash Download Page.

To determine the version of Adobe Air is becomes a bit more complicated.

  • Inside the /Library/Frameworks/Adobe AIR.framework/Versions directory, you’ll find a numbered folder which represents the main version of the AIR runtime installed (for example 1.0
  • For more detailed information, open the/Library/Frameworks/AIR.framework/Versions/1.0/Resources/Info.plist text file and locate the <key>CFBundleVersion</key> entry, the corresponding string entry represents the version of AIR, for example: <string>1.5.3.9120</string>

The latest version of Air can be acquired here. After the user installs the updated version of Flash Player they should visit their setting panel to ensure that none of their privacy settings have changed. 

Currently it is the recommendation of Magmatic not to install Flash Player or any Adobe product on Mac OSX Server which includes Air, Flash, Acrobat or Acrobat Reader. If Adobe products are installed on systems users should never use a privileged account to access them. In addition for PDF users should set Preview.app as the default to open pdf files. 

 

AuthordrStrangeP0rk | CommentPost a Comment | Reference3 References |
in , , , ,
Tuesday
Feb092010

Microsoft Patch Tuesday Addresses Office 2004 Mac

DateTuesday, February 9, 2010 at 03:47PM

Microsoft patch Tuesday addressed vulnerabilities in Office 2004 Mac and is part of the 26 patches released. MS10-103 and MS10-104 are both ranked with mid level risk and impact by Microsoft. An attacker needs to entice a user to open a maliciously crafted Excel file or PowerPoint file. The impact is that the attacker gains the users privileges, if the user is logged in as an administrative user the impact will be critical. 

Users should never perform tasks such as email, word processing or web cruising as an administrator. In addition Mac users should never open files from un-trusted sources. In addition to anti-virus software network shares should be scanned especially if the users share documents across multiple platforms. Many Mac administrators do not have anti-virus software scanning Mac OSX server directories even though ClamXav engine is included for mail. See http://www.clamxav.com/index.php?page=dl for more information on how to set it to scan particular directories. Intego also offers a server product which is top notch.  

This update does not affect Office 2008 Mac.

AuthordrStrangeP0rk | CommentPost a Comment | Reference2 References |
in , ,
Friday
Feb052010

Safari 4.0.4 DOS Failure of Exception Handling

DateFriday, February 5, 2010 at 09:13AM

Majorsecurity.info is reporting a DOS vulnerability in Safari 4.0.4 and earlier versions. The vulnerability exist in the WebKit engine making other applications vulnerable. Although not listed in the Major Security Advisory the Mac platform is vulnerable resulting in first a slow script error and then a application crash.

The proof of concept posted demonstrates the flaw by creating a host of marquee tags causing Safari to crash. It has been confirmed that this does affect MacOSX in addition to the Windows Platform. The script cannot lead to remote code execution. 

AuthordrStrangeP0rk | CommentPost a Comment | Reference1 Reference |
in , ,
Page 1 ... 15 16 17 18 19 ... 35 Next 5 Entries ยป