MAAS History
Archives

Entries by drStrangeP0rk (171)

Sunday
Nov072010

iOS4.1 Alarms Issue Continues in the US

As was reported from overseas last week, devices running iOS 4.1 repeating alarms in the Clock.app will not work correctly. It is also affecting various applications which use the alarm features. You have to disable the repeat feature and then after today (12:00 am Monday) set your alarms to repeat. This should fix the problem. 

Apple has anknowledge the problem and an update is in the works. Please visit support document TS3542 for more information. 

Friday
Nov052010

Adobe Releases Update 10.1.102.64 of Flash

Adobe has released an update of Flash Player 10.1.102 to address vulnerabilities related to APSB10-26. This included the AuthPlayLib.bundle flaw in Acrobat/Reader, the resulting crash can allow an attacker to gain system permissions of the current user. It is recommended that users update to the latest version of Flash here. Users should also recheck your setting manager settings after the install and check your privacy settings.

Tuesday
Nov022010

Sophos Releases a Free Home Anti-Virus for the Mac

Sophos, an excellent provider of Anti-Virus software has released a Mac Version of a Free Home Edition. If you have family or friends this product is an excellent alternative to ClamXav. 

http://www.sophos.com/products/free-tools/free-mac-anti-virus/

Thursday
Oct282010

Adobe Confirms 0day Related to Flash and Acrobat

Adobe has issues a security advisory which has confirmed a 0day that has been used in the wild which affects the Flash Player, Adobe Reader and Acrobat.The vulnerability is cross platform including earlier versions of Android. 

The vulnerability casues a crash and will allow a malicious actor to execute command with the users priviledges. Adobe has posted mitigation method on the attached advisory but this is a summary.

Adobe Reader 9.x - Macintosh 
1) Go to the Applications->Adobe Reader 9 folder. 
2) Right Click on Adobe Reader. 
3) Select Show Package Contents. 
4) Go to the Contents->Frameworks folder. 
5) Delete or move the AuthPlayLib.bundle file.

Acrobat Pro 9.x - Macintosh
1) Go to the Applications->Adobe Acrobat 9 Pro folder. 
2) Right Click on Adobe Acrobat Pro. 
3) Select Show Package Contents. 
4) Go to the Contents->Frameworks folder. 
5) Delete or move the AuthPlayLib.bundle file.

This vulnerability affects the AuthPlayLib.bundle file, we recommend using Preview.app for viewing of PDF files. 

Wednesday
Oct272010

Mac Trojan Spreading Via Social Networking Sites

There is a report that a Mac OSX Trojan is spreading via email, social media and networking sites. The delivery method uses Java, which has the added advantage to the attacker of being platform specific. The link usually states "is this you in this video" but has been seen in various forms. 

Currently Microsoft has reported a raise in malware related to Java. Since it is widely used and is not platform specific it would only be logical to use for malicious activity. (Flash and Acrobat is choose for these reasons. Secure Mac has labeled the virus trojan.osx.boonana.a and is offering a free removal tool. Users can also use Java Preferences.app to limit the effects including amount of cache available and  redistricting java apps using Verify Mixed Security Code that controls sand-boxing. Additionally setting related to allowing users to grant permissions and handling of signed/unsigned content. 

If Java is not used then it should be disabled in Safari. Check back as more information becomes available.