MAAS History
Disclaimer
exocrine exocrine

All information Provided as is.

Entries by Sean OConnell Public (117)

Tuesday
Apr122011

Condition BLUE

We will be removing all Flash content from Magmatic.com by Saturday April 16, 2011 06:00ET.

 

Monday
Apr112011

Condition Remains GREEN

Adobe has posted Security Advisory APSA11-02 for Adobe Flash Player, Acrobat and Reader related to the Authplay.dll. The exploit was first reported publicly by http://krebsonsecurity.com/. The 0day is being used as part of a spear phishing campaign which includes a Microsoft Word document with the .SWF file embedded within it. At this time there is no attack specific to Mac OSX or iOS. 

Users and Administrators should take the following action:

  • Do not install Adobe products such as Reader or Flash on Mac OSX production servers.
  • Use Preview.app for PDF files.
  • Do not download files that are un-trusted via email. 
  • Disable Flash Player if you do not need it.
  • Use No Script, Click to Flash or Flash Block to block Flash content. 
  • Run the Flash Player via a Script in /usr/share/sandbox or custom script using any of the following: /usr/bin/sand-exec or /usr/bin/sand_init() ** See man pages for specifics. 
  • Beware of any attachments from un-trusted sources.
  • Do not add to the problem by forwarding an email from an un-trusted source.