MAAS History
Disclaimer
exocrine exocrine

All information Provided as is.

Entries in Condition:GREEN (119)

Monday
Jun062011

Condition Remains GREEN

Adobe has updated Flash Player for MacOSX to version 10.3.181.22 to address a cross platform scripting vulnerability CVE-2011-2107 which has been exploited in the wild. 

We Recommend the following actions:

  • Update to the latest version of Flash Player.
  • Review your setting in System Preferences>Flash Player.
  • Consider using a browser extension that limits Flash Player's behavior.

 

 

Sunday
Jun052011

Condition Remains GREEN

We continue to see increase RISK related to Java, specific to the MacOS. It is our belief that criminals will take advantage of the cross platform nature and Apple's update cycle. 

We recommend the following actions:

  • If you do not need or use Java turn it off in Safari.
  • Do not Trust Unsigned Applets.
  • Restrict Java using the JavaPreferences.APP
  • Users should deselect "Auto-Fill" in browsers.

Check the following and remove all:

  • In Safari>Preferences>Auto File select "User Names and passwords"---> Edit and then remove all. 
  • In Safari>Preferences>Auto File select "Other"---> Edit and then remove all. 

Consider the following for Safari and Browsing:

  • Disable autofill from you browser for any form data.
  • Set save history to one day.
  • Make sure "Open Safe Files" is deselected in Safari.
  • Download files only to the download folder.
  • Set Remove Downloads to "When Safari Quits."
  • Never do Web Surfing as the Administrator, carry out daily task as a user that does not have administrator privileges.
  • Never use Safari on a Mac OSX Server, download files, confirm the hash and then move the file via network assets in your control.