MAAS History
Archives

Entries from March 1, 2011 - March 31, 2011

Tuesday
Mar222011

Adobe Releases Updates to Reader, Acrobat and Flash

DateTuesday, March 22, 2011 at 09:50AM

Adobe has released updates to Reader, Acrobat and Flash to address the various 0Days which have been used in the wild since the advanced notice. All three products should be updated. We also recommend the following moving forward:

  • Do not install any Adobe products on production servers.
  • Preview.app should remain the application of choice to read PDF files.
  • Install Click to Flash, NoFlash or NoScript to limit Flash.
  • Change you Flash Control Panel Settings to maximize privacy.  
  • After an update your Flash Control Panel Settings change, set them to maximize privacy. 

 Check the referenced links below for more information directly from Adobe. 

AuthorSean OConnell Public | CommentPost a Comment | Reference2 References |
in , , , ,
Monday
Mar212011

APPLE-SA-2011-03-21-1 Mac OS X v10.6.7 and Security Update 2011-001  

DateMonday, March 21, 2011 at 05:49PM

Apple has released MacOSX 10.6.7 and Security Update 2011-001. This update is for server and client and includes over 50 fixes including security fixes for Safari, ImageIO, ATM, ClamAV, HFS, QuickLook and PHP. This update is mandatory is recommended to be installed, the update requires a reboot.

One interesting side note is that the File Quarantine now will flag OSX.OpinionSpy. This seems like an after thought and we recommend that users install a complete finished product such as Virus Barrier or Sophonos AntiVirus. Apple may decide to do something with this in the future or other developers but as it stands this feature does not provide adequate protection. 

 

AuthorSean OConnell Public | CommentPost a Comment | Reference1 Reference |
in , , , ,
Monday
Mar142011

Google Releases Chrome 10.0.648.133

DateMonday, March 14, 2011 at 09:01AM

Google has released an update to Chrome 10.0.648.133 after the Pwn2Own contest. This is a patch for the WebKit vulnerability which was exploited in other takedowns during the event including Safari. Google has been very proactive during Pwn2Own releasing 3 updates in total. From a contest standpoint it is a success for HP. Keep in mind that workable exploits are really the goal, it takes months to develop them and the systems are in default install state. 

The update addresses this CVE:

 

  • [$1337] CVE-2011-1290 [75712] High Memory corruption in style handling. Credit to Vincenzo Iozzo, Ralf Philipp Weinmann and Willem Pinckaers reported through ZDI.

 

AuthorSean OConnell Public | CommentPost a Comment | Reference1 Reference |
in , ,
Saturday
Mar122011

Using iOS 4.3 Then You Need ITUNES 10.2.1

DateSaturday, March 12, 2011 at 11:58AM

Apple has released an update to iTunes to solve the among other issues problems with Sync related to iOS 4.3. Users can download the update here. http://www.apple.com/itunes/download/ 

AuthorSean OConnell Public | CommentPost a Comment |
in , , , , ,
Wednesday
Mar092011

APPLE-SA-2011-03-09-2 Safari 5.0.4  

DateWednesday, March 9, 2011 at 04:48PM

Apple has released Safari 5.0.4 to address a host of issues included those related to libXML and WebKit. Users should apply this update to servers and clients using the software update tool. The update also includes the following improvements.

  • Improved stability for webpages with multiple instances of plug-in content
  • Improved compatibility with webpages with image reflections and transition effects
  • A fix for an issue that could cause some webpages to print with incorrect layouts
  • A fix for an issue that could cause content to display incorrectly on webpages with plug-ins
  • A fix for an issue that could cause a Screen Saver to appear while video is playing in Safari
  • Improved compatibility with VoiceOver on webpages with text input areas and lists with selectable items
  • Improved stability when using VoiceOver
AuthorSean OConnell Public | CommentPost a Comment | Reference1 Reference |
in , , , , ,
Page 1 2 3 Next 5 Entries »