Last week we warned our customers of a serious exploit with Adobe Flash. You can read all of the details here. Today Adobe released an update for Flash that fixes this vulnerability. We highly recommend that you download the latest version of Flash today!
Download:
July 30th, 2009There’s a new zero-day vulnerability in the wild that exploits a security hole found in the very popular Adobe Flash 9 & 10 Player. With the introduction of Adobe Acrobat 9 and Adobe Acrobat 9 Reader came the ability to embed/view Flash animations in PDF documents. Technically, this vulnerability affects Adobe Acrobat on all platforms. However, attackers have only targeted PC users at this point.
Attackers are exploiting this newly discovered security hole by embedding malicious Flash content in PDF files and then sending these infected documents to victims. Once the victim opens the infected PDF file, a data stealing trojan is then loaded onto the victims PC. Adobe announced today that a patch to fix the security vulnerability will be released next week. So what do you protect yourself until then? We’ll tell you how! Read full article »
July 24th, 2009Great News! We touched on the the high profile ActiveX vulnerability floating around in the wild in one of our previous posts and we have an update to share with everyone. Microsoft has officially stated that a patch WILL be released on Tuesday, July 14th! Make sure you have your automatic updates enabled, and more importantly allow the updates to install once they’re downloaded! To our managed services customers, the patches will be deployed across your networks as soon as the patches are available on Tuesday!
July 10th, 2009There’s been a new type of attack in the wild that Microsoft’s Security Research & Defense blog describes as a “browse-and-get-owned attack vector”. This only effects Windows XP machines and Server 2003 machines, but Microsoft recommends that users patch Windows Vista and Server 2008 to be safe.
So how does this attack occur and why should you be concerned? For this attack to be successful, the user simply has to open an email or browse to a website that opens a Video ActiveX Control. A malicious payload of the attacker’s choice is then downloaded onto the user’s system. This could be anything from annoying adware to password stealing programs that could allow an attacker to steal your online banking or Paypal credentials. Read full article »
July 8th, 2009