Shockwave Player vuln - update v11.5.0.600 available
FYI...
Shockwave Player vuln - update v11.5.0.600 available
- http://www.adobe.com/support/securit...apsb09-08.html
June 23, 2009 - "A critical vulnerability has been identified in Adobe Shockwave Player 11.5.0.596 and earlier versions. This vulnerability could allow an attacker who successfully exploits this vulnerability to take control of the affected system... To resolve this issue, Shockwave Player users on Windows should -uninstall- Shockwave version 11.5.0.596 and earlier on their systems, restart, and install Shockwave version 11.5.0.600, available here: http://get.adobe.com/shockwave/ . This issue is remotely exploitable..."
- http://voices.washingtonpost.com/sec..._for_adob.html
June 25, 2009 - "...Readers should be aware that by default this patch will also try to install Symantec's Norton Security Scan, a clever marketing tool by Symantec that checks to see if you have malware on your system and then prompts you to buy their software to remove any found items. I find the bundling of a serious security update with this otherwise useless tool annoying, and potentially counter-productive... did they borrow the idea from the people pushing rogue anti-virus products (or was it the other way around?) At any rate, if you don't want this extra software, be sure to deselect that option before proceeding with the update."
http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1860
http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-2186
- http://secunia.com/advisories/35544/2/
Release Date: 2009-06-24
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Shockwave Player 11.x ...
Solution: Uninstall versions prior to 11.5.0.600, restart the system, and install version 11.5.0.600:
http://get.adobe.com/shockwave/
- http://www.us-cert.gov/current/#adob..._for_shockwave
June 24, 2009
:fear:
ColdFusion 8 input sanitization issue
FYI...
Hotfix available for potential ColdFusion 8 input sanitization issue
- http://www.adobe.com/support/securit...apsb09-09.html
July 8, 2009 - "... Adobe recommends affected ColdFusion customers update their installation using the instructions below:
NOTE: ColdFusion 8 customers who have not already done so should first update to ColdFusion 8.0.1*
* http://www.adobe.com/support/coldfus...dates.html#cf8 ...
Severity rating: Adobe categorizes this as a critical issue and recommends affected users patch their installations..."
Revisions: July 9, 2009 - Bulletin updated with Acknowledgment and information on ColdFusion 8.0 hotfix
(More detail and links at the first URL above.)
- http://secunia.com/advisories/35747/2/
Release Date: 2009-07-09
Critical: Highly critical
Impact: Exposure of system information, Exposure of sensitive information, System access
Solution: Update to version 8.0.1 and apply hot fix...
- http://blog.trendmicro.com/coldfusio...ss-compromise/
July 8, 2009
:fear:
0-day exploit in the wild - Adobe Flash player...
FYI...
- http://blogs.adobe.com/psirt/2009/07...r_and_fla.html
July 21, 2009 - "Adobe is aware of reports of a potential vulnerability in Adobe Reader and Acrobat 9.1.2 and Adobe Flash Player 9 and 10. We are currently investigating this potential issue and will have an update once we get more information."
> http://isc.sans.org/diary.html?storyid=6847
Last Updated: 2009-07-22 22:26:39 UTC ...(Version: 3) - "... the vulnerable component is actually the Flash player or, better said, the code used by the Flash player which is obviously shared with Adobe Reader/Acrobat. This increases the number of vectors for this attack: the malicious Flash file can be embedded in PDF documents which will cause Adobe Reader to execute it OR it can be used to exploit the Flash player directly, making it a drive-by attack as well. And indeed, when tested with Internet Explorer and the latest Flash player (version 10), the exploit silently drops a Trojan and works "as advertised". Another interesting thing I noticed is that the Trojan, which is downloaded in the second stage, is partially XOR-ed – the attackers probably did this to evade IDSes or AV programs scanning HTTP traffic. At the moment, the detection for both the exploit and the Trojan is pretty bad (only 7/41 for the Trojan, according to VirusTotal*)...
UPDATE: At the moment there is a low number of malicious sites serving the exploit, but we confirmed that the links have been injected in legitimate web sites to create a drive-by attack, as expected. It appears that the attackers created two different shellcodes as well, one for Firefox users (still have to confirm this) and the other for Internet Explorer users (this one is -confirmed- to work)."
* http://preview.tinyurl.com/l3wg89
File 34d6452000e1a9e0308702d082c897008a0481b0.EXE received on 2009.07.22 16:49:07 (UTC)
Result: 7/41 (17.07%)
- http://www.us-cert.gov/current/#adob...obat_and_flash
- http://www.kb.cert.org/vuls/id/259425
2009-07-22
- http://blogs.technet.com/srd/archive...gy-part-2.aspx
June 12, 2009
> FixIt4Me - Enable DEP for Office
> FixIt4Me - Enable DEP for IE
- http://www.theregister.co.uk/2009/07...tacks_go_wild/
22 July 2009
Update on Adobe Reader, Acrobat and Flash Player Issue
- http://blogs.adobe.com/psirt/2009/07...r_acrobat.html
July 22, 2009 7:08 PM
:fear::fear:
0-day Flash Player info update...
FYI...
- http://www.adobe.com/support/securit...apsa09-04.html
July 28, 2009 - "Adobe Flash Player 9.0.159.0 and 10.0.22.87, and earlier 9.x and 10.x versions installed on Windows operating systems for use with Internet Explorer leverage a vulnerable version of the Microsoft Active Template Library (ATL) described in Microsoft Security Advisory (973882). This critical vulnerability could allow an attacker who successfully exploits the vulnerability to take control of the affected system.
Note that this vulnerability is exclusive to Internet Explorer on Windows. Installations of Flash Player for Firefox or other web browsers on Windows are -not- vulnerable. We are in the process of developing a fix for the issue, and expect to provide an update for Flash Player v9 and v10 for Windows by July 30, 2009.
Users should consider installing MS09-034*. As a defense-in-depth measure, this Internet Explorer security update helps mitigate known attack vectors within Internet Explorer for those components and controls, such as Flash Player, that have been developed with vulnerable versions of ATL as described in Microsoft Security Advisory (973882) and Microsoft Security Bulletin MS09-035**..."
* http://www.microsoft.com/technet/sec.../ms09-034.mspx
** http://www.microsoft.com/technet/sec.../ms09-035.mspx
- http://secunia.com/advisories/35948/2/
Solution Status: Unpatched
Software: Adobe Flash Player 10.x, Adobe Flash Player 9.x ...
Changelog: 2009-07-29: Added information about control having been built using a vulnerable version of ATL.
:fear:
Adobe Shockwave v11.5.1.601 released
FYI...
Adobe Shockwave v11.5.1.601 released
- http://www.adobe.com/support/securit...apsb09-11.html
July 28, 2009 - "...Adobe recommends Shockwave Player users on Windows install Shockwave version 11.5.1.601, available here: http://get.adobe.com/shockwave/ .
Users who are unable to update to version 11.5.1.601 of Shockwave Player should consider installing MS09-034. As a defense-in-depth measure, this Internet Explorer security update helps mitigate known attack vectors within Internet Explorer for those components and controls, such as Shockwave Player, that have been developed with vulnerable versions of ATL as described in Microsoft Security Advisory (973882) and Microsoft Security Bulletin MS09-035... Adobe categorizes this as a critical update and recommends that users apply the update for their product installations..."
Once again ...
- http://voices.washingtonpost.com/sec..._for_adob.html
"... by default this patch will also try to install Symantec's Norton Security Scan, a clever marketing tool by Symantec that checks to see if you have malware on your system and then prompts you to buy their software to remove any found items. I find the bundling of a serious security update with this otherwise useless tool annoying, and potentially counter-productive... did they borrow the idea from the people pushing rogue anti-virus products (or was it the other way around?) At any rate, if you don't want this extra software, be sure to deselect that option before proceeding with the update."
- http://secunia.com/advisories/36049/2/
Release Date: 2009-07-29
Critical: Highly critical
Impact: System access, Exposure of sensitive information, Security Bypass
Where: From remote
Solution Status: Vendor Patch
Software: Shockwave Player 10.x, Shockwave Player 11.x, Shockwave Player 8.x, Shockwave Player 9.x
Solution: Update to version 11.5.1.601.
http://get.adobe.com/shockwave/
Original Advisory:
http://www.adobe.com/support/securit...apsb09-11.html ...
- http://www.us-cert.gov/current/#adob...ware_player_11
updated July 31, 2009
Test site: http://www.adobe.com/shockwave/welcome/
:fear:
Flash Player v10.0.32.18 released
FYI...
Flash Player v10.0.32.18 released
- http://get.adobe.com/flashplayer/
July 30, 2009 - Browser: Firefox, Safari, Opera
install_flash_player.exe
- http://get.adobe.com/flashplayer/otherversions/
July 30, 2009 - Internet Explorer
install_flash_player_ax.exe
Adobe Flash Player
- http://www.adobe.com/support/securit...apsb09-10.html
Release date: July 30, 2009
CVE number: CVE-2009-1862, CVE-2009-0901, CVE-2009-2395, CVE-2009-2493, CVE-2009-1863, CVE-2009-1864, CVE-2009-1865, CVE-2009-1866, CVE-2009-1867, CVE-2009-1868, CVE-2009-1869, CVE-2009-1870
"... Adobe recommends users of Adobe Flash Player 9.x and 10.x and earlier versions update to Adobe Flash Player 9.0.246.0 and 10.0.32.18. Adobe recommends users of Adobe AIR version 1.5.1 and earlier versions update to Adobe AIR 1.5.2*... Adobe categorizes these as critical issues and recommends affected users patch their installations..."
* http://get.adobe.com/air/
Adobe AIR 1.5.2 Installer - Windows , English | 15.1 MB
___
- http://www.adobe.com/support/securit...apsb09-10.html
Revisions:
July 31, 2009 - Bulletin updated with Adobe Reader and Acrobat updates, and correct Adobe Flash Player 9 download link.
... http://www.adobe.com/support/flashpl...loads.html#fp9
___
- http://www.adobe.com/support/securit...apsb09-10.html
Last revised: August 3, 2009 - "... Adobe recommends all users of Adobe Flash Player... upgrade to the newest version 10.0.32.18..."
- http://secunia.com/advisories/35948/2/
Last Update: 2009-08-10
Critical: Highly critical
Impact: Security Bypass, Exposure of sensitive information, System access
Where: From remote
Solution Status: Vendor Patch
Software: Adobe AIR 1.x, Adobe Flash Player 10.x, Adobe Flash Player 9.x ...
Solution: Update to Flash Player 9.0.246.0 or 10.0.32.18 and Adobe AIR version 1.5.2.
Flash Player version 10.0.32.18: http://www.adobe.com/go/getflashplayer ...
Adobe AIR version 1.5.2. http://get.adobe.com/air ...
- http://www.adobe.com/support/securit...apsb09-11.html
Release date: July 28, 2009 - "... Adobe recommends Shockwave Player users on Windows install Shockwave version 11.5.1.601, available here: http://get.adobe.com/shockwave/ ..."
- http://secunia.com/advisories/36049/2/
Release Date: 2009-07-29
Critical: Highly critical ...
Solution: Update to version 11.5.1.601.
http://get.adobe.com/shockwave/
Test both here: http://www.adobe.com/shockwave/welcome/
Adobe Reader v9.1.3 - Acrobat v9.1.3 released
FYI...
Adobe Reader v9.1.3 - Acrobat v9.1.3 released
- http://www.adobe.com/support/securit...apsa09-03.html
Last Updated: July 31, 2009
"...Adobe Reader
Users who download the full 9.1 installer from http://get.adobe.com/reader/ will be offered the Adobe Reader 9.1.3 patch by the Adobe Updater technology on first launch. Users can also click "Help > Check for Updates" to be sure their installation is fully patched and up-to-date...
Adobe Reader users on Windows can find the appropriate update here:
http://www.adobe.com/support/downloa...atform=Windows.
... Adobe Reader 9.1.3 update - Multiple Languages | 1.6MB | 7/31/2009 ...
Adobe Reader users on Macintosh can find the appropriate update here:
http://www.adobe.com/support/downloa...form=Macintosh.
Adobe Reader users on UNIX can find the appropriate update here:
http://www.adobe.com/support/downloa...&platform=Unix.
Acrobat
Acrobat Standard and Pro users on Windows can find the appropriate update here:
http://www.adobe.com/support/downloa...atform=Windows.
... Adobe Acrobat 9.1.3 Professional and Standard Update - Multiple Languages 1.6MB | 7/31/2009
Acrobat Pro Extended users on Windows can find the appropriate update here:
http://www.adobe.com/support/downloa...atform=Windows.
Acrobat Pro users on Macintosh can find the appropriate update here:
http://www.adobe.com/support/downloa...form=Macintosh.
Severity rating
Adobe categorizes these as critical issues and recommends affected users patch their installations..."
:fear:
Adobe ColdFusion/JRun updated
FYI...
Adobe ColdFusion / JRun multiple vulns - updates available
- http://secunia.com/advisories/36329/2/
Release Date: 2009-08-18
Critical: Moderately critical
Impact: Security Bypass, Cross Site Scripting, Exposure of system information, Exposure of sensitive information, System access
Where: From remote
Solution Status: Vendor Patch
Software: Adobe ColdFusion 8.x, Adobe ColdFusion MX 7.x, Macromedia Jrun 4.x ...
Original Advisory: Adobe:
http://www.adobe.com/support/securit...apsb09-12.html
"... Adobe categorizes these as critical issues and recommends affected users patch their installations..."
- http://www.us-cert.gov/current/index...for_coldfusion
August 18, 2009
- http://www.adobe.com/support/securit...apsb09-12.html
August 21, 2009 - Bulletin updated with additional information regarding CVE-2009-1876.
> http://download.macromedia.com/pub/c..._1872_1877.txt
"ColdFusion... hotfix includes fixes for CVE-2009-1872, CVE-2009-1877..."
> http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1872
> http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1877
> http://download.macromedia.com/pub/c...eadMe_1875.txt
"ColdFusion... hotfix for ColdFusion 7.0.2, ColdFusion 8, ColdFusion 8.0.1..."
> http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1875
> http://download.macromedia.com/pub/c...eadMe_1876.txt
"ColdFusion... fix for CVE-2009-1876..."
> http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1876
> http://download.macromedia.com/pub/c...eadMe_1878.txt
"... hotfix for ColdFusion 7.0.2, ColdFusion 8, ColdFusion 8.0.1.."
> http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1878
> http://download.macromedia.com/pub/c..._1873_1874.txt
"JRun... fixes for CVE-2009-1873, CVE-2009-1874..."
> http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1873
> http://web.nvd.nist.gov/view/vuln/de...=CVE-2009-1874
:fear::fear: