Adobe Download Manager v2.2 released
FYI...
- http://www.adobe.com/support/securit...apsb06-19.html
December 5, 2006
"...Summary:
A critical vulnerability has been identified in Adobe Download Manager 2.1 and earlier versions that could allow an attacker who successfully exploits this vulnerability to take control of the affected system. It is recommended that users uninstall Adobe Download Manager 2.1 and earlier using the instructions provided*...
Affected software versions: Adobe Download Manager 2.1 and earlier...
Severity rating: Adobe categorizes this as a critical issue and recommends affected users uninstall any affected software..."
* http://www.adobe.com/support/securit...l#instructions
:fear:
Cyber Extortion via Web Mail
FYI...
- http://www.websense.com/securitylabs...hp?AlertID=714
December 11, 2006
"Websense® Security LabsTM has received reports of a new form of cyber-extortion. Unlike previously documented cases (where end-users were infected with malicious code, certain file types were encoded or encrypted, and a ransom message was left on the machine), this attack compromises users' online web mail accounts. When end-users logged into their web mail accounts (in this case Hotmail), they noticed that all their 'sent' and 'received' emails were deleted along with all their online contacts. The only message that remained was one from the attacker that requested they contact them for payment in order to receive the data back. In this case, the end-users had recently visited an Internet cafe where their credentials may have been compromised..."
(Screenshots available at the URL above.)
Previous Cyber Extortion (AKA Ransomware) alerts:
http://www.websense.com/securitylabs...hp?AlertID=194
http://www.websense.com/securitylabs...hp?AlertID=320
:spider: :mad:
Yahoo! Messenger ActiveX vuln - update available
FYI...
- http://secunia.com/advisories/23401/
Release Date: 2006-12-15
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: Yahoo! Messenger 5.x, 6.x, 7.x, 8.x
...The vulnerability is reported in versions obtained prior to Nov 2, 2006.
Solution: Update to the latest version.
http://messenger.yahoo.com/ ...
Original Advisory: http://messenger.yahoo.com/security_....php?id=120806
"...If you choose not to update and you have not updated via this page or Chat, the vulnerability will still exist."
:fear:
Firefox v2.0.0.1, v1.5.0.9 released
FYI...
- http://www.mozilla.org/security/#Security_Alerts
December 19, 2006
"Security updates have been issued for Firefox and Thunderbird that fix critical security vulnerabilities. All users should install these udpates as soon as possible.
Firefox 2.0.0.1 - http://www.mozilla.com/firefox/
Firefox 1.5.0.9 - http://www.mozilla.com/en-US/firefox/all-older.html
Thunderbird 1.5.0.9 - http://www.mozilla.com/thunderbird/
Users should get an automatic update notification; users who have turned off update notification can use the "Check for Updates..." item on the Help menu..."
Fixed in Firefox 2.0.0.1 & 1.5.0.9
> http://www.mozilla.org/projects/secu...s.html#Firefox
Fixed in Thunderbird 1.5.0.9
> http://www.mozilla.org/projects/secu...ml#Thunderbird
:spider: