According to an Adobe security advisory, Flash Player suffers from a zero day vulnerability, which attackers are currently leveraging in the wild to execute malicious code on victim computers. It seems like just last month I described this exact same zero day Adobe Flash vulnerability.... oh, wait. That's because I did! Ok, fine. They aren't technically exactly the same, but … [Read more...]
Archives for April 2011
Privacy Bill of Rights – Right to Security and Accountability, part I
In the latest Draft of the “Commercial Privacy Bill of Rights Act of 2011,” the first Title, “Right to Security and Accountability” is actually quite short – in fact, the Right to Security section contains just 53 words. The key provision reads, “…to require each covered entity to impose reasonable security measures to protect covered information it collects and … [Read more...]
Thirteen Windows Bulletins Patch 18 Security Holes
Critical SMB, DNS, and ActiveX Flaws Corrected Severity: High 12 April, 2011 Summary: These vulnerabilities affect: All current versions of Windows and components that ship with it How an attacker exploits them: Multiple vectors of attack, including sending specially crafted network traffic or enticing your users to view malicious images Impact: Various results; in the … [Read more...]
Malicious Office Documents Could Open Doors into Your Network
Severity: High 12 April, 2011 Summary: These vulnerabilities affect: Most current versions of Microsoft Office, and the components that ship with it How an attacker exploits it: Typically by enticing one of your users to open a malicious Office document Impact: In the worst case, an attacker executes code on your user's computer, gaining complete control of it What to do: … [Read more...]
IE Update Corrects Code Execution and Information Disclosure Flaws
Severity: High 12 April, 2011 Summary: This vulnerability affects: All current versions of Internet Explorer, running on all current versions of Windows How an attacker exploits it: Typically, by enticing one of your users to visit a malicious web page Impact: In the worst case an attacker can execute code on your user's computer, gaining complete control of it What to do: … [Read more...]