Summary: This vulnerability affects: Adobe Reader and Acrobat X 10.1 and earlier, on Windows, Mac, as well as Reader 9.4.2 for UNIX How an attacker exploits it: Typically, by enticing your users into viewing a maliciously crafted PDF document Impact: In the worst case, an attacker can execute code on your computer, potentially gaining control of it What to do: Install … [Read more...]
Archives for September 2011
Windows Updates Fix WINS Issues & Insecure DLL Loading Vulnerability
Severity: Medium 12 July, 2011 Summary: These vulnerabilities affect: All current versions of Windows and components that ship with it How an attacker exploits them: Multiple vectors of attack, including sending specially crafted WINS messages and enticing users to open malicious documents Impact: Various. In the worst case, an attacker can gain control of your Windows … [Read more...]
Office Document Parsing Problems Cause a Predicament
Severity: High 13 September, 2011 Summary: These vulnerabilities affect: Most current versions of Microsoft Office and its components, as well as Office SharePoint and Groove servers and products. How an attacker exploits it: Typically by enticing one of your users to open a malicious Office document Impact: In the worst case, an attacker executes code on your user's … [Read more...]
Microsoft Black Tuesday: Updates for Mangled Office Documents and Malicious WINS Messages
Unless you're one of the eagle-eyed viewers that caught Microsoft's slip last Friday, today is the first day you get to see this month's batch of MS product patches. As expected, Microsoft only released five Important updates for Windows and Office products this month. While none of the updates fix overly critical issues, I'd still recommend you try to install them at your … [Read more...]
Five Microsoft Bulletins Expected for September Patch Day
Tomorrow, Microsoft plans to launch Patch Day for the month of September. It appears relatively minor, especially when compared to last month. According to their Advanced Notification post for September, Microsoft will only release five bulletins, fixing vulnerabilities in Windows and Office. None of the bulletins are Critical; Microsoft rates them all as Important. Though … [Read more...]