In two posts [ 1 / 2 ] last week, I warned you about an Apple OS X Java update that fixed a vulnerability attackers were leveraging to spread a mac trojan called Flashback. According to reports, this botnet trojan infected over 600,000 Mac users. Today, Apple released yet another OS X Java update, this time designed to remove Flashback infections and to potentially mitigate … [Read more...]
Update OS X Java to Avoid Spreading Mac Malware
Summary: This vulnerability affects: OS X 10.7.x (Lion) and 10.6.x (Snow Leopard) How an attacker exploits it: By enticing you to a website containing maliciously crafted Java Impact: In the worst case, an attacker executes code on your user’s computer, with that user’s privileges What to do: Install Java for OS X Lion 2012-002 or Java for OS X 10.6 Update 7 immediately, … [Read more...]
Critical IE Cumulative Patch Closes Eight Code Execution Flaws
Severity: High 11 October, 2011 Summary: This vulnerability affects: All current versions of Internet Explorer (including IE9) How an attacker exploits it: By enticing one of your users to visit a malicious web page, or click a malicious link Impact: In the worst case an attacker can execute code on your user's computer, gaining control of it What to do: Deploy the … [Read more...]
Windows Updates Fix WINS Issues & Insecure DLL Loading Vulnerability
Severity: Medium 12 July, 2011 Summary: These vulnerabilities affect: All current versions of Windows and components that ship with it How an attacker exploits them: Multiple vectors of attack, including sending specially crafted WINS messages and enticing users to open malicious documents Impact: Various. In the worst case, an attacker can gain control of your Windows … [Read more...]
Two Visio Document Parsing Vulnerabilities
Severity: Medium 10 August, 2011 Summary: This vulnerability affects: All current versions of Microsoft Visio How an attacker exploits it: By enticing one of your users into opening a maliciously crafted Visio document Impact: An attacker can execute code, potentially gaining complete control of your users' computers What to do: Deploy the appropriate Visio patches as soon … [Read more...]