Summary: This vulnerability affects: OS X 10.5.x (Leopard) and 10.6.x (Snow Leopard) How an attacker exploits it: By enticing your users to a malicious website containing specially crafted Java applets Impact: In the worst case, an attacker executes code on your user’s computer, with that user’s privileges What to do: Install Java for OS X 10.5 Update 9 or Java for OS X … [Read more...]
Two Visio Code Execution Vulnerabilities
Severity: Medium 8 February, 2011 Summary: This vulnerability affects: Visio 2002, 2003, and 2007 (not 2010) How an attacker exploits it: By enticing one of your users into opening a maliciously crafted Visio document Impact: An attacker can execute code, potentially gaining complete control of your users' computers What to do: Deploy the appropriate Visio patch as soon as … [Read more...]
IIS FTP Service Buffer Overflow Vulnerability
Severity: High 8 February, 2011 Summary: This vulnerability affects: The IIS FTP service running on Windows Vista, 2008, 7, and 2008 R2 How an attacker exploits it: By sending a specially crafted FTP command Impact: In the worst case, an attacker gains complete control of your IIS server What to do: Deploy the appropriate IIS update immediately, or let Windows Automatic … [Read more...]
Cumulative IE Update Fixes Four Code Execution Flaws
Severity: High 8 February, 2011 Summary: This vulnerability affects: All current versions of Internet Explorer, running on all current versions of Windows How an attacker exploits it: Typically, by enticing one of your users to visit a malicious web page Impact: In the worst case an attacker can execute code on your user's computer, gaining complete control of it What to … [Read more...]