Destroy PC Viruses

Home

Cisco Network Building Manager Vulnerabilities

Friday, 28 May 2010 21:04 |

Cisco has released a security advisory to address multiple vulnerabilities in Network Building Manager. The advisory indicates that the legacy Richards-Zeta Mediator products are also affected by these vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to operate with escalated privileges or obtain sensitive information.

US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100526-mediator and apply any necessary updates to help mitigate the risks.

Foxit Releases Foxit Reader 3.3

Monday, 10 May 2010 22:59 |

The Foxit Corporation has released Foxit Reader 3.3 for Windows. This release of Foxit Reader contains a component called Trust Manager. Foxit Reader release notes indicate that the Trust Manager enables users to allow or deny unauthorized actions and data transmission, including URL connection, attachments PDF action, and JavaScript. This addresses the vulnerability in the PDF specification /Launch function.

US-CERT encourages users and administrators to review the Foxit Reader 3.3 release notes and upgrade to Foxit Reader 3.3 to help mitigate the risks associated with the PDF specification /Launch function vulnerability. Additional information regarding the /Launch function vulnerability can be found in the Vulnerability Notes Database.

Apple Safari Vulnerability

Monday, 10 May 2010 22:59 |

US-CERT is aware of a vulnerability affecting Apple Safari. By convincing a user to open a specially crafted web page, an attacker may be able to execute arbitrary code. Exploit code for this vulnerability is publicly available.

US-CERT encourages users and administrators to disable JavaScript as detailed in the Securing Your Web Browser document until a fix is provided by the vendor. Additional information regarding this vulnerability can be found in the Vulnerability Notes Database.

US-CERT will provide additional information as it becomes available.

Microsoft Releases Advance Notification for May Security Bulletin

Monday, 10 May 2010 22:59 |

Microsoft has issued a Security Bulletin Advance Notification, indicating that its May release cycle will contain two bulletins. Both of these bulletins will have the severity rating of critical and will be for Microsoft Windows, Office, and Visual Basic for Applications. Release of these bulletins is scheduled for Tuesday, May 11, 2010.

US-CERT will provide additional information as it becomes available.

Microsoft Re-Releases Security Update for MS10-025

Monday, 03 May 2010 01:27 |

Microsoft has re-released the security update related to Microsoft security bulletin MS10-025. This vulnerability affects Windows Media Services running on Windows 2000 Server. The original release of this update had been revoked last week because it did not effectively correct the underlying vulnerability.

US-CERT encourages users and administrators to review Microsoft security bulletin MS10-025 and apply the update as necessary to help mitigate the risks. Additional information regarding the re-release of this update can be found in the Microsoft Security Response Center blog.

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 4 of 26