Archive for December 9th, 2009

Adobe Updates: Flash Player 10.0.42.34 & AIR version 1.5.3

Published December 9, 2009 patch , security Leave a Comment
Tags:

Adobe released the advisory APSB09-19 Security updates available for Adobe Flash Player back on the 3-Dec-2009 but updated it again on 8-Dec-2009 (for Patch Tuesday?)

Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.32.18 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system.
Adobe recommends users of Adobe Flash Player 10.0.32.18 and earlier versions update to Adobe Flash Player 10.0.42.34. Adobe recommends users of Adobe AIR version 1.5.2 and earlier versions update to Adobe AIR 1.5.3. [1]

There is also a current bulletin affecting Adobe Illustrator – APSA09-06 Security Advisory for Adobe Illustrator CS4 and Adobe Illustrator CS3 (2009-Dec-07)

CRP09-073, CRP09-074

Patch Tuesday Wednesday (DEC-2009)

Published December 9, 2009 microsoft , patch , Patch_Tuesday , security Leave a Comment

This month we have six (6) new security bulletins addressing 12 vulnerabilities. A restart will be required.

As noted in our Advance Notification (ANS) last Thursday, for the December bulletin release we issued six security bulletins addressing 12 vulnerabilities. Affected products include Windows, Internet Explorer (IE) and Microsoft Office products. [1]

Bulletin KB number Description Severity Impact Software
MS09-69 974392 Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service Denial of Service Important Microsoft Windows
MS09-070 971726 Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution Remote Code Execution Important Microsoft Windows
MS09-071 974318 Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution Remote Code Execution Critical Microsoft Windows
MS09-072 976325 Cumulative Security Update for Internet Explorer Remote Code Execution Critical Microsoft Windows
MS09-073 975539 Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution Remote Code Execution Important Microsoft Windows, Microsoft Office
MS09-074 967183 Vulnerability in Microsoft Office Project Could Allow Remote Code Execution Remote Code Execution Critical Microsoft Office

For this month:
Of specific interest this month is MS09-072 for which there are are expected to be attacks in the wild;

One of the vulnerabilities was the subject of Security Advisory 977981 due to public disclosure and affects IE 6 and IE 7 so customers running those versions should install this update as soon as possible. [1]

PATCH NOW:
NOW: MS09-070, MS09-071, MS09-072, MS09-073 and MS09-074

LINKS:
[1.] December 2009 Security Bulletin Release (2009-Dec-08) [MS: MSRC]
[2.] December 2009 Black Tuesday Overview (2009-Dec-08) [SANS]
[3.] Microsoft Security Bulletin Summary for December 2009 (2009-Dec-08) [MS]
[4.] Microsoft security updates for December 2009 (2009-Dec-08) [MS]
[5.] Assessing the risk of the December security bulletins (2009-Dec-08) [MS: SR&D]
[6.] Extended Protection for Authentication (2009-Dec-08) [MS: SR&D]

CRP09-072

December 2009
M T W T F S S
« Nov   Jan »
 123456
78910111213
14151617181920
21222324252627
28293031  

Categories

License

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 Australia License.

del.icio.us

Flickr Photos

LaserForce

Birthday Dragon

Birthday Dragon

Birthday Dragon

Birthday Dragon

New Bow

Day 10 | stars | #FMSphotoadayMAY 2013

2013 Mother's Day Classic

More Photos

Twittering

Cluster Map

Locations of visitors to this page
hacker emblem
Follow

Get every new post delivered to your Inbox.

Join 27 other followers