Site Archives

New Adobe Acrobat and Reader Vulnerability

Posted on February 20th, 2009

GSA Reference Number: AD090220-01

Simply Put: Adobe Acrobat 9 and Reader 9 and earlier versions contain an unpatched critical vulnerability that allows arbitrary code execution.  Adobe has released an advisory on this issue, but a patch will not be released until March 11th.  A workaround has been published that will prevent code execution, but the application will still crash.

IE7 Vulnerability Being Exploited

Posted on February 19th, 2009

GSA Reference Number: AD090218-01

Simply Put: An Internet Explorer 7 vulnerability patched in the latest installment of Microsoft updates is now being exploited by malware authors.  The patch, designated MS09-002, fixed a memory corruption vulnerability, which can cause remote code execution.

Waledac, The New Storm Worm?

Posted on February 11th, 2009

Security researchers have seen a new worm, called Waledac, quickly spreading throughout many networks.  Many of these researchers feel that Waledac bears a striking resemblance to one of the most devastating worms of all time, Storm.  Like the Storm worm, Waledac is spread through emails that appear to be holiday themed “e-cards.”  So far, users and researchers have seen both Christmas and Valentine’s Day e-cards being used.

February Patch Tuesday

Posted on February 10th, 2009

Microsoft has released four patches resolving two Critical and two Important vulnerabilities in various Microsoft products.