Site Archives

Adobe Shockwave Player Vulnerability

Posted on June 25th, 2009

GSA Reference Number: AD090625-01

Simply Put: Adobe Shockwave Player, which is used by browsers to play Shockwave media, has a remote code execution vulnerability in version 11.5.0.596 and earlier versions.  Adobe has released a new player to address this vulnerability.  Unfortunately, the current Shockwave Player must be uninstalled before upgrading.  The uninstall requires a reboot.

Adobe Patch Released for Acrobat and Reader

Posted on June 10th, 2009

GSA Reference Number: AD090610-01

Simply Put: Adobe has released a patch for multiple critical vulnerabilities affecting its Acrobat products.  This patch fixes multiple vulnerabilities regarding the Adobe products for both Windows and Mac operating systems.  The patch is available through the software update tool or by visiting the Adobe Security Bulletin linked below.  This is Adobe’s first patch release using its new quarterly release cycle.

June Microsoft Patch Tuesday

Posted on June 9th, 2009

Microsoft has announced 10 new patches for its monthly patch release cycle.  These patches fix multiple Microsoft products, including Windows, Internet Explorer, and Microsoft Office.   Six patches are rated Critical, and affect all of the previously listed products, thereby allowing for remote code execution on vulnerable systems.  Gladiator recommends that users  immediately apply all Critical patches to their systems.

SonicWALL SSL-VPN 200 Patch Released

Posted on June 2nd, 2009

GSA Reference Number: AD090602-01

Simply Put: SonicWALL has released a patch for an internal memory disclosure vulnerability in its SSL-VPN products.  Note, this is not a vulnerability with its firewall or unified threat management products, just the stand-alone SSL VPN devices.  The vulnerability allows an unauthenticated attacker to manipulate the portal login page to read parts of internal memory.  This vulnerability could lead to information disclosure.