Site Archives Advisory
Adobe Shockwave Player Vulnerability
GSA Reference Number: AD090625-01
Simply Put: Adobe Shockwave Player, which is used by browsers to play Shockwave media, has a remote code execution vulnerability in version 11.5.0.596 and earlier versions. Adobe has released a new player to address this vulnerability. Unfortunately, the current Shockwave Player must be uninstalled before upgrading. The uninstall requires a reboot.
Adobe Patch Released for Acrobat and Reader
GSA Reference Number: AD090610-01
Simply Put: Adobe has released a patch for multiple critical vulnerabilities affecting its Acrobat products. This patch fixes multiple vulnerabilities regarding the Adobe products for both Windows and Mac operating systems. The patch is available through the software update tool or by visiting the Adobe Security Bulletin linked below. This is Adobe’s first patch release using its new quarterly release cycle.
June Microsoft Patch Tuesday
Microsoft has announced 10 new patches for its monthly patch release cycle. These patches fix multiple Microsoft products, including Windows, Internet Explorer, and Microsoft Office. Six patches are rated Critical, and affect all of the previously listed products, thereby allowing for remote code execution on vulnerable systems. Gladiator recommends that users immediately apply all Critical patches to their systems.
SonicWALL SSL-VPN 200 Patch Released
GSA Reference Number: AD090602-01
Simply Put: SonicWALL has released a patch for an internal memory disclosure vulnerability in its SSL-VPN products. Note, this is not a vulnerability with its firewall or unified threat management products, just the stand-alone SSL VPN devices. The vulnerability allows an unauthenticated attacker to manipulate the portal login page to read parts of internal memory. This vulnerability could lead to information disclosure.
Adobe Releases Patch for Critical Acrobat Vulnerability
GSA Reference Number: AD090513-01
Simply Put: Adobe has released a patch for the critical vulnerability affecting its Acrobat products. This vulnerability was previously discussed in Gladiator Advisory AD090430-01 on April 30th, stating that all versions of Adobe Reader and Adobe Acrobat, on all operating systems, are affected by a Critical JavaScript Vulnerability.
May Microsoft Patch Tuesday
Microsoft has announced one new patch for its monthly release cycle. Although it doesn’t sound like a lot, this patch fixes a critical vulnerability in PowerPoint that is already being exploited by malicious entities. The patch is rated critical, and affects Microsoft PowerPoint 2000 through 2007. This exploit allows remote code execution on vulnerable systems. Gladiator recommends that users immediately patch all systems with Microsoft Office installed.
Critical Adobe Reader And Acrobat JavaScript Vulnerability
GSA Reference Number: AD090430-01
Simply Put: All versions of Adobe Reader and Adobe Acrobat, on all operating systems, are affected by a Critical JavaScript Vulnerability. Currently, Adobe has not released a patch for this issue. Gladiator recommends disabling JavaScript in Adobe Reader and Adobe Acrobat to help mitigate the issue.
Find It Quickly
Find what you're looking for quickly by using our keyword search. Can't find it? Try our links below.
Monthly Archives
Find posts by the month they were written.
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- July 2008
- May 2008
- April 2008
- March 2008
- January 2008
- December 2007
- November 2007