www.gladtech.net

IE 0-day Exploit

Posted on December 11th, 2008 by Ryan Spanier

Internet Explorer 7 has a new 0-day exploit, meaning that it is currently being exploited through malicious websites and there is no patch available.  If a user visits a malicious site, there is a possibility that an attacker could run arbitrary code on the system.  The exploit appears to use a vulnerability in Internet Explorer’s handling of XML code.  This issue has been confirmed for users with IE 7 running Windows XP or Windows 2003.   Further details are not available at this time. Gladiator recommends that users run the Firefox browser, if possible, for general web browsing until a patch is released.

Web Based Operating Systems

Posted on December 10th, 2008 by Benjamin Harbin

If you have been reading the news or surfing any IT based websites, you may have heard of “cloud computing,” a new buzz word going around.  Cloud computing is a new style of providing IT or business applications and services via the Web or Internet “cloud.”  One very popular form of cloud computing is Google Apps.  With Google Apps, Google is able to provide many publishing applications, similar to Microsoft’s Desktop Suite (Word, Excel, PowerPoint), over the Web.  Users can log in via an Internet browser and access the applications that are actually running on servers hosted by Google.

December Patch Tuesday

Posted on December 10th, 2008 by Ryan Spanier

Microsoft has released 8 new patches resolving 6 critical and 2 important vulnerabilities found in its various products.  The vulnerability for the Visual Basic 6.0 ActiveX Control has publicly available exploit code, so it should be patched as soon as possible. The products with critical severity vulnerabilities include:

  • GDI
  • Windows Search
  • Internet Explorer
  • Visual Basic 6.0 Runtime Extended Files (ActiveX Controls)
  • Microsoft Office Word
  • Microsoft Office Excel

Previous Articles

DSL/Cable Modems Vulnerable to CSRF Attacks

Posted on December 8th, 2008 by Scott Dale

BlackBerry Desktop Software ActiveX Vulnerability

Posted on December 5th, 2008 by Ryan Spanier

SonicWALL Licensing Server Failure

Posted on December 4th, 2008 by Ryan Spanier

CheckFree BillPay DNS Hijacking

Posted on December 3rd, 2008 by Ryan Spanier

Gladiator Research and Security

This site is here to provide security related information and articles to better protect your financial institutions. We'll be posting advisories, blog entries and trends often so be sure to check back weekly.