Microsoft Access Snapshot Viewer ActiveX Vulnerability
GSA Reference Number: AD080708-01
Simply Put: Microsoft Access included with Microsoft Office 2000 through 2003, including Office XP, is vulnerable to remote exploitation through Internet Explorer. If a user with MS Access installed browses to a malicious website, arbitrary files could be copied to the users machine. The vulnerability can be used to run malicious code on a user’s machine without notification or permission. Gladiator feels this issue is extremely critical.
Adobe Flash Player Zero-Day Vulnerability
GSA Reference Number: AD080528-01
Simply Put: Adobe’s Flash Player has a new, zero-day vulnerability. Zero-day means the attack is being actively exploited on the internet and there is not a patch available. Adobe Flash Player is used to display flash files (.swf) in web pages – these files are normally seen as movies or animations. The vulnerability can be used to run malicious code on a user’s machine without notification or permission. Gladiator feels this issue is extremely critical.
Economic Stimulus Refund IRS Phishing Advisory
GSA Reference Number: AD080512-01
Simply Put: A new phishing scam is currently making its way around the internet. Phishers are sending out email which appears to come from the IRS with information on your 2008 Economic Stimulus Refund. The email requests that you fill out an online form with your personal information so the check can be directly deposited in your bank account. The link to the form is included in the email. This email is not from the IRS, and is designed to steal a person’s identity.
Previous Articles
Gladiator Research and Security
This site is here to provide security related information and articles to better protect your financial institutions. We'll be posting advisories, blog entries and trends often so be sure to check back weekly.