Gladiator Research and Security

GSA Reference Number: AD111216-01

Simply Put: Adobe has released critical updates for its Reader, Acrobat, and Flash products.  High-risk vulnerabilities are present in these applications that could allow for remote code execution.  Gladiator recommends that institutions roll out these patches to all of their vulnerable workstations and servers as soon as possible.

Microsoft has announced eight new patches today, including six that could allow remote code execution.  Two patches are rated Critical by Microsoft and affect Microsoft Windows, Internet Explorer, the Microsoft .NET Framework, and Microsoft Silverlight.  Gladiator recommends you apply MS11-078 and MS11-081 due to the risk of remote code exploitation.  Detailed information regarding the patches can be found in Microsoft’s October Security Bulletin.  

Microsoft has announced four new patches today to fix 22 vulnerabilities.  One patch is rated Critical by Microsoft and affects Microsoft Windows.  The three other patches are rated Important by Microsoft and affect Microsoft Windows and Microsoft Office.  Gladiator recommends that users with impacted systems apply all patches immediately. Detailed information regarding the patches can be found in Microsoft’s July Security Bulletin. 

Microsoft has announced 17 new patches today to fix 64 vulnerabilities across Microsoft Windows, Microsoft Office, Internet Explorer, Visual Studio, .NET Framework, and GDI+.  Nine patches are rated Critical by Microsoft and affect Microsoft Windows, Office, and Internet Explorer.  The eight other patches are rated Important by Microsoft and affect Microsoft Windows, Microsoft Office, and Microsoft Developer Tools and Software.  Gladiator recommends that users with impacted systems apply all Critical patches immediately. Detailed information regarding the patches can be found in Microsoft’s April Security Bulletin.

GSA Reference Number: AD110412-01

Simply Put: Adobe has released a new security advisory regarding a critical vulnerability in Adobe Flash Player, Reader, and Acrobat.  The vulnerability could cause the programs to crash and possibly allow remote code execution.  These vulnerabilities are reportedly being exploited by malware authors at this time.  The attacks are being delivered in Word documents as email attachments.  No patch is available at this time.  Gladiator recommends that institutions inform their users of this threat and tell them not to open any Word document attachments without checking with their information security officer.

GSA Reference Number: AD110323-01

Simply Put: Adobe has released critical updates for its Reader, Acrobat, and Flash products.  High-risk vulnerabilities are present in these applications that could allow for remote code execution.  Gladiator recommends that institutions roll out these patches to all of their vulnerable workstations and servers as soon as possible.

GSA Reference Number: AD101117-01

Simply Put: Adobe has released an update for Adobe Acrobat and Reader versions 9.4 and earlier. This update fixes a publicly disclosed vulnerability that is currently being used to attack systems on the Internet.  This is a critical issue, and the patch should be applied as soon as possible.