Blog

Have I mentioned before the importance of keeping up to date with your software, and keeping track of the security issues that crop up almost like weeds in the summer? Here’s a summary of the updates that we’ve noted within just the past week. If you haven’t updated, please do so as soon as possible! We need to stay a step ahead of the bad guys!

Just check out this major laundry list of updates this week:

Apple Software Security – a couple of important updates for Apple software users this week:

Safari Browser updated to 4.0.3 – Five vulnerabilities were fixed in the latest update to Safari, including two that allowed a remote user to execute arbitrary code on a target machine, one that allowed a web site to promote itself to the “Top Sites” view, one that allows a remote user to obtain potentially sensitive information, and one that allows URL spoofing. Use your Apple Software Update utility or go to the Safari download page.

Mac OS X 10.5.8 Leopard – Security Update 2009-004 was released, fixing a problem with BIND that could allow a hacker to cause the BIND DNS server to terminate. The release can be downloaded and installed via Software Update preferences, or from Apple Downloads.

It had to happen – a rootkit tool suite has been released for Mac OS X. This can only lead to bad things.

IPhone OS 3.0.1 – just catching up here, but a vulnerability with SMS (that’s right, text messaging) can allow a hacker to gain full control of your phone. If you’re running 3.0, update to 3.0.1 as soon as possible!! There’s another glitch that hasn’t been fixed yet, allowing deleted emails to rise from the dead using Spotlight search… sigh. Maybe in OS 3.1?

Adobe Software Security – there have been a number of issues identified in the past week, if you have this software installed, check for the latest updates:

Adobe Flex 3.3 SDK and earlier – An “important” vulnerability that could result in cross-site scripting. Get the update to Flex 3.4 SDK here.

ColdFusion 8.0.1 and earlier, and JRun 4.0 – Critical vulnerabilities in ColdFusion that could lead to compromised user accounts or even compromised systems. Updates to JRun that resolve a management console vulnerability and a cross-site scripting vulnerability. Get the Hotfix for both ColdFusion and JRun here.

Adobe Reader 9.1.0 and 8.1.3 have an UNPATCHED vulnerability that could lead to local privilege escalation. This is classified as a “moderate” risk, as an attacker would have to have access to the target computer to exploit it. Expect a future update for this. You can read the gory details, as well as detection and mitigations instructions here.

WordPress 2.8 – 2.8.3 have a vulnerability that allow a remote user to reset that administrative password. Upgrade using your WP dashboard or by downloading WordPress 2.8.4.

Other miscellaneous updates:

Pidgin 2.5.8 and earlier instant messenger client has a vulnerability that can allow a remote user to execute arbitrary code on a target system. A version 2.6 was released, but there were issues with Yahoo. Get the update to Pidgin 2.6.1 here.

Computer Associates’ CA Internet Security Suite has a vulnerability that allows a local attacker to cause a denial of service. Upgrade to r4 (9.0.0.184) or r5 (10.0.0.217) as soon as possible. If you have version r3, upgrade to r5 as soon as possible. Read more at the CA support website.

CA has been having worse issues with false positives – at times sequestering critical OS files or even their own applications, and rendering systems totally un-bootable. CA is offering a tool to “de-quarantine” the wrongly sequestered files. Visit their site for more information.

Finally, Kaspersky Lab’s Internet Security application began flagging HSBC’s banking site as a malicious site containing a Trojan virus. Updates have been released and are available through the product’s automatic update feature.

Wow, is that enough for one week? Please keep up to date with your software, keep those systems safe and protected! I can’t stress it enough. Know of another security issue I’ve missed, or have more information on one I’ve covered? Feel free to leave feedback below.