Today's Adobe Patches and Vulnerablities
It is not easy to keep up with Adobe these days. Patches and new exploits are almost released on a daily schedule. So here is the current "State of Adobe" the way I see it:
| Product | Latest Version | Latest Vulnerabilities |
|---|---|---|
| PDF Reader | 9.4.0 |
version 9.4.0 (latest version) is vulnerable |
| Flash Player | 10.1.102.64 | version 10.1.85.3 is vulnerable. Patch released today (Nov. 4th) "Authplay Vulnerability" CVE-2010-3654 |
| Shockwave Player | 11.5.9.615 | 11.5.9.615 (latest version) is vulnerable Shockwave Settings" Use-After-Free Vulnerability) Secunia# SA42112, no CVE Number assigned yet |
| Acrobat | 9.4.0 | version 9.4.0 (latest version) is vulnerable "Authplay Vulnerability" CVE-2010-3654
|
| Air | 2.5 | version 2.0.3 is vulnerable (old version) |
Please let me know if you have corrections, or better if you find a simple overview about "the state of Adobe bugs" on Adobe's own site. Any Adobe people out there: Feel free to copy the concept :). This table will be "frozen" to today's state and we may update similar, updated tables in the future as a new article.
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Microsoft Smart Screen False Positivies
We received a couple of reports about Microsoft's "Smart Screen" flagging harmless sites as malicious. Initially, we considered the possibility of an infected ad service. But it may be a bug in Smartfilter as well. Some reports on twitter [1] show that the problem has been resolved.
Please let us know if you have sample URLs that are still affected.
To disable smart screen: Select "Internet Options" from the "Tools" menu. Select the "Advanced" tab and find the "Enable SmartScreen Filter" setting (about the 10th item from the bottom. Scroll all the way down). Needless to say: This will also remove the smart screen protection from real-evil sites, not just from appear-to-be-evil-to-smartscreen-today sites. The setting should only be changed if you can't wait for the problem to be fixed.
[1] http://twitter.com/#!/search/%23smartscreen
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Microsoft Patches Pre-Announcement
Microsoft published its pre-announcement for next Tuesday's patch release [1]. Looks light and easy this time. A total of 3 patches. One for Office, one for Powerpoint and one for the Forefront Unified Access Gateway.
Note that the Office patch will apply to the just released Office for Mac 2011.
[1] http://www.microsoft.com/technet/security/bulletin/ms10-nov.mspx
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
DNSSEC Progress for .com and .net
VeriSign announced that starting December 9th, .net and .com domains will be authenticated using DNSSEC. Right now, signatures are available for .net and .com, but they are not yet valid. The roll out will happen in stages, similar to the roll out for the root zone.
Verisign also offers a nice DNSSEC debugger [2]. In case you implement DNSSEC, use it to test your zone, as well as a DNSSEC Test site [3] to check if your resolver uses DNSSEC.
[1] http://www.verisign.com/domain-name-services/domain-information-center/dnssec-resource-center/index.html
[2] http://dnssec-debugger.verisignlabs.com/
[3] http://test.dnssec-or-not.org/
[4] http://www.h-online.com/security/news/item/Fast-start-of-DNSSEC-with-net-and-com-1128982.html
and if you missed it... the solution is out for our DNSSEC related packet challenge: http://johannes.homepc.org/packet.txt
------
Johannes B. Ullrich, Ph.D.
SANS Technology Institute
Twitter
Comments
Anonymous
Dec 3rd 2022
9 months ago
Anonymous
Dec 3rd 2022
9 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
Anonymous
Dec 26th 2022
9 months ago
Anonymous
Dec 26th 2022
9 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
9 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
9 months ago
Anonymous
Dec 26th 2022
9 months ago
https://defineprogramming.com/
Dec 26th 2022
9 months ago
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/
https://defineprogramming.com/
Dec 26th 2022
9 months ago
rthrth
Jan 2nd 2023
8 months ago