CRITICAL HARDWARE UPDATES
|
There are no critical hardware updates for this issue.
|
CRITICAL SOFTWARE UPDATES
|
ADOBE
If you are not running the Adobe automatic updater, please
update your Abode software!
Please note that the Microsoft Bulletin below (Embedded
OpenType Font Engine) affects Adobe Flash Player so you need to update that
also!
Adobe has released Security bulletin APSB10-02, which
describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
The update and security bulletin was issued January 12 and
we are seeing people taking advantage of the vulnerability already!
TECHS: Please read: NOS Microsystems Adobe getPlus
Helper ActiveX control contains stack buffer overflow Vulnerability Note,
located here: https://www.kb.cert.org/vuls/id/773545
And, Adobe Acrobat and Reader contain a use-after-free
vulnerability in the JavaScript Doc.media.newPlayer method Vulnerability Note,
located here: https://www.kb.cert.org/vuls/id/508357
MICROSOFT
If you do not have Microsoft Auto-update enabled or you wait to install
the updates, please update immediately!
Microsoft Security Bulletin MS10-001 - Critical
Vulnerability in the Embedded OpenType Font Engine Could
Allow Remote Code Execution (972270)
http://www.microsoft.com/technet/security/Bulletin/MS10-001.mspx
This affects a majority of the Microsoft Operating Systems
including the new Windows 7!
Microsoft Security Advisory (954157)
Security Enhancements for the Indeo Codec
http://www.microsoft.com/technet/security/advisory/954157.mspx
This security patch affects Windows XP, Windows 2000, and some of the
Windows Server operating systems.
TECHS: Please see: http://support.microsoft.com/kb/954157
|
