Adobe releases Updates for Reader, Acrobat, Coldfusion, Releases advisory for Flash
Adobe has released security updates for Adobe Acrobat and Reader resolving 92 security vulnerabilities. The Coldfusion update patches 3 vulnerabilities that could lead to cross-site scripting attacks or Java deserialization. In addition to these updates Adobe also released an advisory for a critical vulnerability (CVE-2016-4117) in Adobe Flash that could cause a crash and potentially allow an attacker to take control of the affected system. This vulnerability affects all users of Adobe Flash Player 21.0.0.226 and earlier versions.
Crypto payment options expanding
Two news ransomware products have been released, the first called TrueCrypter,encrypts your data using AES-256 encryption and then demands either .2 bitcoins or $115 USD in Amazon gift cards. The second called Alpha Ransomware encrypts your data with AES-256 encryption and then demands $400 USD in the iTunes Gift Cards.
This is another sign of how common Ransomware is becoming. As more people are infected it is effecting users who lack the knowledge to obtain Bitcoins and more payment methods are needed.
Surface Pro 4 and Book Firmware: Do not install
Microsoft issued massive sets of firmware updates for Surface Book and Surface Pro 4 last night, however today users are reporting hanging issues while updating as well as some experiencing a BSOD during the installation. We suggest not installing these until Microsoft has resolved the issues.
Oracle patches 136 Vulnerabilities
April patch release from Oracle is available and contains fixes for Oracle’s Database Server, E-Business Suite, Sun Products, MySQL, and Java SE, among other product families
Source: Oracle
Adobe Security Bulletin:CVE-2016-1019
Adobe released an updated security advisory earlier this week regarding a critical vulnerability that exists in Adobe Flash Player 21.0.0.197 and earlier versions. This vulnerability affects Windows, Macintosh, Linux, and Chrome OS and could cause the browser to crash or possibly allow for remote code execution, Adobe has introduced in Flash Player 21.0.0.182 a mitigation that protects users against attackers that attempt to exploit this vulnerability, but during today, the company is expected to release a security update. Users are advised to upgrade Flash Player in the moment a new update is released, and in case they haven’t done this yet, they can go to the Adobe Flash Player Download Center and download the software from there, and install it in each browser.
Adobe vulnerabilty patch released
Adobe vulnerability (CVE-2015-8651) affects Flash Player in Windows, Mac OS X, Linux and ChromeOS and that an immediate patch needed to be issued.
Affected versions are:
- Adobe Flash Player Desktop Runtime versions 20.0.0.235 and earlier for Windows and Macintosh
- Adobe Flash Player Extended Support Release versions 18.0.0.268 and earlier for Windows and Macintosh
- Adobe Flash Player Extended Support Release versions 18.0.0.268 and earlier for Windows and Macintosh
- Adobe Flash Player Desktop Runtime versions 20.0.0.235 and earlier for Windows and Macintosh
- Adobe Flash Player Extended Support Release versions 18.0.0.268 and earlier for Windows and Macintosh
- Adobe Flash Player for Google Chrome versions 20.0.0.228 and earlier for Windows, Macintosh, Linux and ChromeOS
- Adobe Flash Player for Microsoft Edge and Internet Explorer 11 versions 20.0.0.228 and earlier for Windows 10.
- Adobe Flash Player for Internet Explorer 10 and 11 versions 20.0.0.228 and earlier for Windows 8.0 and 8.1
Source: Adobe
Abobe final patch release for 2015: 78 Updates
Adobe has released their latest (and last) security update includeding 78 security vulnerabilities including five Priority 1 updates and five Priority 3 updates.
The patches affected all platforms, 56 of which addressed use-after-free vulnerabilities, 12 of which resolved memory corruption vulnerabilities and five fixed various types of overflow vulnerabilities, all of which could lead to code execution
Source: Adobe
Security: CryptoWall 4.0
Cryptolocker began circulating in 2013, with variants coming soon after. Designed to infect, encrypt and then ransom it has been shockingly effective. The typical infection vector of attack is phishing because the average user has proven to be susceptible to this type of attack.
These attacks begin with a zip file email attachment. Inside the zip is what appears to the user as a PDF/doc/text attachment, but this is actually the initial dropper. Once launched, this will silently drop an executable in a random temp or appdata. This will be what communicates to the command and control sever – which will then take information about your PC that’s already been gathered and then based on that info, drop the appropriate ransomware, pre-built for your PC environment.
The most significant change in CryptoWall 4.0 is that it now also encrypts the filenames of the encrypted files. Each file will have its name changed to a unique encrypted. The filenames are encrypted to make it more difficult to know what files need to be recovered.
We cannot stress enough how important managing email attachments is. At this point in time we recommend all clients regardless of size ensure there is more than a simple email policy in-place, that they have an active software based solution scanning their messages and limiting the exposure to mail based attacks.
Adobe update addresses issues in ColdFusion and LiveCycle DS and Premiere Clip
Adobe Tuesday released security updates that address three security issues affecting its ColdFusion, LiveCycle DS, and Premiere Clip 9 products. Updates are available from Adobe website.
Security: Adobe Flash Player updated
Adobe has issued an update to plug security holes in its Flash Player software this week including fixes for at least 17 vulnerabilities in the program and in Adobe Air.
With Flash being among the top exploits in the wild we strongly recommend you uninstall Adobe Flash when possible. Should you need Flash for specific functions we recommend using a secondary browser with Flash enabled while leaving it disabled in your primary browser.
capitalregionit 