Network Services


June 18, 2009

ADOBE SECURITY BULLETIN: Adobe describes issues that affect versions of Adobe Reader and Acrobat, by convincing a user to visit a website and opening a malicious PDF file in the user’s browser. An attacker could then execute code or cause a computer to crash. Please note that some web browsers are configures to open PDF files automatically.

What to do: Do not access PDF documents from un-trusted sources. If you feel you have opened something by mistake, please contact BDS for support.

June 23, 2009
Mozilla Multiple Products Multiple Vulnerabilities Mozilla foundation has released Firefox 3.0.11 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, mislead users, or obtain sensitive information. The Mozilla Foundation Security Advisories also indicated that many of these vulnerabilities also affect Thunderbird and SeaMonkey; however, updated versions of those packages are not currently available.

What to do: Users are encouraged to apply any necessary updates or workaround to help mitigate the risks.

Relevant URL: Apple iPhone Multiple Vulnerabilities Apple has released iPhone OS 3.0 to address multiple vulnerabilities across many packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks.

What to do: Users are encouraged to review Apple article HT3639 and upgrade iPhone OS 3.0 to help mitigate the risks.

Relevant URL: < http://support.apple.com/kb/HT3639> Apple Mac OS X Java Pointer Dereference Remote Code Execution Vulnerability Apple has released Java for Mac OS X 1.4 Release 9 and Java for Mac OS X 10.5 Update 4 to address multiple vulnerabilities in Java. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

What to do: Users and administrators are encouraged to review Apple articles HT3632 and HT3633 and apply any necessary updates to help mitigate attacks. Relevant URLs: ;< http://support.apple.com/kb/HT3633>

June 29, 2009
NINE BALL is a recent multi-layered Web browser attack that has already infected approximately 40,000 sites. Nine Ball targets legitimate websites to redirect users to malicious sites owned by the attacker and infects PCs through a number of exploits, including Adobe Reader and Quick Time. It then tries to download Trojans and keylogger code without the user’s consent or knowledge. Once infected, anything the victim types can be monitored and used to commit identity theft, such as credit card numbers, passwords and much more. A new spammed malware attack is impersonating messages from Twitter. Researchers at Symantec say that the attack attempts to pose as an invitation for the target to join the Twitter site with the message ‘your friend has invited you to Twitter’

What to do: As always, contact BDS for support if you feel that you have been a target of this threat.

Apr09     Jun09    Jul09    Aug09    Sep09    Oct09    Nov09    Dec09    Jan10 
©2010 BDS - Business Data Services