John Ellis CPA at the John Ellis Company: safari

Showing posts with label safari. Show all posts

Tuesday, May 28, 2013

WEEKEND VULNERABILITY AND PATCH REPORT

May 26, 2013

The following software vulnerabilities and updates were announced by Citadel Information Group. They strongly recommend that readers update their computers and take other action as indicated. This is from an e-mail received from Stan Stahl, Ph.D. [www.citadel-information.com] and posted with his approval.

Important Security Updates

Apple QuickTime: Apple has released version 7.7.4 of QuickTime to fix at least 12 vulnerabilities , some of which are highly critical. Updates are available from within the program or Apple's website.

Google Chrome: Google has released version 27.0.1453.93 of Chrome. Updates are available through the browser or Google's website. See unpatched vulnerabilities below in versions prior to 27.0.1453.93.

Current Software Versions

Adobe Flash 11.7.700.202 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.7.700.202 [Windows 8: IE]

Adobe Flash 11.7.700.202 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.03

Dropbox 1.6.11 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]

Firefox 21 [Windows]

Google Chrome 27.0.1453.93

Internet Explorer 10.0.9200.16521 [Windows 7: IE]

Internet Explorer 10.0.9200.16519 [Windows 8: IE]

Java SE 7 Update 21 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have particular web sites that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser - such as Chrome, IE9, Safari, etc - with Java enabled to browse only the sites that require it.]

QuickTime 7.7.4

Safari 5.1.7 [Windows]

Safari 6.0.4 [Mac OS X]

Skype 6.3.0.105

Newly Announced Unpatched Vulnerabilities

Google Chrome: Secunia reports at least 27 highly critical unpatched vulnerabilities in versions prior to 27.0.1453.93 of Google's Chrome. No patches are available at this time. Update to version 27.0.1453.93 of Chrome.

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel's website.

If you are responsible for the security of your computer, Citadel's Weekend Vulnerability and Patch Report is for you. We strongly urge you to take action to keep your workstation patched and updated.

If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.

Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that "exploit" vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they usually issue an update patch to fix the code running in their customer's computers.

Citadel publishes our Weekend Vulnerability and Patch Report to alert readers to some of the week's important updates and vulnerabilities. Our focus is on software typically found in the small or home office (SOHO) or that users are likely to have on their home computer. The report is not intended to be a thorough listing of updates and vulnerabilities.

Copyright © 2013 Citadel Information Group. All rights reserved.

Monday, May 20, 2013

WEEKEND VULNERABILITY AND PATCH REPORT

May 19, 2013

Important Security Updates

Adobe Acrobat: Adobe has released an update to Acrobat to fix at least 27 vulnerabilities, some of which are highly critical. Updates are available from within the program or Adobe's website.

Adobe Flash: Adobe has released updates for several versions of its Flash Player to fix at least 13 highly critical vulnerabilities, including Windows, Mac, Linux and Android devices. Updates are available from within the program or Adobe's website. Updates are also available for Adobe AIR.

Adobe Reader: Adobe has released version 11.0.03 to Reader to fix at least 27 vulnerabilities, some of which are highly critical. Updates are available from within the program or Adobe's website.

Apple iTunes: Apple has released version 11.0.3 for iTunes to fix at least 40 vulnerabilities, some of which are highly critical. Updates are available through iTunes or Apple's website.

BlackBerry Tablet OS: BlackBerry has released an update to fix at least 35 vulnerabilities, some of which are highly critical, in its bundled version of Adobe Flash Player. Update to version 2.1.0.1526 or later.

Keepass: Keepass has released version 2.22 to Keepass. The update is available on Keepass' website.

Mozilla Firefox: Mozilla has released version 21.0 of Firefox. Updates are available through Firefox. See unpatched vulnerability below in versions prior to 21.0. Updates are also available for Thunderbird.

Microsoft Patch Tuesday: Microsoft released several updates addressing at least 33 security vulnerabilities, some of which are highly critical, in Windows, Internet Explorer, Microsoft Publisher, Office Communicator, Visio, and Word. Updates are available via Windows Update or from Automatic Update. This update includes the fix for the Zero Day in Internet Explorer 8, which we first alerted readers to in a Special Alert in Weekend Vulnerability and Patch Report, May 5, 2013.

Microsoft Windows: Microsoft has released an update to Windows 8 to fix at least 13 highly critical vulnerabilities in its bundled version of Adobe Flash Player within Internet Explorer 10. Updates are available through Windows Update in the Control Panel

Current Software Versions

Adobe Flash 11.7.700.202 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.7.700.202 [Windows 8: IE]

Adobe Flash 11.7.700.202 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.03

Firefox 21 [Windows]

Google Chrome 26.0.1410.64

Internet Explorer 10.0.9200.16521 [Windows 7: IE]

Internet Explorer 10.0.9200.16519 [Windows 8: IE]

QuickTime 7.7.3 (1680.64)

Safari 5.1.7 [Windows]

Safari 6.0.4 [Mac OS X]

Skype 6.3.0.105

Newly Announced Unpatched Vulnerabilities

Mozilla Firefox: Secunia reports at least 11 highly critical unpatched vulnerabilities in versions prior to 21.0 of Mozilla's Firefox. No patches are available at this time. Update to version 21.0 of Firefox.

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel's website.

For Your IT Department

Cisco Multiple Products: Cisco has released updates for multiple products, including Cisco's Wireless LAN controller, WebEx, Unified Meeting Place, Unified Communications Domain Manager, and others. Apply appropriate updates.

Microsoft Malware Protection Products: Mozilla has released an update to its Malware Protection Products to fix a highly critical vulnerability. Ensure that systems are running version 1.1.9506.0 or later of Microsoft Malware Protection Engine.

Mozilla Firefox ESR: Mozilla has released an update to its Firefox ESR to fix at least 8 highly critical vulnerabilities. Update to version 17.0.6. More information is available on Mozilla's website. Updates are also available for Thunderbird ESR.

If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.

Copyright © 2013 Citadel Information Group. All rights reserved.

Monday, May 13, 2013

WEEKEND VULNERABILITY AND PATCH REPORT

May 12, 2013

Important Security Updates

D-Link DSL-320B: D-Link has released version 1.25 to fix vulnerabilities in its DSL-320B broadband modem. Download from D-Link's website.

Current Software Versions

Adobe Flash 11.7.700.169 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.7.700.169 [Windows 8: IE]

Adobe Flash 11.7.700.169 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.02

Dropbox 1.6.11 [Citadel warns against relying on Dropbox security. We recommend files containing sensitive information be independently encrypted with a program like Axcrypt; encryption keys be at least 15 characters long; and the Dropbox password be at least 15 characters long and different from other passwords.]

Firefox 20.0.1 [Windows]

Google Chrome 26.0.1410.64

Internet Explorer 10.0.9200.16521 [Windows 7: IE]

Internet Explorer 10.0.9200.16519 [Windows 8: IE]

Java SE 7 Update 21 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have particular web sites that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser - such as Chrome, IE9, Safari, etc - with Java enabled to browse only the sites that require it.]

QuickTime 7.7.3 (1680.64)

Safari 5.1.7 [Windows]

Safari 6.0.4 [Mac OS X]

Skype 6.3.0.105

Newly Announced Unpatched Vulnerabilities

None

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel's website.

For Your IT Department

Adobe ColdFusion: Adobe has identified a critical vulnerability affecting ColdFusion 10, 9.0.2, 9.0.1, 9.0, and earlier versions for Windows, Macintosh, and UNIX. There are reports that an exploit of this vulnerability is publicly available. US-CERT recommends users and administrators review Adobe Security Advisory APSA13-03. Please note the advisory indicates that the workaround does not correct the vulnerability, but it may help mitigate the risk of exposure to this issue.

Citrix XenServer: Citrix has released a patch for its XenServer. Apply patches.

If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.

Copyright © 2013 Citadel Information Group. All rights reserved.

Monday, April 22, 2013

WEEKEND VULNERABILITY AND PATCH REPORT

April 21, 2013

Important Security Updates

Apple Java for OS X: Apple has released an update to OS X to fix at least 21 highly critical vulnerabilities in its version of Java. Download the update from Apple's website.

Apple Safari for OS X: Apple has released version 6.0.4. of Safari for OS X to fix a highly critical vulnerability. Download the update from Apple's website. This update is for OS X only and doesn't affect the Windows version.

Foxit 6.02.0413: Foxit has released a security and performance update. The updated program can be obtained from Foxit's web site

NetGear WNR1000: NetGear has released version 1.0.2.60 for its WNR1000 Wireless Router to fix a vulnerability. Download the update from NetGear's website by providing the model number of the router.

Oracle Java: Oracle has released Java SE 7 Update 21 to fix at least 42 highly critical vulnerabilities in Java. Download the update from the Java website.

Picasa 3.9, build 136.20: Picasa has released a security and performance update. The updated program can be obtained from Picasa's website.

VLC Media Player: VLC has released version 2.0.6 to its Media Player to fix a highly critical vulnerability reported in version 2.05 and prior. Download the version from VLC's website. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, February 3, 2013.

Current Software Versions

Adobe Flash 11.7.700.169 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.7.700.169 [Windows 8: IE]

Adobe Flash 11.7.700.169 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.02

Firefox 20.0.1 [Windows]

Google Chrome 26.0.1410.64

Internet Explorer 10.0.9200.16521 [Windows 7: IE]

Internet Explorer 10.0.9200.16519 [Windows 8: IE]

QuickTime 7.7.3 (1680.64)

Safari 5.1.7 [Windows]

Safari 6.0.4 [Mac OS X]

Skype 6.3.0.105

Newly Announced Unpatched Vulnerabilities

D-Link DIR-865L Wireless Router: Secunia reports an unpatched vulnerability in D-Link's DIR-865-L Wireless Router in version 1.03. There is currently no patch at this time.

Linksys EA2700 Wireless Router: Secunia reports unpatched vulnerabilities in Linksys' EA2700 Wireless Router in firmware version 1.0.12.128947. There is currently no patch at this time.

Linksys WRT54GL Wireless Router: Secunia reports an unpatched vulnerability in D-Link's DIR-865-L Wireless Router in firmware version 4.30.15. There is currently no patch at this time.

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel's website.

For Your IT Department

Cisco Multiple Products: Cisco has released updates for multiple products, including its Adaptive Security Appliance, NAC appliance, and others. Apply appropriate updates.

Novell GroupWise: Novell has released an update for its GroupWise WebAccess to fix a vulnerability. Apply appropriate patches.

Oracle Multiple Products: US-CERT and Secunia reports that Oracle has released updates for at least 31 of its products, including Oracle Database Server, E-Business Suite, Supply Chain Products Suite, PeopleSoft, My SQL and others. Apply appropriate updates.

If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.

Monday, April 1, 2013

WEEKEND VULNERABILITY AND PATCH REPORT

March 31, 2013

Important Security Updates

Google Chrome: Google has released version 26.0.1410.43 of Chrome to fix at least 11 highly critical vulnerabilities that remain unpatched in previous versions. Update through Chrome settings or go to Chrome's website.

Google Picasa: Google has released version 3.9 Build 136.19 of Picasa. Updates are available through the program.

Current Software Versions

Adobe Flash 11.6.602.180 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.6.602.180 [Windows 8: IE]

Adobe Flash 11.6.602.180 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.02

Firefox 19.0.2 [Windows]

Google Chrome 26.0.1410.43

Internet Explorer 10.0.9200.16521 [Windows 7: IE]

Internet Explorer 10.0.9200.16519 [Windows 8: IE]

Java SE 7 Update 17 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have particular web sites that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser - such as Chrome, IE9, Safari, etc - with Java enabled to browse only the sites that require it.]

QuickTime 7.7.3 (1680.64)

Safari 5.1.7 [Windows]

Safari 6.0.3 [Mac OS X]

Skype 6.2.0.106

Newly Announced Unpatched Vulnerabilities

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel's website.

For Your IT Department

Cisco Multiple Products: Cisco has released updates for multiple products, including its IOS products. Apply appropriate updates.

McAfee Firewall Enterprise: Secunia reports a moderately critical unpatched vulnerability in McAfee's Firewall. No patches are available at this time. The vendor is currently working on a patch.

Novell ZENworks: Secunia reports a moderately critical vulnerability in Novell ZENworks versions 11.2 and 10.3. Check vendor advisories for patch availability.

VMware ESX / ESXi: Secunia reports a highly critical vulnerability in VMware's ESXi versions 5.1, 5.0, 4.1, and 4.0 and ESX versions 4.1 and 4.0. Check vendor advisories for patch availability.

If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.

Monday, March 18, 2013

WEEKEND VULNERABILITY AND PATCH REPORT

March 17, 2013

Important Security Updates

Adobe Flash Player / AIR: Adobe has released an update to fix at least 4 highly critical vulnerabilities in its Flash Player and AIR. Updates are available from Adobe's website.
Apple OS X Mountain Lion: Apple has released OS X Mountain Lion v10.8.3 to fix at least 17 vulnerabilities, some of which are highly critical. Updates are available from Apple's website.
Apple Safari: Apple has released version 6.0.3 of Safari which is a part of OS X Mountain Lion to fix at least 17 vulnerabilities, some of which are highly critical. Updates are available from Apple's website.
Google Chrome: Google has released an update to Chrome to fix a highly critical vulnerability. Update to version version 25.0.1364.172 for Windows either through the program or from Chrome's website.
Microsoft Internet Explorer: Microsoft has released version 10.0.9200.16521 for Internet Explorer. This version runs on Windows 7. Update through the Windows Control Panel.
Microsoft Patch Tuesday: Microsoft released 7 updates addressing at least 20 security vulnerabilities, many of them highly critical in Windows, Internet Explorer, Microsoft Silverlight, Microsoft Office and Microsoft SharePoint. Updates are available for Windows XP, Vista, Windows 7, Windows 8, Windows Server 2003, 2008 and 2012. Updates are available via Windows Update or from Automatic Update.

Current Software Versions

Adobe Flash 11.6.602.180 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.6.602.180 [Windows 8: IE]

Adobe Flash 11.6.602.180 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.02

Firefox 19.0.2 [Windows]

Google Chrome 25.0.1364.172

Internet Explorer 10.0.9200.16521 [Windows 7: IE]

Internet Explorer 10.0.9200.16519 [Windows 8: IE]

QuickTime 7.7.3 (1680.64)

Safari 5.1.7 [Windows]

Safari 6.0.3 [Mac OS X]

Skype 6.2.0.106

Important Unpatched Vulnerabilities has moved!

For an updated list of previously announced Unpatched Vulnerabilities, please see the resources section of Citadel's website.

For Your IT Department

Novell Messenger / Groupwise Messenger: Novell has released updates to its Novell Messenger Client and its Groupwise Messenger to fix a highly critical vulnerability in Novell Messenger 2.2.1 and prior, Novell Messenger 2.1 and prior and GroupWise Messenger 2.04 and prior. Update to version 2.2.2 or later.

Oracle Solaris: Secunia reports Oracle has released updates for multiple products to fix numerous vulnerabilities, some of which are highly critical. Apply appropriate updates.

WordPress: Secunia reports vulnerabilities in several WordPress plugins. Patches are available for some of these, but no patches are yet available for others. Check WordPress regularly and monitor closely for updates.

Monday, March 4, 2013

WEEKEND VULNERABILITY AND PATCH REPORT

March 3, 2013

Important Security Updates

Adobe Flash: Adobe has released version 11.6.602.171 for Flash to fix extremely critical vulnerabilities. Updates are available from within the program or Adobe's website.

Mozilla Firefox: Mozilla has released version 19.0.1 of Firefox. Updates are available through Firefox.

Current Software Versions

Adobe Flash 11.6.602.171 [Windows 7: IE9, Firefox, Mozilla, Netscape, Opera]

Adobe Flash 11.6.602.171 [Windows 8: IE]

Adobe Flash 11.6.602.171 [Macintosh OS X: Firefox, Opera, Safari]

Adobe Reader 11.0.01

Firefox 19.0 [Windows]

Google Chrome 25.0.1364.97

Internet Explorer 9.0.8112.16421 [Windows 7: IE], [See warning below]

Internet Explorer 10.0.9200.16484 [Windows 8: IE]

Java SE 7 Update 15 [Citadel recommends removing or disabling Java from your browser. Java is a major source of cyber criminal exploits. It is not needed for most internet browsing. If you have particular web sites that requires Java, Citadel recommends using a two-browser approach to minimize risk. If you normally browse the Web with Firefox, for example, disable the Java plugin in Firefox and use an alternative browser - such as Chrome, IE9, Safari, etc - with Java enabled to browse only the sites that require it.]

QuickTime 7.7.3 (1680.64)

Safari 5.1.7 [Windows, See warning below]

Safari 6.0.2 [Mac OS X]

Skype 6.2.0.106

Newly Announced Unpatched Vulnerabilities

Oracle Java: Secunia reports an extremely critical vulnerability in Oracle's Java. The vulnerability is reported in version 7 update 15 and version 6 update 41. Other versions may also be affected. See Citadel's recommendation above.

For Your IT Department

McAfee VirusScan Enterprise: McAfee has released updates to its VirusScan. Apply VSE88HF778101 or Patch 3.

Important Unpatched Vulnerabilities

Adobe Shockwave Player: Secunia reports at least two highly critical vulnerabilities in Adobe's Shockwave Player. No patches are available at this time. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, February 17, 2013.

Android Browser: Secunia reports a less critical vulnerability in the Android browser that can be exploited to trick a user into believing he is connected to a trusted site by including the trusted site in an iframe. The vulnerability is confirmed in Browser version 2.3.3 included in Android version 2.3.3 and Browser version 3.2 included in Android version 3.2. Other versions may also be affected. Users are cautioned to not rely on displayed certificate information. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, December 25, 2011.

AOL downloadUpdater2 Firefox Plugin: Secunia reports a highly critical vulnerability in version 1.3.0.0. Other versions may also be affected. No solution is currently available. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, August 12, 2012.

Apple iOS for iPhone: Secunia and The Verge both report a weakness in Apple's iOS for iPhone 3GS and later that would allow someone with physical access to bypass the lock screen. No official solution is currently available. Reportedly Apple is planning to release an update. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, February 17, 2013.

Apple Safari for Windows: Secunia reports a moderately critical vulnerability in Apple's Safari version 5.1.2 (7534.52.7) on Windows using the RealPlayer and Adobe Flash plug-ins. Other versions may also be affected. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, March 11, 2012.

Apple Safari for Windows: Secunia reports a non-critical unpatched vulnerability in Safari 5.1.2. Other versions may also be affected. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, December 25, 2011.

D-Link DIR-300 / DIR-600: Secunia reports multiple moderately critical vulnerabilities in two of D-Link's wireless routers; DIR-300 and DIR-600. There are no patches available at this time. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, February 10, 2013.

HTC Mobile Devices: The security vulnerability in the default Twitter application (Peep) in HTC products remain unpatched. Readers should refrain from using the default Twitter application (Peep). We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, February 11, 2011.

HTC Touch2: The highly critical 0-day vulnerability in the HTC Touch2 VideoPlayer remains unpatched. Users are advised to not open files from untrusted sources. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, December 18, 2011.

Microsoft Windows XP: A less-critical security vulnerability has been found in Windows XP which can be exploited by malicious, local users to disclose potentially sensitive information or cause a DoS (Denial of Service). No patch is available at this time. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, August 7, 2011.

Microsoft Word: A highly critical vulnerability has been found in Microsoft Word XP and 2002. No patch is available at this time. Readers should refrain from opening untrusted files in these earlier versions of Word. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, June 19, 2011.

Microsoft Reader: The highly critical vulnerability in Microsoft Reader, versions 2.x, remains unpatched. Readers should refrain from opening untrusted files in Reader. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, April 15, 2011.

PDF-Pro: Several highly critical vulnerabilities in PDF-Pro, a popular alternative to Adobe Acrobat, remain unpatched. Readers should refrain from opening untrusted files in PDF-Pro. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, March 4, 2011.

Quick View Plus CorelDRAW: A highly critical vulnerability has been found in Quick View Plus which can be exploited by malicious people to compromise a user's system. Users should not view untrusted CDR files in Quick View Plus. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, July 31, 2011.

Samsung / Dell Printers: Secunia reports a moderately critical security issue in Samsung's ML-2580 and ML-4050 Monochrome Laser Printers and Dell's 2145cn and 2335dn Multifunction Printers. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, December 2, 2012.

Samsung Galaxy S III: Secunia reports two highly critical vulnerabilities in the Galaxy S3 device. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, October 14, 2012.

Symantec pcAnywhere: As we reported in our Cyber Security News of the Week, January 29, 2012, Symantec has confirmed that the hacker group Anonymous stole source code from the 2006 versions of several Norton security products and the pcAnywhere remote access tool. Symantec has advised users to disable pcAnywhere because of the theft of the pcAnywhere source code.

VLC Media Player: As we reported in our Cyber Security News of the Week, December 16, 2012, Secunia reports a highly critical vulnerability in the VLC Media Player. No patch is available at this time.

VLC Media Player: Secunia reports a highly critical vulnerability in VLC's Media player, version 2.05 and prior. No patch is available at this time. We first alerted readers to this vulnerability in Weekend Vulnerability and Patch Report, February 3, 2013.

ACD Systems: Citadel recommends users remove all ACD Systems programs from their computers. ACD Systems has failed to patch significant critical vulnerabilities in their programs dating back more than a year. Consequently Citadel recommends users remove all ACD Systems programs from their computers until the company fixes these vulnerabilities and pays proper attention to the implications of their security vulnerabilities in opening doors to cyber criminals . The community cannot tolerate a head-in-the-sand attitude, whether by developers or the people who purchase and use their programs. The consequences of willful ignorance are too grave.

ACD Systems Canvas: Secunia reports at least 13 highly critical unpatched vulnerabilities in ACD Systems Canvas version 14. See Weekend Vulnerability and Patch Report, August 5, 2012.
ACDSee 14.x: Secunia reports a highly critical unpatched vulnerability in ACDSee. See Weekend Vulnerability and Patch Report, February 19, 2012.
ACDSee Photo: Several highly critical unpatched vulnerabilities have been identified in various ACDSee photo products. Vulnerabilities have been identified in FotoSlate, Photo Editor 2008, and Picture Frame Manager. See Weekend Vulnerability and Patch Report, June 12, 2011. See also Weekend Vulnerability and Patch Report, September 18, 2011 where we alerted readers to a second vulnerability in FotoSlate.
ACD Systems Canvas CorelDRAW: A highly critical unpatched vulnerability has been found in ACD Systems Canvas which can be exploited by malicious people to compromise a user's system.. See Weekend Vulnerability and Patch Report, July 31, 2011.

If someone else is responsible for the security of your computer, forward our Weekend Vulnerability and Patch Report to them and follow up to make sure your computer has been patched and updated.

John Ellis CPA at the John Ellis Company

Tuesday, May 28, 2013

Important Security Updates

Current Software Versions

Newly Announced Unpatched Vulnerabilities

Copyright © 2013 Citadel Information Group. All rights reserved.

Monday, May 20, 2013

Important Security Updates

Current Software Versions

Newly Announced Unpatched Vulnerabilities

For Your IT Department

Copyright © 2013 Citadel Information Group. All rights reserved.

Monday, May 13, 2013

Important Security Updates

Current Software Versions

Newly Announced Unpatched Vulnerabilities

For Your IT Department

Copyright © 2013 Citadel Information Group. All rights reserved.

Monday, April 22, 2013

Important Security Updates

Current Software Versions

Newly Announced Unpatched Vulnerabilities

For Your IT Department

Monday, April 1, 2013

Important Security Updates

Current Software Versions

Newly Announced Unpatched Vulnerabilities

For Your IT Department

Monday, March 18, 2013

Important Security Updates

For Your IT Department

Monday, March 4, 2013

Important Security Updates

Newly Announced Unpatched Vulnerabilities

For Your IT Department

8 hour New York Gold Chart [$US Dollar price per ounce]

Oil Price Dashboard

Blog Archive

About The John Ellis Company

Followers