Yet Another Out-of-Band Adobe Security Update

Just last month we informed you of an out-of-band security update released by Adobe to fix critical vulnerabilities in Flash, Reader, and Acrobat. According to a recent Adobe security advisory, these applications once again suffer from a critical vulnerability that attackers are currently leveraging in the wild to execute malicious code on a user’s computer, potentially causing the computer to crash and enabling the attacker to gain full control over it.

Similar to last month’s vulnerability, the current one is exploited through a malicious Flash (.swf) file embedded in a Microsoft Word or Excel document delivered as an email attachment. More information on the security updates, timelines, and installation instructions can be found in the Adobe security bulletin “Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat” and Security Bulletin APSB11-07.

To read more about security threats to Adobe applications, please refer to our previous blog post entitled “An Unpatched Adobe Application does for an Unsafe Network Make”.

3D Corporation can evaluate your network and provide assistance in ensuring patches for these applications are up-to-date. For more information on the services 3D provides to keep business networks secure, please call our office at (360) 671-4906, email us at info@3dcorp.us, or visit our website at http://www.3dcorp.us/.

References: “Another Month, Another Zero Day Flash Vulnerability”, watchguardsecuritycenter.com, “Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat” , Security Bulletin APSB11-07.

Microsoft Releases a Record-Breaking 17 Security Bulletins

Microsoft has released a record-breaking 17 new security bulletins describing 44 vulnerabilities found in Windows, Internet Explorer (IE), and Office, as well as in Microsoft’s Server and Developer software. Eight of these bulletins have been rated as Important, while the other nine are rated as Critical, typically indicating that attackers who exploit these vulnerabilities can ultimately execute code on the user’s computer and gain complete control over it.

3D Corporation will automatically test and deploy security patches on the networks of our 3DProActive™ Managed and Partner clients to eliminate the risks posed by these vulnerabilities. Other Microsoft users who utilize any of the software or programs that has been affected should download and install the appropriate patches immediately to avoid possible exploitation of their computer and/or computer networks. More information regarding these vulnerabilities and their impact can be found at Microsoft Security Bulletin Summary for April 2011.

3D provides up-to-date security solutions that can protect businesses from threats like these automatically. If you would like additional information on how we can make your network worry-free, please visit our website at http://www.3dcorp.us/, email us at info@3dcorp.us, or call our office at (360) 671-4906.

References: “Prepare for a Record Breaking Microsoft Patch Day Tomorrow”, watchguardsecuritycenter.com; Microsoft Security Bulletin Summary for April 2011.