The following software updates were released last week. Citadel strongly recommends that readers upgrade these programs on their computers.
Apple Safari: Apple has released Safari 5.0.3 and 4.1.3 to address multiple vulnerabilities in the Safari and WebKit packages. Because of these vulnerabilities, users are at risk of a cyber criminal taking full control of their computer. See Apple article HT4455 for more information.
Adobe Reader and Acrobat: Adobe has released security updates for Reader and Acrobat for Windows and Macintosh. These updates address multiple vulnerabilities that put users at risk of a cyber criminal taking full control of their computer. See Adobe Bulletin APSB10-28 for additional information.
Mac OS X: Apple has released Mac OS X v10.6.5 and Security Update 2010-007 to address multiple highly critical vulnerabilities in OS X. Mac users should install these. These updates are available on Apple's Downloads page and we urge all users to apply them.
News of Important Vulnerabilities.
Microsoft Internet Explorer: Microsoft has still not issued an update to fix a zero-day highly critical vulnerability in Internet Explorer that, according to KrebsOnSecurity.com, cyber criminals are exploiting to break into Windows computers.We suggest running the latest version of Firefox with the NoScript add-on as an alternative to IE.
RealPlayer: RealPlayer users should make sure they are running version 14.0.1.609 or later as serious vulnerabilities have been found in some earlier versions.
WordPress: For those of you with web sites coded in the popular WordPress, Secunia has announced that an extremely serious security vulnerability has been found in the WordPress' Event Registration Plugin. (This follows the announcement last week of 6 serious WordPress vulnerabilities.) The vulnerability has the potential to allow a cyber criminal full access to any databases connected to a web site using the plug-in. Insist your web-master takes steps to protect any of your sensitive information that this vulnerability puts at risk. Direct your web-master to Secunia Advisory SA42265 for more information.
If you are responsible for keeping your computer secure, our weekly report is for you. We strongly urge you to take action to keep your workstation secure.
If someone else is responsible for keeping your computer secure, protect it by forwarding our Weekend Vulnerability and Patch Report to them and following up to make sure your computer has been patched.
Vulnerability management is a key element of cyber security management. Cyber criminals take over user computers by writing computer programs that "exploit" vulnerabilities in operating systems (Windows, Apple OS, etc) and application programs (Adobe Acrobat, Office, Flash, Java, etc). When software companies find a vulnerability, they will issue an update patch to fix the code running in their customer's computers.
The Weekend Vulnerability and Patch Report is intended to raise user awareness to cyber security challenges by alerting them to some of the week's important vulnerability news and updates.
© Copyright 2010. Citadel Information Group. All Rights Reserved.