Tag Archives: internet

Adobe has scheduled an update for last week’s Acrobat zero-day

Adobe announced in a blog post that they will issue updates for version XI, X, and 9 to close the zero-day hole revealed last week. The patch will be released for Windows, Linux, and Macintosh operating systems. All users are advised to install the patch as soon as it becomes available. Thom Infotech encourages Adobe […]

Facebook is apparent victim of a Java zero-day attack

Facebook has confirmed that they were a victim of a targeted attack that leveraged a previously unknown Java vulnerability. The zero-day exploit was used to infect the laptops of several engineers with malware that apparently was used to attempt a full-scale infiltration of the inner sanctum of Facebook. Facebook reported that all of the infected […]

New Adobe Acrobat Zero-Day Reported

Researchers from the respected malware research firm FireEye today reported a zero-day flaw that is actively being exploited in the wild. They reportedly observed successful exploitation of the latest Adobe PDF Reader 9.5.3, 10.1.5, and 11.0.1. It is assumed that earlier versions are also vulnerable though this has not been confirmed. In the words of […]

Adobe issues two Flash zero-day patches

Today, a Security Bulletin (APSB13-04) has been posted to address security issues in Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.261 and earlier versions for Linux, Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and […]

Oracle releases emergency patches for Java

Oracle has released a sizable number of patches for Java to address 50 vulnerabilities affecting both the browser versions as well as the server. The “Critical Patch Update February 2013” (CPU) for Java had been scheduled for February 19th, but due to one of the vulnerabilities being exploited in the wild, the company brought the […]

UPnP to be the next mega-exploit?

The Department of Homeland Security urged computer users on Tuesday to disable a common networking technology feature, after researchers warned that hackers could exploit flaws to gain access to tens of millions of vulnerable devices. The U.S. government’s Computer Emergency Readiness Team, on its website, advised consumers and businesses to disable a feature known as […]

Seriously… not another Java zero-day attack?

I’m not kidding. Heck, I might even be wrong. But it appears as though the administrator of a hacker forum has sold weaponized and full source code versions of the new zero-day exploit. There are reasons for doubt, however. According to Brian Krebs, the exploit was purportedly limited in its sale to only two buyers […]

Why did I get a virus?!

For crying out loud… How did this happen? You’re just surfing along, minding your own business and BAM – some bogus-looking thing pops up claiming you have 300 infected files and you need to pay $70 to get your computer cleaned. Or, like my elderly neighbor over the past weekend, you get a scary full-screen […]

Microsoft releases out-of-band patch for the IE8 (and below) zero-day hole

Microsoft has released a rare out-of-band critical update that appears to address the zero-day exploit announced on January 5th. The software giant previously released a manual “fixit” for this vulnerability but researchers soon found ways around the patch. This update addresses the original problem and is slated for release on January 14th, 2013

Java 6 support to end in February 2013

Oracle has announced that the end-of-life (EOL) of Java SE 6 has been moved from November 2012 to February 2013. This is to give organizations small and large more time to transition to Java SE 7. This is the second EOL extension given to Java SE 6, the original EOL date being July 2012. The […]