Contact Us Today! (215) 853-2266

Bardissi Enterprises Blog

Bardissi Enterprises has been serving the Hatfield area since 2000, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Grab Adobe’s Shockwave Update to Avoid Web-based Attacks

Summary:
  • This vulnerability affects: Adobe Shockwave Player 11.6.3.633 and earlier, running on Windows and Macintosh computers
  • How an attacker exploits it: By enticing your users into visiting a website containing a malicious Shockwave content
  • Impact: An attacker can execute code on your computer, potentially gaining control of it
  • What to do: If you allow the use of Shockwave in your network, you should download and deploy the latest version (11.6.4.634) of Adobe Shockwave Player as soon as possible.
Exposure:
Adobe Shockwave Player displays interactive, animated web content and movies called Shockwave. According to Adobe, the Shockwave Player is installed on hundreds of millions of PCs.
Continue reading
0 Comments

Oracle Shores Up 14 Major Java Vulnerabilities

Severity: High

Summary:
  • These vulnerabilities affect: All versions of Sun Java Runtime Environment (JRE) and Java Development Kit (JDK) released before today
  • How an attacker exploits them: Typically by luring your users to a malicious web page containing specially crafted Java
  • Impact: Various results; in the worst case, an attacker can gain complete control of your computer
  • What to do: Install the appropriate JRE (or JDK) update as soon as possible
Continue reading
0 Comments

UPDATE: 2012′s First OS X Update Corrects 52 Security Vulnerabilities

Last week, Apple released an OS X update that fixed 52 security vulnerabilities. However, customers have reported that the Snow Leopard (10.6.x) version of the update causes problems with Rosetta — a component that allows Intel Macs to run PowerPC programs. In response, Apple has revised their original advisory, and released a new version of the Snow Leopard update.

If you use Snow Leopard, and you downloaded Apple’s update on February 1, you should download the revised v1.1 update from the Apple Software Download page. Apple doesn’t appear to have changed the text on their download page to reflect this new version. However, they did share new checksums for the revised updates in their email security advisory. You can find those SHA-1 checksums below:

For Mac OS X v10.6.8
  • Download file name: SecUpd2012-001Snow.dmg
  • SHA-1 digest: 29218a1a28efecd15b3033922d71f0441390490a
Continue reading
0 Comments

2012′s First OS X Update Corrects 52 Security Vulnerabilities

Summary:
  • These vulnerabilities affect: All current versions of OS X 10.6.x (Snow Leopard) and OS X 10.7.x (Lion)
  • How an attacker exploits them: Multiple vectors of attack, including enticing your users to visit a malicious web site, or into downloading and viewing various document or media files
  • Impact: Various results; in the worst case, an attacker executes code on your user’s computer
  • What to do: OS X administrators should download, test and install OS X 10.7.3 or Security Update 2012-001 as soon as possible, or let Apple’s Software updater do it for you.
Exposure:
Today, Apple released a security update to fix vulnerabilities in all current versions of OS X. The update fixes around 52 (number based on CVE-IDs) security issues in 27 components that ship as part of OS X or OS X Server, including Apache, Quicktime, and Time Machine. Some of the fixed vulnerabilities include:
  • Multiple ImageIO Buffer Overflow Vulnerability. ImageIO is one of the components that helps OS X handle various image file types. Unfortunately, it also suffers from various security vulnerabilities (including some buffer overflow vulnerabilities) involving the way it handles certain types of image files. Though these vulnerabilities differ technically, they generally share the same scope and impact. If an attacker can get a victim to view a specially crafted image file (perhaps hosted on a malicious website), he could exploit any of these flaws to either crash an application or to execute attack code on the victim’s computer. By default, the attacker would only execute code with that user’s privileges. The affected image types include TIFF and PNG.
  • CoreAudio Buffer Overflow Vulnerability. CoreAudio is a component that helps OS X play audio content. It suffers from a buffer overflow vulnerability. By enticing you to play a specially crafted audio file, an attacker would exploit this flaw to either crash your system, or execute code with your privileges.
  • Several Quicktime Vulnerabilities. Quicktime is the popular video and media player that ships with OS X (and iTunes). Quicktime suffers from six security issues (number based on CVE-IDs) involving how it handles certain image and video files. While the vulnerabilities differ technically, they share the same basic scope and impact. If an attacker can trick one of your users into viewing a maliciously crafted image or video in QuickTime, she could exploit any of these flaws to execute code on that user’s computer, with that user’s privileges.
Continue reading
0 Comments

WatchGuard Releases v3.1.2 for WatchGuard SSL 100 and 560

WatchGuard is pleased to announce the release of WatchGuard SSL OS v3.1.2 for the WatchGuard SSL 100 and SSL 560.

The WatchGuard SSL appliances are easy-to-use, all-in-one, secure, remote access solutions for small to medium-sized businesses. WatchGuard SSL 100 supports up to 100 concurrent users to make secure connections. The SSL 560 appliance supports up to 500 concurrent users. The WatchGuard SSL appliances deliver applications directly to the desktop of your remote employees to provide increased productivity—from anywhere, at anytime.

Highlights of the WatchGuard SSL OS v3.1.2 release include:
  • Internet Explorer (IE) 9 support. You can now use IE9 to both configure the appliance’s WebUI and to access resources with the Access Client
  • The WebUI performs faster on SSL 100 devices
  • The Access Client has been improved to provide greater stability
  • Corrected various potential security vulnerabilities
  • Remote Desktop single sign-on now works with Windows Server 2008
  • The Web UI is now more stable, with improved error and exception handling
  • … and many other fixes — please see the Release Notes for complete details.
Continue reading
0 Comments

Mobile? Grab this Article!

QR-Code dieser Seite

Blog Archive

Recent Comments

Tip of the Week: Which Headphones are Right for Your Needs?
23 April 2018
I will recommend Plantronics Backbeat Pro 2 SE Noise cancelling Headset with it's Great features.
Gamification: Make Business Fun for Everyone
27 January 2017
The world is based on the games. There are many types of games as per the aussie essay writing servi...
Let's Talk Tablets
12 January 2017
The concept of tablet is far better than that of PC because you can bring them with you everywhere a...
Tip of the Week: Tweak Your Workday in These 4 Ways and See Major Results
12 January 2017
The only thing will I will say regarding this blog is that it is very helpful at least for me. As I ...
WatchGuard Releases Version 10.2.7 for WSM, Edge, Fireware, and Fireware Pro
23 December 2016
I really needed to know about the fireware but i was confused that where can i find information abou...