Microsoft is investigating a vulnerability in ASP.NET (CVE-2010-3332) that could allow an intruder to view and tamper with data. Microsoft said there has been some active exploitation. See separate article in Dirty Tricks.

Apple has released an update for Mac OS X and Mac OS X Server to remove a vulnerability (Mac OS X v10 and later) in the Apple Filing Protocol that allows attackers to bypass password validation and access data.

Apple QuickTime version 7.6.8 (Windows 7, Vista and XP SP2 or later) fixes a vulnerability that could allow execution of arbitrary code.

Adobe has released updates to Flash Player and Adobe Flash Player for Android to fix a vulnerability that could allow an attacker to take control of a system. Active exploitation has been reported.

Adobe advisories here:

http://www.sunbeltsecuritynews.com/6GNC60/100929-Adobe-Advisories

Adobe has announced an unpatched vulnerability that is being actively exploited in Reader 9.3.4 (and earlier) for Windows, Macintosh and UNIX as well as Acrobat 9.3.4 (and earlier) for Windows and Macintosh. The vulnerability (CVE-2010-2883) can allow an attacker to take control of a system. Reader or Acrobat 9.3.4 (or earlier) on Windows can be protected via Microsoft’s Enhanced Mitigation Evaluation Toolkit.
http://www.sunbeltsecuritynews.com/6GNC60/100929-Adobe-Advisory-Reader

Mozilla has released Firefox 3.5.13 and 3.6.10 to fix “stability issues.”

This Week’s Top 10 Spyware Threats

1. Trojan.Win32.Generic!BT: Trojan
2. Trojan.Win32.Generic!SB.0: Trojan
3. Trojan-Spy.Win32.Zbot.gen: Trojan
4. Trojan.Win32.Generic.pak!cobra: Trojan
5. INF.Autorun (v) (fs): Trojan
6. Worm.Win32.Downad.Gen (v):Worm.W32
7. FraudTool.Win32.FakeAV.gen!droppedData (v): Trojan
8. Trojan.ASF.Wimad (v): Trojan
9. Trojan.Win32.Malware.a: Trojan
10. Trojan.Win32.Hiloti.aa (v): Trojan

Stay on top of all the real-time threats:

http://www.sunbeltsecuritynews.com/6GNC60/100929-Sunbelt-Research

Go back to Vipre Coupon

Tags: