[Macpartners] Another wonderful Adobe Flaw
Brian Bulmer
bbulmer at MIT.EDU
Mon Oct 1 13:08:39 EDT 2012
Adobe just keeps pushing itself further into it's hole:
http://nakedsecurity.sophos.com/2012/09/28/adobe-revokes-certificate-after-hackers-compromise-server-sign-malware/
http://www.adobe.com/support/security/advisories/apsa12-01.html
Looks like hackers are attempting to allow Abobe flash updaters, air updaters, etc. the ability to allow pwdmp and an ISAPI filter allowed on systems that have the compromised certificate.
Another reason to hold off on flash installs until needed; and uninstall Adobe Air if installed and not needed. It comes freely as a piggyback app with a lot of installer and flash updates occasionally.
Brian Bulmer
Managed IT Support Services (DITR)
Information Services and Technology, MIT
Office: (617) 253-2163
bbulmer at mit.edu<mailto:bbulmer at mit.edu>
http://ist.mit.edu/about/org/d<http://ist.mit.edu/about/org/ds>itr
_______________________________________
Please note: MIT IS&T staff will NEVER ask you for your password, nor any email requesting your password information. Please ignore any email messages that claim to require you to provide such information.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/macpartners/attachments/20121001/00e1952f/attachment.htm
More information about the Macpartners
mailing list