Threat Level: green Handler on Duty: Daniel Wesemann

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Adobe Patch is out

Published: 2009-07-31
Last Updated: 2009-07-31 21:22:30 UTC
by Deborah Hale (Version: 2)
3 comment(s)

It looks like today will be patch day for a lot of folks.  It appears that  Adobe has released the patch for the Adobe Reader vulnerability is out.   Thanks to all of our readers that Abobe Bulletins that Handler Mark posted yesterday and Handler Bojan posted on July 23rd.

isc.sans.org/diary.html

isc.sans.org/diary.html

The patches can be downloaded from Adobe's update site.

Thanks to all of our reader's that have notified us of the availability of the patch.

 

Update:  Here is some more information about the Adobe Updates that are available.  It appears that this update is for Adobe Flash Player.  According to the Adobe Security Advisory this is a critical vulnerability in the current versions of Flash Player and affects Windows, MAC and Linux OS's.  The information indicates that the vulnerability could crash and potentially allow an attacker to take control of the affected system.  The information provided by Adobe says that the vulnerability is currently being exploited in the wild.

www.adobe.com/support/security/advisories/apsa09-03.html

So bottom line... PATCH NOW.

Deb Hale Long Lines, LLC

Keywords: Adobe
3 comment(s)

The iPhone patch is out

Published: 2009-07-31
Last Updated: 2009-07-31 21:12:48 UTC
by Deborah Hale (Version: 2)
0 comment(s)

Just what we have been waiting for - the patch is out.  We have received confirmation that the patch has been released by Apple to fix the SMS vulnerability in the iPhone OS.  It looks like the patch has to be downloaded from Apple iTunes.  From the Installation notes:

" iTunes will automatically check Apple's update server on its weekly
schedule. When an update is detected, it will download it. When the
iPhone is docked, iTunes will present the user with the option to
install the update. We recommend applying the update immediately if
possible. Selecting "don't install" will present the option the next
time you connect your iPhone."

support.apple.com/kb/HT1222

The information indicates that it may take up to a week for the automatic update process to pick up the patch. They indicate that you can obtain the update manually via the "Check for Update" button in iTunes.  For more information see Apple's support site.

 This Apple Support Document identifies the OS version as 3.0.1.

support.apple.com/kb/HT3754

Thanks to Juha-Matti for sending us the information on the new OS version.

 

Deb Hale Long Lines, LLC

Keywords: iPhone Patch
0 comment(s)

Google Safe Browsing

Published: 2009-07-31
Last Updated: 2009-07-31 18:15:10 UTC
by Deborah Hale (Version: 1)
3 comment(s)

Last night one of our long time readers sent me an email that had a link to a Google Safebrowsing Diagnostics page for the my AS number. I was quite surprised when I opened the link and there plain as day were 2 of our customer's websites that had been Glumbar'ed.  Both of these had been previously discovered via an audit of our logs. In both cases I took the domains offline and contacted the customers. 

It is amazing the tools that are available on the web now to help you watch what is happening on your network. As part of my responsibility as the Security Administrator for my company I handle all of the abuse complaints.  I can tell you that, some weeks, is no easy task.  I have had weeks where all I got done was counseling customers on the use of Anti Virus/Malware protection and explaining why it is important to get their computer cleaned up.

I had one IP this week that I had received several abuse reports for.  I tracked down the customer and called him.  He told me he did not have an anti-virus program, anti-spyware program or firewall. He said he didn't need them, that he only visits safe websites.  I spent a bit of time on the phone with him and felt that I was not going to be able to convince him that there are no "safe websites".  I hung up from talking to him feeling like I had lost this one.  A short time later my phone rang, it was him eating humble pie.  He apologized, said that it was his computer and that he was going to format and reload the computer and he ABSOLUTELY was going to put some protection on the computer.

The tools that are available today can make things so much easier if you find and use them.  I have signed up for FBL's for as many ISP's as I can find. I have signed up for Microsoft's SDND reporting system, Spam Cop reports, as well as others. I check my domains on Trusted Source and Sender Base and try to stay on top of it. I monitor my ip's on our DShield site to see what you folks are submitting.  Sometimes it feels like a full time job.

I keep telling myself, if we all work together we can make this Internet - the World Wide Web a better, safer place for all of us.  I would like to hear about the tools you are using.  Anything that helps you manage your network better please let us know.

 

 Deb Hale Long Lines, LLC

Keywords: Google Browsing
3 comment(s)

Don't forget to tell your SysAdmin Thanks

Published: 2009-07-31
Last Updated: 2009-07-31 17:46:53 UTC
by Deborah Hale (Version: 1)
0 comment(s)

I had totally forgotten that this is indeed a special day!  A holiday of sorts for me and all Sysadmin's around the world. A day we all should have taken off.  (Well maybe not..  If we all took a day off who would keep things running.)

Anyway, today is Sysadmin Appreciation Day, a day that employees in every company all around the world should give a big thank you and a pat on the back to all of their nerds and geeks who keep their systems running smoothly. 

www.networkworld.com/news/2009/073109-sysadmin-day.html

As the article says SysAdmin's get no respect 364 days a year.  Most companies don't even realize we exist until something goes wrong. (And hopefully that is not very often).  Humm - the article also says that we will be "showered with expensive sportscars and large piles of cash".  (I guess I better go track down the boss so that he doesn't have to carry that large pile to me).

In all seriousness, I for one thank all of my fellow admins - whether they work at my company with me, or as a fellow handler, or you, one of our ardent faithful.  Thanks for all you do everyday.  I know what a thankless job this can be.  No one really understands (nor do they want to understand) what we do.  They just want things to work when they need them and they don't want to hear the excuses or the challenges we face.  

So consider this a pat on the back to all of you.  

I want to thank one of the Customer Service Rep's from my company for sending this article with a big "thanks for what you do" to me and the other geeks and nerds in the company.  We can always count on Bob for a Kudo's.

Have a good day to all. Enjoy those big sports cars and all that cash.

 

Deb Hale Long Lines, LLC

0 comment(s)
Diary Archives