Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Outage Update - isc.sans.org

Published: 2010-04-09
Last Updated: 2010-04-09 13:17:52 UTC
by Mark Hofman (Version: 1)
1 comment(s)

 A quick update on the outage for our site and related processing. 

Yesterday we experienced a power outage as well as a link outage in the main processing location for the storm centre.  This affected elements of the web site, but also our contact form, the handlers-a-t-sans.org email address and log processing.  These three issues have been resolved and are relatively stable (unlike the link at one datacentre).

I have replied to all the emails that made it through in the last 24 hours.  If however you have not yet received a reply please do re-submit your question, query, or information and we'll process it as per normal.  

With regards to log processing. The servers are happily churning through the backlog of data and will catch up, so you should receive confirmations.  

There are still some elements of the site that may be broken, however the team is working through these.  If after, say 12 hours from now, you find something that is still broken please let us know. 

Thanks

Mark 

Keywords: Outage
1 comment(s)
VMware has released the following patch "VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues". Make sure you test before applying to production.

Adobe launch issue response/work around.

Published: 2010-04-09
Last Updated: 2010-04-09 02:16:25 UTC
by Mark Hofman (Version: 1)
3 comment(s)

 Late last month Didier discussed a POC relating to the /launch functionality in PDF files (http://isc.sans.org/diary.html?storyid=8545)

Adobe published a reply and a work around for this on their blog pages (http://blogs.adobe.com/adobereader/2010/04/didier_stevens_launch_function.html)

The article shows a few default settings that can be changed and a registry modification to reduce the risk of this type of attack.  Adobe is examining the issue and are deciding what to do.  They may make a fix available as part of their quarterly updates to the product.

Mark 

Keywords: Adobe launch
3 comment(s)
Diary Archives