June 15th update
If you use Mac OS X, Apple's just released an important security update for your Java. download it here or run OS X's Software Update to get your Java updated. This fixes a high-profile vulnerability with proof-of-concept attack code publicly available. If you don't actually need Java for anything at this time, disabling it is another safeguard to consider, and that's easily done:
If you use Windows 2000, Windows XP, or Windows Server 2003, Microsoft has a temporary fix for an exploitable DirectX component. Click the Fix It button on this page, save the file, and run it from an Administrator-level account. This vulnerability is being attacked in the wild, so until a final security update is released, I'd suggest using Microsoft's temporary fix. Windows Vista, Windows 7 and Windows Server 2008 aren't affected, but Vista users might want to take this opportunity to enable a new security option called "SEHOP".
Older content
If you have Apple's Safari web browser, they've just released version 4.0 with security fixes and enhancements. You can get that from http://www.apple.com/safari/.
Apple also updated QuickTime Player to fix some security vulnerabilities. The latest version is available at http://www.apple.com/quicktime/download/ for Mac and Windows.
Tomorrow (June 9th) is Patch Tuesday for Microsoft. Security patches are planned for Windows, Internet Explorer, Office for Windows, and also the Mac versions of Office 2004 / Word / Excel. Windows users can visit http://update.microsoft.com to get the Microsoft Update engine if you don't have it already, then check for the updates.
Statistics show that the bad guys are favoring maliciously-constructed .PDF files as an attack method lately (article at F-Secure with stats). They can be auto-launched by exploits sneaked into compromised websites, for example. So I'd suggest checking for security updates to your .PDF-reading program, whether it's Foxit, Adobe Reader, or something else. For example, in Adobe Reader, you can click Help > Check for updates.
Speaking of Adobe, they will be doing Patch Tuesdays four times a year from now on, and tomorrow (June 9th) will be their first one. There will reportedly be updates for Adobe Reader and the full-blown Adobe Acrobat tomorrow, so if you have Reader and/or Acrobat proper, tomorrow would be a good day to check for updates :thumbsup:
If you use Mac OS X, Apple's just released an important security update for your Java. download it here or run OS X's Software Update to get your Java updated. This fixes a high-profile vulnerability with proof-of-concept attack code publicly available. If you don't actually need Java for anything at this time, disabling it is another safeguard to consider, and that's easily done:
If you use Windows 2000, Windows XP, or Windows Server 2003, Microsoft has a temporary fix for an exploitable DirectX component. Click the Fix It button on this page, save the file, and run it from an Administrator-level account. This vulnerability is being attacked in the wild, so until a final security update is released, I'd suggest using Microsoft's temporary fix. Windows Vista, Windows 7 and Windows Server 2008 aren't affected, but Vista users might want to take this opportunity to enable a new security option called "SEHOP".
Older content
If you have Apple's Safari web browser, they've just released version 4.0 with security fixes and enhancements. You can get that from http://www.apple.com/safari/.
Apple also updated QuickTime Player to fix some security vulnerabilities. The latest version is available at http://www.apple.com/quicktime/download/ for Mac and Windows.
Tomorrow (June 9th) is Patch Tuesday for Microsoft. Security patches are planned for Windows, Internet Explorer, Office for Windows, and also the Mac versions of Office 2004 / Word / Excel. Windows users can visit http://update.microsoft.com to get the Microsoft Update engine if you don't have it already, then check for the updates.
Statistics show that the bad guys are favoring maliciously-constructed .PDF files as an attack method lately (article at F-Secure with stats). They can be auto-launched by exploits sneaked into compromised websites, for example. So I'd suggest checking for security updates to your .PDF-reading program, whether it's Foxit, Adobe Reader, or something else. For example, in Adobe Reader, you can click Help > Check for updates.
Speaking of Adobe, they will be doing Patch Tuesdays four times a year from now on, and tomorrow (June 9th) will be their first one. There will reportedly be updates for Adobe Reader and the full-blown Adobe Acrobat tomorrow, so if you have Reader and/or Acrobat proper, tomorrow would be a good day to check for updates :thumbsup:
Last edited:
