Vulnerability Roundup

While they were absent from last week’s roundup, Adobe has returned with advisories in 3 of their products, not surprisingly Flash and Reader, and also BlazeDS which is included in some of their server offerings.  The Flash and Reader vulnerabilities share a CVE (CVE-2010-0186) which can allow an attacker to subvert domain sandboxing.  The Reader update is also out-of-band for Adobe, and addresses a vulnerability which would allow an attacker to execute code in the context of Reader.  Interestingly enough, the second vulnerability is credited to a Microsoft researcher.

Cisco has also posted updates, this set for their IronPort Appliances.  It looks like there are some serious vulnerabilities covered here, including accessing files on the appliance, as well as executing malicious code.

In the world of hardware hacking a researcher named Christopher Tarnovsky has managed to extract the encryption keys from the Trusted Computing Module.  There’s a lot of different chemicals, hardware and a Focused Ion Beam microscope involved.  Very impressive.

Google has released a new version of Chrome which fixes a large number of security issues, including one which earned some cash from the new Chrome bug bounty.  Of course there has been a lot of talk about privacy (or the lack thereof) in Google’s new Buzz service, but RSnake posted what appears to be a vulnerability in the service.

In an update to last week’s vuln roundup, some people have been having problems with update MS010-15, causing some XP machines to BSoD. Turns out, those with the BSoD may also have another problem; a rootkit.  In other Microsoft matters, I’ve included an article on using Windows Communication Foundation services to perform a remote portscan, but which may also lead to other types of attacks against internal hosts.

Closing things out, TippingPoint’s Zero Day Initiative has announced the 2010 version of its Pwn2Own contest at the CanSecWest conference.  The targets of choice for this year are Web Browsers and Smart Phones.  I’m sure you’ll be reading about the outcome, or the patches from the outcome, after March 24th.

Leave a Reply