It’s patch time again, and the August 2012 batch promises to be exciting. Microsoft has 5 bulletins listed as critical and Adobe has an update to Acrobat Reader that’s also critical.
Microsoft – The August 2012 Patch Tuesday updates includes 5 bulletins rated as critical and 4 rated as important with 8 bulletins addressing vulnerabilities that can allow remote code execution (the 5 critical can allow remote code execution without user intervention). The updates seem to cover pretty much every Microsoft software product currently supported but the ones topping the list are all supported versions of Windows (including server), all supported versions of Office, all supported versions of Exchange, all supported versions of SQL Server and all supported versions of Internet Explorer. It should be understood that any / all non-supported (end of lifed) versions of the above software are vulnerable to attack. Suffice it to say, if you have a Windows based computer, you should be making plans to get these updates installed.
Microsoft Security Bulletin Advance Notification for August 2012
Adobe – Adobe has released a critical update for their Adobe Reader product that covers basically every version of Adobe Reader for Windows AND Mac computers. The update addresses a cricital vulneraiblity that can allow an attacker to run programs on a victim’s computer with absolutely no user interaction or knowledge. Adobe has indicated that the vulnerability is ‘being targeted’ or at a ‘higher risk of being targeted’. It can be confirmed that attack code for this vulnerability is availble in most regularly updated penetration testing / attack toolkits available at this time.
Adobe Security Advisory APSB12-16
Java – I am not aware of any critial updates for Java *at this time*. The last critical update was listed as 17 July 2012. If you have to have Java installed, checking for updates *on a very regular basis* is never a bad idea.
Cyber Tech Cafe – Today will close out our first full week with the new helpdesk system and, so far, things seem to be going well and feedback has been overwhelmingly positive. We are still tweaking and refining but have completely switched over that this point. All of the ‘old’ functionality from the previous helpdesk is still there, but we’ve added a ‘Customer Support Center‘ that will function as a portal to the helpdesk, news and more. We’re excited about the new services and features that we’re now able to provide and hope that you will continue giving us feedback on how we can continue making it better.
- Tickets can be opened directly from the web at http://helpdesk.cybertechcafe.net
- Tickets can still be opened by emails sent to support and via phone
- You can now view news and information at http://helpdesk.cybertechcafe.net. This will also be published to our Facebook page at http://facebook.com/cybertechcafe
- You can review your current / open tickets *and* ticket history at http://helpdesk.cybertechcafe.net. For our commercial clients, you can also appoint ‘Managers’ that are able to see all of the tickets for your organization.
- We will be phasing out the current mailing list over the next few months and will be sending monthly newsletters out exclusively via the new helpdesk. The newsletters will also be linked on our Facebook page but, if you would prefer to receive them via email, you can subscribe via the subscribe link at http://helpdesk.cybertechcafe.net
Monthly Update Clients
* If you are not currently taking advantage of our monthly update service and would like more information or to sign up, additional information is available here
For our Monthly Update clients, if a date and time hasn’t already been scheduled to install your updates, we will be contacting you shortly to schedule. If you aren’t already taking advantage of our monthly update service, there’s no time like the present to get started. We offer a monthly update service to keep all of your computers up-to-date for a low monthly fixed price with no long-term committment. Additional information is available on our website.