Security Alerts
Some of the most serious PC security issues are posted here. Without these security updates, your applications can easily install a virus from an infected web page, email or document.
Call if you would like our help installing these updates.
Dates in red indicate when the software vulnerabilities were first made public.
- 3/9/10 Internet Explorer 6 and 7 - An unpatched vulnerability in these browsers is currently being targeted by malicious websites. Upgrade to Internet Explorer 8 or apply workarounds. See article.
- 3/9/10 Microsoft Office - Apply updates.
- 3/4/10 Opera 10.5 - Browse only trusted website and apply update when available.
- 2/26/10 Internet Explorer on XP - Internet Explorer running on pre-Vista Windows systems are vulnerable to attack if the F1 ("Help") key is pressed while viewing a malicious webpage. This vulnerability was NOT fixed in batch of updates released by Microsoft on March 9.
- 2/24/10 Picasa - Update to version 3.6 build 105.41 or later. Reinstall from the Picasa web site, and then select About Picasa from the Help menu to check the version and build numbers.
- 2/18/10 Adobe Download Manager - Fixed 2/23/10. See article.
- 2/18/10 Mozilla Firefox - There is a reported vulnerability in version 3.6. Use version 3.5.8 or an alternate browser until this problem is fixed.
- 2/17/10 Mozilla Firefox, Thunderbird - Update to newest versions.
- 2/11/10 Adobe Acrobat/Reader - Apply update released 2/16/10.
- 2/11/10 Adobe Flash Player - Update to version 10.0.45.2.
- 2/11/10 Adobe AIR - Update to version version 1.5.3.1930.
- 2/11/10 OpenOffice.org - Update to version 3.2.
- 2/10/10 Google Chrome - Update to version 4.0.249.89. See advisory.
- 2/9/10 Microsoft Products - Install updates.
- 1/25/10 Google Chrome - Update to version 4.0.249.78. See advisory.
- 1/19/10 RealPlayer - Apply updates. See advisory.
- 1/19/10 Adobe Shockwave Player - Update to version 11.5.6.606. See advisory.
- 1/19/10 Windows - See article.
- 1/14/10 Internet Explorer - Emergency patch released 1/21/2010. See article.
- 12/15/09 Firefox - Update to version 3.5.6. See release notes.
- 12/14/09 Adobe Acrobat/Reader - Apply update released 1/12/10. Select "Check for Updates..." from the Help menu or visit Adobe Downloads. Remark.
- 12/4/09 Adobe Flash - Apply update to be released 12/8/09.
- 12/4/09 Adobe AIR - Apply update to be released 12/8/09.
- 12/4/09 Jasc Paint Shop Pro - Do not open untrusted .png files. Apply update when available. See advisory.
- 12/3/09 Adobe Illustrator CS3 and CS4 - Do not open untrusted .eps files. Apply update (released 1/7/10).
- 12/1/09 BlackBerry Professional Software - Apply service pack.
- 11/23/09 Internet Explorer 6 and 7 on Windows XP - Disable scripting or use an alternate browser until fixed (e.g., Firefox or Chrome). See advisory.
- 11/20/09 Opera 10.01 and earlier - Update to version 10.10 (released 11/23/09).
- 11/20/09 Internet Explorer 8 - See article.
- 11/11/09 Safari - Update to 4.0.4. See advisory.
- 11/10/09 Microsoft Products - Install updates. See advisory.
- 11/05/09 Google Chrome - Update to version 3.0.195.32. See advisory.
- 11/3/09 Java - Install version 6 update 17.
- 11/3/09 Adobe Shockwave Player - Update to version 11.5.2.602. See advisory.
- 11/3/09 BlackBerry Desktop v5 - Update to v5.0.1. See advisory.
- 10/28/09 Opera - Update to version 10.01. See release notes.
- 10/27/09 Firefox - Update to version 3.5.4. See release notes.
- 10/14/09 Foxit - Update to version 3.1.2.1013.
- 10/13/09 Microsoft products - Install updates. See advisory.
- 10/12/09 Skype - A vulnerability was fixed in the Extras Manager. Update to version 4.1.0.179.
- 10/8/09 Adobe Acrobat/Reader - Apply updates (released 10/13/09).
- 10/5/09 Windows - A security hole in a key cryptographic component of Windows makes all browsers on Windows (except Firefox) vulnerable to SSL certificate spoofing. (Apply the Microsoft updates released 10/13/09 to fix this problem.)
- 10/2/09 AOL SuperBuddy ActiveX - Disable or uninstall.
- 10/2/09 Google Apps - The Google Apps program in Google Pack (not the online service) has a security vulnerability in the mailto URI handler. Apply update when available. (Experts only.)
- 9/30/09 Google Chrome - Update to version 3.0.195.24. See advisory.
- 9/22/09 iTunes - Update to version 9.0.1.
- 9/15/09 Google Chrome - Update to version 3.0.195.21.
- 9/9/09 QuickTime - Apply update 7.6.4. See advisory.
- 9/9/09 Firefox - Update to version 3.5.3. See release notes.
- 9/8/09 Microsoft products - Install updates. See advisory.
- 9/3/09 Kaspersky Online Scanner - Uninstall until a fixed version is released.
- 9/1/09 Opera - Update to version 10.0. See advisory.
- 9/1/09 OpenOffice.org - Update to version 3.1.1. See advisory.
- 8/25/09 Google Chrome - Update to version 2.0.172.43. See advisory.
- 8/25/09 Symantec - Norton products not affected. See advisory.
- 8/19/09 Adobe Flex - Update to version 3.4. See advisory.
- 8/17/09 Adobe Cold Fusion and JRun - See advisory.
- 8/11/09 Safari - Update to 4.0.3. See advisory.
- 8/11/09 Microsoft products - Install updates. See advisory.
- 8/4/09 Java - Install version 6 update 15.
- 8/3/09 Firefox - Update to version 3.5.2.
- 8/1/09 Firefox 3.0.x and earlier - See advisory1 and advisory2.
- 7/28/09 Adobe Shockwave Player - Update to version version 11.5.1.601. See advisory.
- 7/24/09 Microsoft products - Patches were released via Windows Update on 7/28/09. The vulnerability is in Microsoft's Active Template Library (ATL) and affects the security of many third-party applications. See advisory.
- 7/22/09 Adobe AIR - Update to version 1.5.2 (released 7/31/09). See advisory.
- 7/22/09 Adobe Flash - Update to version 10.0.32.18 (released 7/30/09).
- 7/22/09 Adobe Acrobat/Reader 9 - Update to version 9.1.3 (released 7/31/09). See advisory.
- 7/17/09 Google Chrome - Update to version 2.0.172.37.
- 7/14/09 Microsoft products - Apply updates. See advisory.
- 7/14/09 Oracle products - Apply updates. See advisory.
- 7/13/09 Microsoft Office Web Components - See advisory.
- 7/13/09 Mozilla Firefox - Update to version 3.5.1 (released 7/16/09).
- 7/13/09 Microsoft Office Web Components - See advisory.
- 7/8/09 Safari - Update to version 4.0.2.
- 7/8/09 Adobe Cold Fusion - See advisory.
- 7/6/09 Microsoft Video ActiveX - Windows XP and Server 2003 users - Apply Windows Updates released 7/14/09.
- 6/23/09 Adobe Shockwave Player - Uninstall older versions, restart system, and then update to version 11.5.0.600 - See advisory.
- 6/22/09 Google Chrome - Update to version 2.0.172.33.
- 6/11/09 Mozilla Firefox - Update to version 3.0.11.
- 6/11/09 Mozilla Thunderbird - Update to version 2.0.0.22 when available.
- 6/11/09 Mozilla Seamonkey - Update to version 1.1.17.
- 6/9/09 Google Chrome - Update to version 2.0.172.31.
- 6/9/09 Java - Update to version 6 build 14.
- 6/9/09 Adobe Acrobat/Reader - See available updates.
- 6/9/09 Windows, Internet Explorer, and Microsoft Office - Apply updates. See article.
- 6/8/09 Safari - Update to version 4.
- 6/1/09 iTunes - Update to version 8.2.
- 5/28/09 Microsoft DirectShow - Apply Windows Updates released 7/14/09.
- 5/26/09 BlackBerry Products PDF Distiller - See advisory.
- 5/13/09 QuickTime - Apply update 7.6.2 released on 6/1/09. See advisory.
- 5/12/09 Safari - Update to version 3.2.3. See advisory
- 5/5/09 Google Chrome - Update to version 1.0.154.64. See advisory
- 4/27/09 Adobe Reader - Apply update released on 5/12/09. See advisory
- 4/27/09 Mozilla Firefox - Update to version 3.0.10.
- 4/21/09 Mozilla Firefox - Update to version 3.0.9.
- 4/21/09 Mozilla Thunderbird - Update to version 2.0.0.22 when available.
- 4/21/09 Mozilla Seamonkey - Update to version 1.1.16.
- 4/16/09 BlackBerry Products PDF Distiller - See advisory. Remark.
- 4/14/09 Windows, Internet Explorer, and DirectX - Apply updates. (IE8.)
- 4/2/09 Microsoft Office/PowerPoint 2003 and earlier - Do not open untrusted PowerPoint documents. Apply update released on 5/12/09. Remark 1. Remark 2. Article. Advisory.
- 3/25/09 Firefox - Update to version 3.0.8 (released March 28).
- 3/25/09 Java - Apply update.
- 3/9/09 Foxit - Apply updates. See article.
- 3/5/06 SupportSoft ActiveX - Disable or uninstall. (Experts only.)
- 3/4/09 Mozilla Firefox- Update to version 3.0.7.
- 3/3/09 Opera - Update to version 9.64. See advisory.
- 2/24/09 Microsoft Excel - Do not open untrusted Excel documents. Apply update when available. See advisory. (Remark 1. Remark 2.)
- 2/24/09 Adobe Flash Player - Update to the latest version. See advisory.
- 2/19/09 Adobe Acrobat/Reader - Do not open untrusted PDF documents. Apply update when available. See advisory. (Remark 1. Remark 2. Remark 3.)
- 2/10/09 Internet Explorer 7 - Apply updates.
- 2/5/09 RealPlayer 11 - Apply updates. See advisory.
- 2/4/09 Google Chrome -Update to version 1.0.154.48.
- 2/4/09 Mozilla Firefox - Update to version 3.0.6. (Remark.)
- 2/4/09 Mozilla Thunderbird - Disable Javascript and update to version 2.0.0.21 when available.
- 2/4/09 Mozilla SeaMonkey - Disable Javascript and update when available
- 2/2/09 Free Download Manager - Update to version 3.0 build 848.
- 1/21/09 QuickTime - Update to version 7.60.92.0.
- 12/16/08 Opera - Update to version 9.63.
- 12/16/08 Mozilla Firefox - Update to version 3.0.5. (Remark.)
- 12/16/08 Mozilla Thunderbird - Disable Javascript and update to version 2.0.0.19 when available.
- 12/16/08 Mozilla SeaMonkey - Update to version 1.1.14.
- 12/9/08 Internet Explorer - A serious XML vulnerability was NOT patched in the monthly Microsoft updates today. It is currently being exploited by malicious web sites. Apply update to be released at 1pm EST on 12/17/08.
- 12/4/08 Trillian - Update to version 3.1.12.0.
- 12/3/08 Java - See advisory.
- 11/27/08 BlackBerry Desktop Software - See advisory.
- 11/24/08 Nero ShowTime - Do not open untrusted .m3u files. Apply updates to Nero as they become available.
- 11/20/08 BitDefender - See advisory.
- 11/17/08 Adobe AIR - Update to version 1.5. (Remark: Adobe AIR is installed automatically with Adobe Acrobat Reader 9. Uninstall Adobe AIR if you do not use it.)
- 11/13/08 Apple Safari - Update to version 3.2.
- 11/12/08 Mozilla Firefox - Update to version 3.0.4. (Remark.)
- 11/12/08 Mozilla Thunderbird - Disable Javascript and update to version 2.0.0.18 when available.
- 11/12/08 Mozilla SeaMonkey - Update to version 1.1.13.
- 11/4/08 Adobe Acrobat/Reader - Update to version 8.1.3 or 9.0.
- 10/29/08 Adobe PageMaker - See advisory.
- 10/29/08 OpenOffice.org - Update to version 2.4.2 or version 3.0.
- 10/27/08 Opera - Disable Javascript and update to version 9.62 when available.
- 10/23/08 Microsoft Windows - Manually run Windows Update immediately.
- 10/21/08 Opera - Update to version 9.61. (See advisories 903, 904, and 905.)
- 10/21/08 F-Secure products - See advisory.
- 10/8/08 Opera - Update to version 9.60 or later.
- 9/23/08 Mozilla Firefox - Update to version 2.0.0.17 or version 3.0.2.
- 9/23/08 Mozilla Thunderbird - Disable Javascript until version 2.0.0.17 is available.
- 9/23/08 Mozilla Seamonkey - Update to version 1.1.12.
- 9/9/08 QuickTime - Update to version 7.5.5.
- 8/29/08 VMWare - See advisory.
- 8/25/08 Novell iPrint - See advisory.
- 8/20/08 Opera - Update to version 9.52. See advisory.
- 8/11/08 uTorrent and Bittorrent Mainline - Update to version 1.8 RC7.
- 8/6/08 Webex Meeting Manager ActiveX - Remark.
- 7/25/08 RealPlayer - See advisory.
- 7/16/08 Firefox - Update to version 2.0.0.16 or version 3.0.1.
- 7/9/08 Java - Apply update.
- 7/7/08 Snapshot Viewer ActiveX Control - See advisory.
- 7/3/08 Opera - Update to version 9.51.
- 7/1/08 Firefox 2 - Update to version 2.0.0.15 or version 3.0.
- 6/19/08 Safari - Update to version 3.1.2. Browse only trusted web sites.
- 6/23/08 Adobe Reader and Acrobat - Apply update.
- 6/19/08 Safari - Update to version 3.1.2. Browse only trusted web sites.
- 6/17/08 Firefox - Browse only trusted web sites. See remark and advisory.
- 6/10/08 QuickTime - Update to version 7.5. See advisory.
- 6/10/08 OpenOffice.org - Update to version 2.4.1.
- 6/3/08 HP Support ActiveX Control - Update to version 1.0.0.24 or later. See advisory.
- 5/21/08 Trillian - Update to version 3.1.10.0.
- 4/8/08 Adobe Flash Player - Update to version 9.0.124.0.
- 4/8/08 Windows and Internet Explorer - Apply Microsoft Updates.
- 4/3/08 Opera - Update to version 9.27.
- 4/2/08 QuickTime - Update to version 7.4.5.
- 3/25/08 Firefox - Update to version 2.0.0.13.
- 3/21/08 Safari - Browse only trusted web sites.
- 3/17/08 Safari - Update to version 3.1.
- 3/17/08 F-Secure - Apply updates. See advisory.
- 3/10/08 RealPlayer ActiveX - Update to version 11.0.2.
- 3/4/08 Java - Install JRE 6 Update 5.
- 2/7/08 Firefox - Update to version 2.0.0.12.
- 2/3/08 Adobe Acrobat 7 and Adobe Reader - Update to version 8.1.2.
- 2/3/08 Yahoo! Music Jukebox 2.2.2.56 - Disable or uninstall the datagrid.dll and mediagridax.dll ActiveX controls. (Experts only.)
- 2/3/08 Facebook Photo Uploader ActiveX - Update to version 4.5.57.1.
- 1/31/08 MySpace Image Uploader - Disable or uninstall the MySpaceUploader.ocx ActiveX. (Experts only.)
- 1/15/08 Excel - Open only trusted Excel files. See advisory.
- 1/15/08 iPhone/iPod - Update to version 1.1.3 or later.
- 1/11/08 QuickTime - Update to QuickTime version 7.4. See advisory. (Remark.)
- 1/10/08 QuickTime - See advisory.
- 1/8/08 Gateway - Disable or uninstall the CWebLaunchCtl ActiveX. (Experts only.)
- 1/8/08 Web Warning - See article.
- 1/3/08 RealPlayer 11.x - Apply update when available. Recommendations.
- 12/19/07 Opera - Update to version 9.25.
- 12/21/07 Adobe Flash - Recommendations. Set Flash to store no content in the Flash Settings Manager
- 12/12/07 HP Info Center - Disable or uninstall the HPInfoDLL.HPInfo.1 ActiveX. (Experts only.)
- 12/11/07 Internet Explorer - Apply update.
- 12/7/07 Sun StarOffice/StarSuite - Apply patch.
- 12/6/07 Skype - Update to version 3.6 or later.
- 11/27/07 Lotus Notes - See advisory.
- 11/24/07 QuickTime - Update to 7.3.1. (See article.)
- 11/20/07 BitDefender Online Scanner ActiveX - See advisory.
- 11/9/07 AOL Radio ActiveX - AOL and AIM software users will be prompted to upgrade. Others should install patch or uninstall the AmpX.dll ActiveX control. (Experts only.)
- 11/5/07 QuickTime - Update to version 7.3.
- 11/5/07 Edraw - Disable or uninstall the EDImage.ocx ActiveX. (Experts only.)
- 11/1/07 Sonic Wall SSL VPN ActiveX - See advisory.
- 10/30/07 Macrovision - See advisory.
- 10/22/07 Adobe Reader - Download patch.
- 10/19/07 RealPlayer - Download patch.
- 10/18/07 Visual FoxPro ActiveX - Disable FPOLE.OCX ActiveX control immediately. Apply updates when available. (Experts only.)
- 10/17/07 Opera - Update to version 9.24 or later.
- 10/11/07 Winamp - Update to version 5.5 or later.
- 10/10/07 Kaspersky Online Scanner - Update to version 5.0.98.0.
- 10/10/07 Adobe PageMaker 7.0.1 and 7.0.2 - See advisory.
- 10/9/07 Word 2000 (Office 2000) and Word 2002 (Office XP) - Apply update.
- 10/4/07 Java - Apply update.
- 10/3/07 Kazaa Altnet Download Manager ActiveX - Disable or uninstall (Experts only.)
- 10/2/07 Edraw - Disable or uninstall the officeviewer.ocx ActiveX. (Experts only.)
- 9/25/07 Gmail - Check your filters. (Comment.)
- 9/24/07 Gmail and Google Blogspot polling - Use Firefox together with NoScript. (Comment.)
- 9/24/07 Ask Toolbar - Disable or uninstall the Ask Toolbar for IE. (Experts only.)
- 9/18/07 VMware - Apply update.
- 9/17/07 OpenOffice.org - Update to version 2.3 or later.
- 9/12/07 QuickTime - Firefox users should install NoScript. (Comment.) IE users should set Local zone security to High. Do not open untrusted QuickTime files. (Comment.)
- 9/4/07 iTunes - Update to version 7.4 or later. (Experts only.)
- 9/4/07 QuickBooks Online Edition ActiveX controls - Update to version 10 or later. (Experts only.)
- 8/29/07 Yahoo! Messenger - Update to version 8.1.0.419 or later.
- 8/28/07 MSN Messenger - Upgrade to Windows Live Messenger version 8.1 or later.
- 8/28/07 Oracle JIntiator ActiveX control (beans.ocx) - Apply updates when available. (Experts only)
- 8/28/07 BEA JRockit - Apply patches.
- 8/27/07 Motorola Timbuktu Pro - Update to version 8.6.5 or later.
- 8/27/07 ACTi NVR ActiveX - Apply updates when available. (Experts only.)
- 8/15/07 Opera - Update to version 9.23 or later.
- 8/10/07 Microsoft DirectX SDK - FlashPix ActiveX contains a vulnerability. (Experts only.)
- 8/9/07 Symantec - Users of certain 2005 and 2006 products should run LiveUpdate. (See advisory.)
- 7/24/07 Yahoo! Widgets - Update to version 4.0.5 or later.
- 7/24/07 Windows URI vulnerability - Browse only trusted web sites. Click only on trusted links. (Experts only.)
- 7/24/07 LinkedIn Internet Explorer Toolbar version 3.0.2 and earlier - Uninstall immediately.
- 7/19/07 Opera - Update to version 9.22 or later.
- 7/18/07 DirectX - Update to October 2006 SDK or later.
- 7/17/07 Firefox - Update to version 2.0.0.5 or later.
- 7/17/07 Netscape 9.0b2 / Internet Explorer cross-browser vulnerability - Browse only trusted web sites. Apply updates when available. (Experts only.)
- 7/16/07 Trillian - Browse only trusted web sites. (Experts only.)
- 7/16/07 InterActual Player 2.x - Apply updates when available. (Experts only.)
- 7/16/07 Cineplayer 3.2 and earlier - Apply updates when available. (Experts only.)
- 7/11/07 Symantec - Consumer product users can run LiveUpdate. (See advisory.)
- 7/11/07 QuickTime - Update to version 7.2 or later.
- 7/10/07 Adobe Flash Player - Update to version 9.0.47.0 or later.
- 7/10/07 Firefox 2.0.x / Internet Explorer cross-browser vulnerability - Browse only trusted web sites. Keep Firefox running when using IE. Apply updates when available. (Experts only.)
- 7/5/07 Java - Apply Java 6 update 2 patch (or Java 5 update 12 patch).
- 7/2/07 HP Instant Support Driver Check ActiveX (sdd.dll) - Upgrade to version 1.5.0.3 or later at www.hp.com/go/drivercheck.
- 6/27/07 HP Photo Digital Imaging ActiveX control (hpqxml.dl, version 4.0.0.204 or earlier) - Apply updates when available. (Experts only.)
- 6/18/07 Trillian - Update Trillian to version 3.1.6.0 or later.
- 6/7/07 Yahoo! Messenger - Upgrade to the latest version.
- 5/8/07 Microsoft Excel - Apply updates.
- 5/2/07 QuickTime - Update your QuickTime software to version 7.1.6 or later.
- 4/25/07 Photoshop CS2 and CS3 - Apply updates.
- 4/3/07 Windows - Apply updates.
- 3/21/07 WinDVD 7 - Upgrade to version 8 or later. (Experts only.)
- 3/21/07 Cineplayer 3.2 and earlier - Apply updates when available. (Experts only.)
- 3/12/07 Yahoo! Messenger - Upgrade to the latest version.
- 2/23/07 Mozilla products (Firefox, Thunderbird, and SeaMonkey) - Upgrade to latest versions.
- 2/14/07 Microsoft Word - Apply updates.
- 2/13/07 Internet Explorer all versions - Apply updates.
- 2/2/07 Office - Apply updates.
- 1/16/07 Java - Apply updates.
- 1/9/07 Windows XP, Windows Server 2003, Windows 2000 and Internet Explorer (all versions) - Apply updates.
- 1/9/07 Adobe Reader - Update to version 7.0.9 or later.
This problem is solved if you set the
kill bit for the problem ActiveX control:
{9b935470-ad4a-11d5-b63e-00c04faedb18}
kill bit for the problem ActiveX control:
{9b935470-ad4a-11d5-b63e-00c04faedb18}
This problem is solved if you set the
kill bit for the problem ActiveX control:
{201EA564-A6F6-11D1-811D-00C04FB6BD36}
kill bit for the problem ActiveX control:
{201EA564-A6F6-11D1-811D-00C04FB6BD36}
This problem is solved if you disable the
URI handlers firefoxurl:// and firefoxhtml://.
URI handlers firefoxurl:// and firefoxhtml://.
This problem is solved if you disable the
aim:// URI handler.
aim:// URI handler.
Disable unnecessary URI handlers, such as “mailto”, “news”, “nntp”, “snews”, and “telnet”.
This and other recent QuickTime vulnerabilities posted here allow malicious QuickTime files found on web pages, emails, blogs, IMs, etc. to install viruses and backdoor software onto your computer. If you are not an iTunes, iPod, or iPhone user and do not need QuickTime, it would be safer to uninstall QuickTime and iTunes from your computer.
Firefox developers fixed this threat from QuickTime with the Firefox 2.0.0.7 release on 9/19/07. However, it is still a good idea to use NoScript since it protects against cross-site scripting (XSS) attacks and disables Javascript on untrusted web pages.
To prevent re-enabling or reinstallation,
set the kill bit for the problem ActiveX control:
AskJeevesToolBar.SettingsPlugin.1 (askBar.dll)
set the kill bit for the problem ActiveX control:
AskJeevesToolBar.SettingsPlugin.1 (askBar.dll)
Google fixed these cross-site scripting (XSS) vulnerabilities very quickly. However, using Firefox 2.0.0.7 or later together with NoScript protects against these types of attacks.
This attack adds a filter to forward your email to another email address. (Check your filters!) Using Firefox 2.0.0.7 or later together with NoScript protects against these types of attacks (provided you do not allow scripts to run on the untrusted web site!).
To prevent re-enabling or reinstallation,
set the kill bit for the problem ActiveX control:
{6BA21C22-53A5-463F-BBE8-5CF7FFA0132B}
set the kill bit for the problem ActiveX control:
{6BA21C22-53A5-463F-BBE8-5CF7FFA0132B}
To prevent re-enabling or reinstallation,
set the kill bit for the problem ActiveX control:
{DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2}
set the kill bit for the problem ActiveX control:
{DEF37997-D9C9-4A4B-BF3C-88F99EACEEC2}
To prevent re-enabling or reinstallation,
set the kill bit for the FPOLE.OCX ActiveX control:
{EF28418F-FFB2-11D0-861A-00A0C903A97F}
set the kill bit for the FPOLE.OCX ActiveX control:
{EF28418F-FFB2-11D0-861A-00A0C903A97F}
To prevent re-enabling or reinstallation,
set the kill bit for the problem ActiveX control:
{F685AFD8-A5CC-410E-98E4-BAA1C559BA61}
set the kill bit for the problem ActiveX control:
{F685AFD8-A5CC-410E-98E4-BAA1C559BA61}
Click to download the patch from AOL.
To prevent re-enabling or reinstallation
of the AOL Radio ActiveX control,
set the kill bit for the AmpX.dll ActiveX control:
{B49C4597-8721-4789-9250-315DFBD9F525}
of the AOL Radio ActiveX control,
set the kill bit for the AmpX.dll ActiveX control:
{B49C4597-8721-4789-9250-315DFBD9F525}
To prevent re-enabling or reinstallation,
set the kill bit for the HPInfoDLL.HPInfo.1 ActiveX control:
{62DDEB79-15B2-41E3-8834-D3B80493887A}
set the kill bit for the HPInfoDLL.HPInfo.1 ActiveX control:
{62DDEB79-15B2-41E3-8834-D3B80493887A}
Google researchers have apparently found a very serious unpatched vulnerability in Adobe Flash content that allows injection of malicious code for the purpose of a cross-site scripting (XSS) attack. What this means is that on your bank web site, a hijacked Flash animation can email your bank web site cookie to an attacker's email address, allowing the attacker to log on as you at your bank's web site, and similarly for email web sites, shopping web sites, and so on.
Our recommendation is to update to the very latest version of Flash (9.0.115), but then disable all Flash content unless it is mission critical. In Firefox, use the NoScript plug-in and set the preferences to block Flash on all sites, INCLUDING trusted sites. You can then click the NoScript logo on a web page to allow Flash content to run on an individual basis.
Make sure RealPlayer is not your default media player for any media file types. Do not open media files sent to you by email, IM, or from untrusted web sites (such as file sharing sites where they could come from anybody). Browse only trusted web sites.
This update fixes many critical issues with QuickTime, but does not appear to fix the critical issue mentioned on 1/10/08. Please be careful with QuickTime files. Call us for help running the program in a safer manner.
This code execution vulnerability affects Firefox 2.0.x and the newly released Firefox 3.x. This vulnerability may not be publicly known, but nevertheless you should browse only trusted web sites and apply Firefox updates as they become available.
This is a serious vulernability. If you've used Webex before and may have the ActiveX installed, delete the ActiveX, or start a new meeting to update to the latest version: 20.2008.2606.4919.
Firefox 2 security updates will not be released after December 2008. If you still use Firefox 2, visit www.mozilla.com to download the latest version of Firefox.
SOME of the exploits for this Adobe vulnerability make use of Adobe Javascript. To disable Adobe Javascript, open your Adobe Acrobat/Reader program, click the Edit menu, select Preferences, select JavaScript, and then uncheck Enable Acrobat Javascript.
OTHER exploits do not use Adobe Javscript at all! Therefore everyone must exercise extreme caution when opening newly received Adobe PDF documents until Adobe releases a fix for this problem. Adobe claims the fix will be ready by March 11, 2009, but with exploits currently in circulation, this will come weeks too late for many.
By midday on 4/17/09, the Interim Security Software Update 3 for the BlackBerry Professional Software had not yet been added to the BlackBerry web site.
The exploits likely use Adobe Javascript. To disable Adobe Javascript, open your Adobe Acrobat/Reader program, click the Edit menu, select Preferences, select JavaScript, and then uncheck Enable Acrobat Javascript.
Even if after disabling Javscript, exercise caution when opening newly received Adobe PDF documents until Adobe releases a fix for this problem.
If you must open an untrusted document before the vulnerability has been patched, create a separate, non-administrator computer account and open the document from within that account. Even if the document does contain a virus and/or crashes the program, there will be significantly less risk to your computer's operating system as well as the data in your other computer accounts.
OpenOffice.org is an alternative program for opening and editing most Microsoft Office documents. If you use OpenOffice.org, make sure to get the latest version and to keep the program up-to-date. Alternatively, upload your Microsoft Office documents to a Google Docs account to view the contents.
One option is to upload your Adobe PDF documents to a Google Docs account and view the PDF as an image. You can right-click the PDF image to print it, but the print quality will not be the same as if you printed from within Adobe Acrobat/Reader.
To prevent re-enabling or reinstallation,
set the kill bit for the problem ActiveX control:
{93CEA8A4-6059-4E0B-ADDD-73848153DD5E}
set the kill bit for the problem ActiveX control:
{93CEA8A4-6059-4E0B-ADDD-73848153DD5E}
To prevent re-enabling or reinstallation,
set the kill bit for the problem ActiveX control:
{48DD0448-9209-4F81-9F6D-D83562940134}
set the kill bit for the problem ActiveX control:
{48DD0448-9209-4F81-9F6D-D83562940134}
To prevent re-enabling or reinstallation,
set the kill bit for the problem ActiveX controls:
{5F810AFC-BB5F-4416-BE63-E01DD117BD6C} and
{22FD7C0A-850C-4A53-9821-0B0915C96139}
set the kill bit for the problem ActiveX controls:
{5F810AFC-BB5F-4416-BE63-E01DD117BD6C} and
{22FD7C0A-850C-4A53-9821-0B0915C96139}
To prevent re-enabling or reinstallation,
set the kill bit for the problem ActiveX control:
{01110800-3E00-11D2-8470-0060089874ED}
set the kill bit for the problem ActiveX control:
{01110800-3E00-11D2-8470-0060089874ED}
You can remove the mailto functionality by saving and then deleting the registry key
HKEY_CLASSES_ROOT\GoogleApps.Url.mailto
After Google Apps is updated to fix this issue, this registry key can be restored.
HKEY_CLASSES_ROOT\GoogleApps.Url.mailto
After Google Apps is updated to fix this issue, this registry key can be restored.
Adobe no longer provides security updates for Acrobat and Adobe Reader version 7 and earlier, and so it is no longer safe to use these programs. If you only use Adobe Reader, simply install the latest version from www.adobe.com. If you also have an older version of Adobe Acrobat installed, uninstall it and choose an alternate program for generating PDF documents. You can upgrade to Acrobat 10 when Adobe releases CS5 in the first half of 2010.
Get email or text message notifications of new items added to this page!
Click to our Twitter page and sign in to follow us!
Click to our Twitter page and sign in to follow us!
Click to add our “Security Alerts” RSS Feed to your Toolbar.
Click to email “subscribe@ask-4-help.com”.
(You do not need to include a subject or body.)
(You do not need to include a subject or body.)