NYU Wordpress Theme

Flash Plug-In Vulnerability

A critical vulnerability (CVE-2016-1019) exists in Adobe Flash Player 21.0.0.197 and earlier versions for Windows, Macintosh, Linux, and Chrome OS.  The vulnerability allows an attacker to send booby-trapped content to a browser’s Flash plug-in that may cause the browser to crash, and will also hand over control to the hacker in the process. This type of exploit is known as Remote Code Execution (RCE) or drive-by-download or drive-by-install and is a common method of malware installation.

Adobe recommends users update their installs to the newest version. Please see the following for more information on affected versions and solutions:
https://helpx.adobe.com/security/products/flash-player/apsb16-10.html

It is recommended that Flash is kept up to date and that users utilize their browser’s click-to-play function (a/k/a ask to activate), so Flash content does not run without a user realizing it. For more information on how to activate this for your browser(s), please see:
https://www.grahamcluley.com/2015/06/enable-click-play-adobe-flash/

To read the Adobe Security Advisory, please see:
https://helpx.adobe.com/security/products/flash-player/apsa16-01.html

Advisory: Apple QuickTime (PC Version)

Trend Micro has found two critical flaws (heap corruption remote code execution vulnerabilities) in Apple’s PC version of QuickTime that could allow hackers to take over computers. Rather than putting out a fix, Apple recently advised that it will no longer support QuickTime for Windows, and provided the following instructions for removal:

https://support.apple.com/en-us/HT205771

The U.S. Computer Readiness Team (US-CERT) has advised users to remove QuickTime for Windows from their PC’s. Users of QuickTime on Apple OS do not need to do anything.
Clients of NYU IT Desktop Services will have this taken care of for them. Department or School System Administrators will need to perform similar steps if they run Active Directory, or will need to advise clients to remove QuickTime manually. For home computers, or if you’re in a department that does not have local support, you can follow the instructions from Apple, above.

For more information on the vulnerabilities please see:
http://zerodayinitiative.com/advisories/ZDI-16-241/ & http://zerodayinitiative.com/advisories/ZDI-16-242/

For additional information, please see:
https://www.us-cert.gov/ncas/alerts/TA16-105A
http://krebsonsecurity.com/2016/04/us-cert-to-windows-users-dump-apple-quicktime/
http://blog.trendmicro.com/urgent-call-action-uninstall-quicktime-windows-today/

Badlock Security Bug

Badlock is a recently-announced security bug in Windows and Samba. Though few details have been released, it is thought to affect Server Message Block (SMB), the protocol used to read and write files over a local network. Please note that machines running Linux and OS X may provide services through Samba. Staff that administer those systems should check the full release info tomorrow for more details.

Patches will be released tomorrow by 17:00 UTC. Microsoft typically releases patches at this time, on “Patch Tuesdays”, so Microsoft’s patches will likely be available. For typical desktop/laptop users, just make sure that you allow the patch to be applied as normal, and allow the machine to reboot.

For admins running systems that use Samba for SMB shares, patches will be available for Samba 4.4, Samba 4.3, and Samba 4.2. It is recommended that Samba users upgrade to version 4.4.0. Samba 4.1 and below are discontinued, and are not eligible for security fixes. However, some vendors may backport patches.

For more information, please see: