|
|
Week in Review - Ending 26/10/2007 |
|
Date: 26 October 2007 Original URL: http://www.auscert.org.au/render.html?cid=7066&it=8271 Greetings, This week we have seen the vulnerability in the Microsoft ShellExec() function being exploited via the "mailto" URI handler using PDF files in Adobe Acrobat and Reader. Refer to our bulletin ESB-2007-0824 for more details. While we are on the topic of products actively being exploited, we should also mention that RealPlayer has been targeted and they have released an update to address this which we refer to in ESB-2007-0823. Mozilla have advised that they are planning on releasing Firefox 2.0.0.9 next week to fix some more security issues discovered from the 2.0.0.8 release. Regards, Zane |