Loading....

[Critical] Vulnerabilities In Adobe Reader and Acrobat | Affects Linux, Macintosh, and Windows

Acrobat Vulnerability

Critical security vulnerabilities in Adobe Acrobat and Adobe Reader have been identified and Adobe has issued a security advisory.  These are being actively exploited in the wild by sending users malicious PDF files.

This affects users of Linux systems, Macs, or Windows.

Told You So

Adobe is recommending users enable Protected View  via Edit > Preferences > Security (Enhanced).

Reader/Acrobat Protected View
Protected View | Click to Enlarge

Unfortunately, this security feature is not enabled by default.  Thanks, Adobe.

This is one of the many reasons we recommend using SumatraPDF (via Ninite.com).  It is lightweight, functional, and it’s one additional layer of protection against attacks.

For clients on our System Monitoring w/ Patch Management service, we will be addressing this issue for you.

Speedtest.net Recently Compromised

Speedtest.net

The most popular internet speedtest site, Speedtest.net, was recently compromised.  They have since fixed the issue and the site is no longer infected, but if you visited the site within the last few days and if you have Java installed, lookout.

Invincea has a fantastic dissection of the payload the infected site was delivering.  This is a great opportunity to discuss how completely legitimate websites – e.g. Speedtest.net – can infect your system.  It doesn’t have to be a *questionable* website or suspicious email that leads to infection.  Websites can be compromised in any number of ways and commonly, 3rd party ads on websites are how malicious activity can sneak-in.

There is no single solution to security.  Security is a multi-layered approach.  With AdBlock and NoScript installed, you’re knocking off a good chunk of attacks before they even get a chance to start.  By running ESET Nod32 antivirus and Malwarebytes’ Anti-Malware Pro, you’re giving your system the best chance at fighting off anything that makes its way onto your system.  Changing your DNS to a faster and more-secure service, such as Google Public DNS, Comodo, or OpenDNS, helps keep the pool of sites you bump into, as safe as possible.  A hardware firewall, updated applications (and only essential applications installed), and user-awareness add to the security sandwich.

So keep your wits about ya, folks.  Don’t think that just because you’re browsing legitimate sites, you’re not vulnerable to attack.

For those interested in an alternative to Speedtest.net, there is an HTML5/no Java/no Flash service provided by SpeedOf.Me.

ESET Nod32 Version 6 Released Today

ESET Nod32 Version 6

ESET Nod32 Version 6 was released today.  By default, ESET Nod32 does not check for and install new program updates automatically.  For any clients on our Monthly Support Plan or any clients who have purchased consignment workstations or database servers from The Computer Peeps and as per PCI DSS, this is one of the many adjustments we make to properly secure your system.  Your systems will update automatically.

To manually check for program updates, visit the Updates tab of ESET and then click the Check button.  ESET will check for the latest update…

ESET Manually Check for Updates
ESET Manually Check for Updates

[hr]

[info_box style=”notice”]Tip: Setup > Enter Advanced Setup > Update > Advanced Update Setup > Setup to enable the Regularly check for latest product version option, as well as the ‘Always update program components’ option.[/info_box]

[hr]

Once ESET has checked and found the latest update, click Install

ESET Nod32 Install Update
ESET Nod32 Install Update

ESET will require a reboot once this update has been installed…

ESET Restart Recommended
ESET Restart Recommended

The new version is for the most part, the same as version 5 and is not a complete departure.  That being said, ESET has added handy new features and optimized program performance even more than before.

They’ve added a new Social Media Scanner, which we highly recommend enabling and installing.

ESET Social Media Scanner
ESET Social Media Scanner

You’ll be prompted to install ESET’s Facebook app…

ESET Facebook App
ESET Facebook App

This new extension of ESET, protects your Facebook page by scanning for malicious posts, links, and messages.  It can even alert your friends, if they have malicious content on their Facebook walls.

ESET Facebook App Scan
ESET Facebook App Scan

The settings available cover options such as email notifications and whether or not the ESET app should ‘reply’ to posts from infected/malicious posters…

ESET Facebook App Settings
ESET Facebook App Settings

Overall, this has been a smooth update thus far.  Make sure your antivirus is updating automatically, but as always, make sure you’re taking all the precautions to manage your systems – e.g. file backups, system images, database backups, etc.

For clients on our new System Monitoring & Patch Management Service, we’ll be alerted as each system automatically updates to the latest version of ESET and we will be checking on each and every system…

Peeps' System Monitor ESET Nod32 Installation Alert
Peeps’ System Monitor ESET Nod32 Installation Alert

If you have any questions or comments, feel free to post below!

Malwarebytes Update, New Look

Malwarebytes

This week, Malwarebytes released v1.70 which brings with it a slightly updated look.  The interface and program are still the same, but they’ve implemented their new logo/color palette throughout the application.

Before:

 

Malwarebytes' Anti-Malware Pro (Old Icon)
Malwarebytes’ Anti-Malware Pro (Old Icon)

After:

 

Malwarebytes' Anti-Malware Pro (New Icon)
Malwarebytes’ Anti-Malware Pro (New Icon)

We just wanted to point this out so everyone running Malwarbytes’ Anti-Malware Pro knows MBAM is still running and protecting your system; it’s just no longer using the traditional red ‘M’ icon.

Back To Top