Adobe patches hole
Adobe issued a critical update on Tuesday, plugging a serious zero-day vulnerability in Acrobat Reader that was being exploited by attackers, according to SearchSecurity.com. Hackers have been spreading malicious PDF files in targeted attacks in an attempt to exploit a processing error in Adobe Acrobat Reader 8 and 9, which results in a buffer overflow. If successfully exploited, the flaw could give attackers access to critical system files.
"This vulnerability would cause the application to crash and could potentially allow an attacker to take control of the affected system," Adobe said in its security bulletin.
Solid-state disks boost server performance
Solid-state disks have begun to show up in x86 servers because they are more power efficient, reliable and higher performing than spinning hard disks, but the compromise is capacity, according to SearchServerVirtualization.com. Hewlett-Packard Co. plans to offer solid-state disks (SSD) in its blade servers, and Sun Microsystems Inc. plans to offer SSD in x86 servers within weeks. Last year, IBM became the first major vendor to ship SSD in its blade servers.
Microsoft patches critical Windows flaws
Microsoft released three bulletins on Tuesday that addressed the patching of eight critical vulnerabilities in the Windows kernel, according to SearchSecurity.com. The flaws in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008 include remote code execution vulnerability and two elevation of privilege vulnerabilities. The errors in the kernel graphics could have been used by an attacker to install programs, change and delete data, or create new accounts with full user rights.
Check out yesterday's IT channel briefs.