Posts tagged Mac

How to: Access another users Calendar in Kerio Connect 7 Mail Server

May 27th

Posted by stephen in Kraya

1 comment

Accessing a colleagues Calendar in Kerio Connect 7 Mail Server couldn’t be simpler:

Firstly, that user must share their Calendar with you, see How to: Share your Calendar in Kerio Connect 7 Mail Server

If you’re using Web-mail:

At the top left hand corner, right click on your own email address

From the drop down menu select ‘subscribe shared folders’

A pop up box will appear, enter the full email address of the user whos calendar you want to access and press enter.

The system will now show a list of folders which this user has decided to share with you. If no options are displayed, either the user has not shared any folders with you or the email address entered is incorrect.

Click the check box next to the folders you wish to subscribe to and press enter.

At the very bottom of your mail account you should now have a new folder with that staff member’s account and the folders they have shared with you

Expand this folder and this staff member’s calendar folder will be displayed.

If you’re using Outlook 2007:

Right click on your mailbox on the right hand side of the screen it will say Mailbox – YOUR NAME
from the Menu select ‘Properties for Mailbox – Your Name’

A pop up box will appear and you should select the folder mapping tab

Next click on configure

Choose the add button and enter the full email address of the user who’s calendar you want to access and press enter.

If the user can not be found you will receive an error message.

The email address entered should now be displayed on the list.

Click ok and close the open boxes.

You will now see that on the left hand side of the screen a new mail box has appeared with the email address of the person which you have added.

If you now click onto your calendar you will see under ‘my calendars’ there is now an option to view that member of staff’s calendar as well.

Clicking on each of the calendars you can view more than one side by side, simply by clicking on the check boxes next to the calendars name.

7, Access, Add, allow, CalDav, Calendar, Calendars, collaboration, connect, Edit, Editor, how to, iCal, Kerio, kerio connect, Kerio MailServer, KMS, krayatec. kraya, Mac, Mail Server, Outlook, program, Read Only, Reader, Share, sharing, user, username, users, Web Mail, webmail, your

How to: Share your Calendar in Kerio Connect 7 Mail Server

May 27th

Posted by stephen in Kraya

3 comments

Sharing your Calendar in Kerio Connect 7 Mail Server couldn’t be simpler:

If you’re using Web-mail:

Log into web-mail.

Right click your personal calendar, it will be shown as a folder on the left of the screen.

When you right click a menu will appear, choose access rights.

A small pop up box will appear, if it doesn’t check you’re pop up blocker settings.

Click add in the top right of the box.

Another smaller pop up box should now appear.

To give access rights to everyone to view your own calendar, click on sharing type and a drop down menu should appear.

Click “all users from Domain”. The Domain field should automatically complete with your company’s domain, so simply press OK. This will give all users access to view your calendar.

If you only want a particular user to have access to your calendar, go to add then pick user, and in the user-name box enter that particular persons full email address and press OK. This will only give that user access to your calendar.

Once you have added a user (or group of users) you must now select the level of access they should have from the drop down menu, select Reader for Read Only Access, Editor to allow them to Edit and Add to your Calendar.

If you’re Using Outlook 2007

Right click on your calendar and choose properties, a pop up box will appear.

Click onto the ‘folder sharing’ tab, in this box is a list of users who currently have access to view your calendar.

Click on the add button and a box named folder sharing should appear.

In this box click ‘allow access to folder for:’ and a drop down menu should appear.

Just as for the web-mail above, if you want a single user to have access to your calendar, click user and add the users full email address and hit OK.

If you want everyone to have access select ‘Authenticated user from Domain’ and hit OK.

Once you have added a user (or group of users) you must now select the level of access they should have from the drop down menu, select Reader for Read Only Access, Editor to allow them to Edit and Add to your Calendar.

If you are using another collaboration program including iCal on mac or CalDav, We suggest you share your calendar via the Web Mail Service.

If you wish to access colleagues calendar read: How to: Access another users Calendar in Kerio Connect 7 Mail Server

Adobe update – excessive traffic to ardownload.adobe.com

Dec 16th

Posted by stephen in Rants

No comments

Adobe has not been without its problems of late, and whilst there have been security issues that could have lead to losses, so far none of our clients have suffered financially from Adobe’s failings. Until now that is.

One of our Clients had their ADSL cut off this week as they had exceeded the usage policy. Why? Adobe Update Manager on one Windows XP PC had decided to download over 70GB of data over the course of a 7 day period. It would appear that it was getting itself in a loop and just kept trying to update continuously, 70GB worth of continuously.

The Adobe website serves the update MSI binary files as content type Text/Plain, the Adobe Update client has a very short timeout and immediately opens another connection to re-start the download. Hence if there is a slow connection or the caching server does not return the whole file in a timely manner the Adobe Update client enters the infinite loop of retries, causing the excessive bandwidth consumption witnessed here.

There are several forum threads including on Adobe’s own site http://forums.adobe.com/thread/392129 all linking this issue to a conflict between and old version of WebMarshall and Adobe updater; however our machines do not use WebMarshall and we do not have it installed anywhere on our networks.

We do however use Squid caching on our CentOS 5 servers. The server in this instance seems to be fulfilling the requests on each occasion in a timely manner – the issue is that each time Adobe updater passes a URL it is different in key areas, which Squid interprets as a separate request. This is not abnormal and we have seen this before when we have tried to configure squid to cache Windows updates. However rather than enter a loop of requests, Windows updates simply fail. Other automatic updaters work well with caching systems and indeed most ISPs are now implementing different forms of web caching on their own networks. Dose this mean the Adobe issue is affecting them in the same way?

The issue seems to only affect PCs (or at least we have seen no affected Mac users as yet), and it also seems to affect most Adobe products.

For now Adobe and the ISPs have remained quiet on the issue, however we have 3 other clients (and my own home ADSL ) who cannot update Adobe at all, access to ardownload.adobe.com appears to have been blocked by the ISP. Quite when the Adobe update issue will be resolved is unknown; however we have also taken the decision to block access to ardownload.adobe.com from all of our networks, for the moment.

Richard, one of our Systems Admin Team has published a more detailed account of the technicalities involved here: http://richard.blog.kraya.co.uk/2009/12/16/a-big-adobe-problem/

abnormal, Adobe, Adobe products, Adobe update, Adobe Update client, Adobe Update manager, adobe updater, Adobe website, Adobe’s, ADSL, Apple, ardownload.adobe.com, automatic, bandwidth, bandwidth consumption, block, blocked, cache, caching, caching system, CentOS, CentOS 5, CentOS 5 servers, Clients, Computer, configure squid, conflict, connection, continuously, Cut off, data, download, exceeded, excessive, excessive bandwidth consumption, fail, failings, financially, fix resolve, GB, immediately, infinite loop, ISP, IT, Kraya, KrayaTec, loop, loop of requests, Mac, MSI binary files, PC, problems, resolved, retries, security issues, Server, serves, slow, Squid, Squid caching, Stephen, Stephen ramsay, suffered, support, timeout, to ardownload.adobe.com, traffic, update, update Adobe, update continuously, update MSI binary files, updater, updaters, Updates, URL, usage, users, web caching, Web Marshall, WebMarshall, Windows, Windows updates, XP

Security Bulletin – Adobe Reader and Acrobat

May 14th

Posted by stephen in Apple

No comments

Below is an update to Security Bulletin – Adobe – April 09

Adobe have published a new Security Bulletin and provided updates for Adobe Reader and Acrobat patches. These updates resolve the previously reported vulnerabilities in Adobe Reader 9.1 and Acrobat 9.1 and earlier versions. This vulnerability (CVE-2009-1492) would cause the application to crash and could potentially allow an attacker to take control of the affected system remotely and install Malicious code.

We have already recommended that user consider using alternatives to Adobe reader, this continues to be our current advice. However users still using Adobe should now update and install these patches as soon as practical.

Adobe recommends users of Adobe Reader 9.1 and Acrobat 9.1 and earlier versions update to Adobe Reader 9.1.1 and Acrobat 9.1.1. Adobe recommends users of Acrobat 8 update to Acrobat 8.1.5, and users of Acrobat 7 update to Acrobat 7.1.2. For Adobe Reader users who can’t update to Adobe Reader 9.1.1, Adobe has provided the Adobe Reader 8.1.5 and Adobe Reader 7.1.2 updates.

7.1, 7.1.2, 8, 8.15, 9.1, 9.1.1, Acrobat, Acrobat 7, Acrobat 7.1.2, Acrobat 8, Acrobat 8.1.5, Acrobat 9.1, Acrobat 9.1.1, Adobe, Adobe Acrobat, Adobe Reader, Adobe Reader 7.1.2, Adobe Reader 8.1.5, Adobe Reader 9.1, Adobe Reader 9.1.1, alternatives, Apple, Apple Mac, APSB09-06, attacker, Bulletin, current advice, CVE-2009-1492, CVE-2009-1493, earlier, install, Mac, Malicious code, Microsoft, patch, ramsay, Reader, remotely, resolve, Security, Security Bulletin, stephe, Stephen ramsay, system, take control, update, versions, Vulnerabilities, Vulnerability, Windows

Apple Security Update

May 14th

Posted by stephen in Apple

No comments

Apple have today issued a massive set of security updates for Mac OS X update to correct total of 67 security vulnerabilities. The unexpected and abrupt Apple Patch issue also includes patch to fix a number of security flaws in Safari Web browser on both Mac OS X and Microsoft Windows.

The OS X update fixes security vulnerabilities and flaws in a total of 31 different Apple components, including issues in open-source packages used by Apple. The updates also fix code execution vulnerabilities in several pieces of apple software. These are very similar to the vulnerabilities seen in Adobe and Microsoft products.

The detailed list of affected software, components is shown below and more information can be found on Apple’s support site. For ease of understanding I have combined a few of these into one.

An Important phrase you will get to know is ” may lead to execution of malicious code” this essentially means attackers could run a program on your computer that allows them to, well do anything they like, from taking note of your bank details to reeking havoc with your system configuration.

APPLE-SA-2009-05-12 Security Update 2009-002 / Mac OS X v10.5.7

Apache CVE-2008-2939
Affected: Mac OS X v10.4.11, Mac OS X Server v10.4.11
Details: An input validation issue exists in Apache’s handling of FTP proxy requests containing wildcard characters. Visiting a malicious website via an Apache proxy may result in an attack.

Apache CVE-2008-2939
Affected: Mac OS X v10.5, v10.5.6 & Mac OS X Server v10.5, v10.5.6
Details: Visiting a malicious website may allow an attack to run a malicious program.

Apache CVE-2008-0456
Affected: Mac OS X v10.5, v10.5.6 & Mac OS X Server v10.5, v10.5.6
Details: Web sites that allow users to control the name of a file may be vulnerable to redirection the user to a different file without the users knowledge by forging the malicious file name. Thus tricking users into opening malicious content.

ATS CVE-2009-0154
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Viewing or downloading a document containing a maliciously
crafted font may lead to execution of malicious code.

BIND CVE-2009-0025
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: BIND is susceptible to a spoofing attack, were one website pretends to be another, if configured in a certain way using OpenSSL. A maliciously crafted security certificate could bypass the validation, which may lead to a spoofing attack.

CFNetwork / Safari CVE-2009-0144
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Safari and other Applications that use CFNetwork may send secure cookies unexpectedly over a unencrypted connection. Systems prior to Mac OS X v10.5 are unaffected.

CFNetwork / Safari CVE-2009-0157
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Visiting a malicious website may lead to an application terminating unexpectedly or malicious code execution. Systems prior to Mac OS X v10.5 are not affected.

CoreGraphics CVE-2009-0145, CVE-2009-0155
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Opening a maliciously crafted PDF file may lead to an application terminating unexpectedly or malicious code execution.

CoreGraphics CVE-2009-0146, CVE-2009-0147, CVE-2009-0165
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Viewing or downloading a PDF file containing a maliciously crafted JBIG2 stream may lead to an application terminating unexpectedly or malicious code execution.

Cscope CVE-2009-0148
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Processing a maliciously crafted source file with Cscope may lead to an application terminating unexpectedly or malicious code execution.

CUPS CVE-2009-0164
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Visiting a maliciously crafted web site may lead to unauthorized access of the Web Interface of the printing service. This may allow a maliciously crafted website to start and stop printers, and access information about printers and jobs and even print documents.

Disk Images CVE-2009-0150, CVE-2009-0149
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Mounting a maliciously crafted disk image may lead to an application terminating unexpectedly or malicious code execution.

Enscript CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2008-3863
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Multiple vulnerabilities in enscript which may lead to malicious code execution.

Flash Player plug-in CVE-2009-0519, CVE-2009-0520, CVE-2009-0114
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Multiple issues exist in the Adobe Flash Player plug-in, when viewing a maliciously crafted web site these may lead to malicious code execution.

Help Viewer CVE-2009-0942, CVE-2009-0943
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: A maliciously crafted Apple “help:” page may be used to invoke AppleScript files, which may lead to malicious code execution.

Ichat CVE-2009-0152
Affected: Mac OS X v10.5 – v10.5.6,Mac OS X Server v10.5 – v10.5.6
Details: iChat can use Secure Sockets Layer (SSL) for AOL Instant Messenger and Jabber accounts. If iChat is unable to connect it will authenticate via plain text (non secure) methods until SSL is manually re-enabled. A remote attacker with the ability to observe network traffic may observe the contents of AOL Instant Messenger conversations.

International Components for Unicode CVE-2009-0153
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Maliciously crafted content may bypass website filters and result in malicious code execution.

IPSec CVE-2008-3651, CVE-2008-3652
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Multiple vulnerabilities and memory leaks exist in the racoon daemon in ipsec-tools which may lead to a denial of service.

Kerberos CVE-2009-0845, CVE-2009-0846, CVE-2009-0847, CVE-2009-0844
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: An attacked could send maliciously crafted authentication information or an encoded message which may lead to a denial of service of a Kerberos-enabled program

Kernel CVE-2008-1517
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: An issue exists which may lead to a local user obtaining system privileges or to an unexpected system shutdown. This vulnerability may also allow malicious code execution with Kernel privileges.

Launch Services CVE-2009-0156
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Downloading a maliciously crafted Mach-O executable (application) may cause Finder to repeatedly terminate and relaunch.

Libxml CVE-2008-3529
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Visiting a maliciously crafted website may lead to an application terminating unexpectedly or malicious code execution.

Net-SNMP CVE-2008-4309
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: A remote attacker may terminate the operation of the SNMP service by sending specificity crafted messages.

Network Time CVE-2009-0021, CVE-2009-0159
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Network Time is susceptible to a spoofing attack if NTP authentication is enabled. Once spoofing has take place a remote NTP server could maliciously execute code.

Networking CVE-2008-3530
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: When IPv6 support is enabled, A remote user may be able to cause an unexpected system shutdown.

OpenSSL CVE-2008-5077
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: An attacked could use a man-in-the-middle attack and be able to impersonate a secure trusted server or user in applications using OpenSSL for SSL certificate verification. Permiting an attacker to capture information the user thought was secure.

PHP CVE-2008-3659, CVE-2008-2829, CVE-2008-3660, CVE-2008-2666,CVE-2008-2371, CVE-2008-2665, CVE-2008-3658, CVE-2008-5557
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Multiple vulnerabilities in PHP which may lead to malicious execute code.

QuickDraw Manager CVE-2009-0160, CVE-2009-0010
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Opening a maliciously crafted PICT image may lead to an application terminating unexpectedly or malicious code execution.

Ruby CVE-2008-3443, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3790, CVE-2009-0161
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Multiple vulnerabilities exist in Ruby 1.8.6 including the fact that Ruby programs may accept revoked or invalid security certificates as genuine.

Safari CVE-2009-0162
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Multiple input validation vulnerabilities exist in Safari’s handling of “feed:” URLs. Accessing a maliciously crafted “feed:” URL may lead to malicious code execution.

Spotlight CVE-2009-0944
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Downloading a maliciously crafted Microsoft Office file may lead to an application terminating unexpectedly or malicious code execution.

system_cmds
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: The “login” command starts an interactive shell after a local user is authenticated. The priority level for the interactive shell is reset to the system default, which can cause the shell to run with an unexpectedly high priority and authorization level.

telnet CVE-2009-0158
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Connecting to a TELNET server with a very long canonical name in its DNS address record may lead to an application terminating unexpectedly or malicious code execution.

WebKit CVE-2009-0945
Affected: Mac OS X v10.5 – v10.5.6, Mac OS X Server v10.5 – v10.5.6
Details: Visiting a maliciously crafted website may lead to an application terminating unexpectedly or malicious code execution.

X11 CVE-2006-0747, CVE-2007-2754, CVE-2008-2383, CVE-2008-1382, CVE-2009-0040
Affected: Mac OS X v10.4.11 – v10.5.6, Mac OS X Server v10.4.11 – v10.5.6
Details: Multiple vulnerabilities exist in FreeType v2.1.4 & v2.3.8, the most serious of which may lead to an application terminating unexpectedly or malicious code execution when processing a maliciously crafted font. Displaying maliciously crafted data within an xterm terminal may also lead to malicious code execution. Further vulnerabilities exist in libpng version 1.2.26, the most serious of which may also lead to arbitrary code execution.

Security Update 2009-002 / Mac OS X v10.5.7 may be obtained from the Software Update pane in System Preferences, or Apple’s Software Downloads web site: http://www.apple.com/support/downloads/

The Software Update utility will present the update that applies to your system configuration. Only one is needed, either Security Update 2009-002 or Mac OS X v10.5.7.

10.5, 10.5.6, 2.0.63, abrupt, accept revoked certificate, Adobe, Adobe Flash, Adobe Flash Player plug-in, AIM, AOL Instant Messenger, Apache, Apache 2.0, Apache 2.2, Apache 2.2.11, Apache 2.2.9, Apache patch, Apple, Apple components, Apple Kernel, apple macintosh, Apple Patch issue, Apple Product Security, Apple Safari, apple software, Apple Type Services, APPLE-SA-2009-05-12, AppleScript files, application termination, arbitrary, arbitrary code execution, ASN.1 encoded message, ATS, attackers, authentication packet, bank details, BIND, boot, bypass, Cascading Style Sheets, CFF, CFNetwork, Code, code execution, code execution vulnerabilities, command, Compact Font Format, components, Computer, containing, contents, conversations, CoreGraphics, crafted, cross-site scripting, Cscope, CUPS, CUPS 1.3.9, CUPS Web Interface, CVE-2004-1184, CVE-2004-1185, CVE-2004-1186, CVE-2006-0747, CVE-2007-2754, CVE-2008-0456, CVE-2008-1382, CVE-2008-1517, CVE-2008-2371, CVE-2008-2383, CVE-2008-2665, CVE-2008-2666, CVE-2008-2829, CVE-2008-2939, CVE-2008-3443, CVE-2008-3529, CVE-2008-3530, CVE-2008-3651, CVE-2008-3652, CVE-2008-3655, CVE-2008-3656, CVE-2008-3657, CVE-2008-3658, CVE-2008-3659, CVE-2008-3660, CVE-2008-3790, CVE-2008-3863, CVE-2008-4309, CVE-2008-5077, CVE-2008-5557, CVE-2009-0010, CVE-2009-0021, CVE-2009-0025, CVE-2009-0040, CVE-2009-0114, CVE-2009-0144, CVE-2009-0145, CVE-2009-0146, CVE-2009-0147, CVE-2009-0148, CVE-2009-0149, CVE-2009-0150, CVE-2009-0152, CVE-2009-0153, CVE-2009-0154, CVE-2009-0155, CVE-2009-0156, CVE-2009-0157, CVE-2009-0158, CVE-2009-0159, CVE-2009-0160, CVE-2009-0161, CVE-2009-0162, CVE-2009-0164, CVE-2009-0165, CVE-2009-0519, CVE-2009-0520, CVE-2009-0844, CVE-2009-0845, CVE-2009-0846, CVE-2009-0847, CVE-2009-0942, CVE-2009-0943, CVE-2009-0944, CVE-2009-0945, CVE-2009-0946, CVE-ID, DECRQSS, denial of service, disk image, Disk Images, DNS rebinding attack, DNS Security Extensions, DNSSEC, document, downloading, DSA certificate, embedded, enscript, execution, exists, feed:, Finder, flash, Flash Player, Flash Player plug-in, font, fonts, forgery, FreeType v2.1.4, FTP proxy requests, havoc, Help Viewer, HTTP requests, HTTP response injection, iChat, iChat AIM, ICMPv, Instant Messenger, Intel, IPSec, IPv4, IPv6, issue, issues, Jabber, JavaScript, JBIG2 stream, Kerberos, Kernel, Kernel privileges, Launch Services, libxml, Mac, Mac OS, Mac OS X, Mac OS X Server, Mac OS X Server v10.4, Mac OS X Server v10.4.11, Mac OS X Server v10.5, Mac OS X Server v10.5.6, Mac OS X v10.4.11, Mac OS X v10.5, Mac OS X v10.5.5, Mac OS X v10.5.6, Mac OS X v10.5.7, Mach-O executable, Macintosh, malicious, malicious website, maliciously, maliciously crafted, maliciously crafted PDF, may lead to, may lead to execution of malicious code, memory corruption, Microsoft, Microsoft Office, Microsoft Office Spotlight Importer, Microsoft windows, Multiple vulnerabilities, Net-SNMP, network, Network Time, NTP authentication, ntpq, observe, obtain system privileges, open-source packages, OpenSSL, Packet Too Big, patch, Patch issue, PDF, PDF file, PHP, PICT image, plaintext, Player, plug-in, PowerPC, preference, Product Security, program, proxy, QuickDraw, QuickDraw Manager, racoon daemon, ramsay, reboot, reeking havoc, relaunch, remote attacker, repeatedly, Require SSL, revoked certificate, ruby, Ruby 1.8.6, SA-2009-05-12, Safari, Safari Web browser, secure cookies, Secure Sockets Layer, Security, security flaws, security update, security updates, security vulnerabilities, shutdown, Smug, source file, spoofing, spoofing attack, Spotlight, SSL, SSL certificate verification, Stephen, Stephen ramsay, susceptible, system configuration, telnet, TELNET server, terminate, traffic, unauthorized access, unencrypted, unencrypted HTTP requests, unexpected, unexpected application termination, v10.4.11, v10.5, v10.5.5, v10.5.5Mac OS X Server v10.5.5, v10.5.6, v10.5.7, validation, Viewing, Visiting a maliciously crafted web site, Vulnerabilities, Vulnerability, vulnerable, Web Interface, WebKit, website, Windows, X, X11, xterm, xterm terminal

Update on Vulnerabilities in PowerPoint

May 13th

Posted by stephen in Security

No comments

At the begining of April Microsoft released a security Bulletin advising of vulnerabilities in Microsoft Office PowerPoint that could allow remote code execution (967340)

Today they issued a new update which resolves this vulnerability in Microsoft Office PowerPoint. If a user opened a specially crafted PowerPoint file, the attacker could potentially take complete control of the users system. Once in the attacker could do just about anything they pleased, install programs; Logging activity including passwords etc.

This update is now being pushed out as part of the automatic updates program and should be installed on all users computers overnight tonight. Any users who experience any issues with Power Point should contact us in the usual way.

However we do ask all users to please remember and be careful with attachments and emails, often funny or cute emails sent to you by friends and family may contain viruses or the requisites to exploit vulnerabilities like this in normally safe software. Just because Microsoft have fixed this issue doesn’t mean they have fixed them all and several vulnerabilities still exist in other software such as adobe.

Software affected by this update:

Microsoft Office 2000 Service Pack 3
Microsoft Office PowerPoint 2000 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office PowerPoint 2002 Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office PowerPoint 2003 Service Pack 3
2007 Microsoft Office System Service Pack 1
Microsoft Office PowerPoint 2007 Service Pack 1
2007 Microsoft Office System Service Pack 2
Microsoft Office PowerPoint 2007 Service Pack 2
Microsoft Office for Mac
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac
PowerPoint Viewer 2003
PowerPoint Viewer 2007 Service Pack 1 and PowerPoint Viewer 2007 Service Pack 2
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
Microsoft Works 8.5
Microsoft Works 9.0

Security Bulletin April 2009

Apr 23rd

Posted by stephen in Security

No comments

This (slightly late) bulletin is a summary of the various security bulletins released by Microsoft for April 2009, a second bulletin for non Microsoft issues will follow next week. This bulletin includes the action Kraya is taking regarding each of these updates and security warnings.

We have now completed Beta Testing of these updates and have commenced pushing these out to your computers in our phased roll out program.

For users that are on Automatic Updates direct from Microsoft these will probably already have been installed. We are in the process of changing that so that all updates will come from Kraya HQ, this allows us to ensure that only the updates we approve are pushed out to your computers and should help prevent any issues caused by configuration changes.

If any of your staff report seeing boxes pop up on their computer screens about updates please tell them to call us and we will advise as to whether the update should be installed.

So here is the list:

MS09-010 Vulnerabilities in WordPad and Office Converters (KB960477) affects Windows 2000, XP and Windows Server 2003

This security update fixed a know issue with Microsoft WordPad and Microsoft Office. Previously users had been advised to not open Microsoft Office, RTF, Write, or WordPerfect files from untrusted sources. Whilst this update fixes this issue, the advice still stands.
This patch has been tested and determined to be safe, it has now been installed in all of our Windows machines.

MS09-013 Vulnerabilities in Windows Web Services affects Windows 2000, XP and Windows Server 2003

This update resolves an issue with Microsoft Windows HTTP Services (WinHTTP) which could allow malicious software to be installed on a computer remotely.
This patch has been tested and determined to be safe, it has now been installed in all of our Windows machines. However it has been associated with a slowing of the system however the security vulnerability
is to severe to neglect.

MS09-011 Vulnerability in Microsoft DirectX 8.1 & 9.0 affects Windows 2000, XP and Windows Server 2003 (KB961373)

This update resolves an issue with Microsoft DirectX on non older systems. The vulnerability could allow malicious software to be installed on a computer remotely if user opened a specially infected Movie file.
This patch has been tested and determined to be safe, it has now been installed in all of our Windows machines. However Windows 2000 users seem to experience some slowing of graphics drivers after this update. Unfortunately again the security vulnerability
is to severe to neglect.

MS09-014 Security Update for Internet Explorer 6 & 7 (KB963027)

Resolves Six different vulnerabilities in Internet Explorer 6 & 7. These vulnerabilities could again allow malicious software to be installed on a computer remotely if a user were to view a specially crafted Web page or advert. This is one of the many reasons we recommend that users use Firefox rather than Microsoft Internet Explorer.
This patch has been tested and determined to be safe, it has now been installed in all of our Windows machines.

MS09-009 Fix for Issues with Microsoft Office Excel (KB968557, KB959964, KB959988, KB959995, KB959997, KB968694, KB959993, KB960000, KB960003) affects Microsoft office 2000, XP, 2003, 2007 on Mac and Windows, also affected are Microsoft Office Excel Viewer and Microsoft Office Converter / Compatibility Packs

This security update resolves a vulnerability that I have previously contacted you all about in Excel that could allow, allow malicious software to be installed on a computer if you opened a specially crafted Excel file.
However, this update does not replace the standing advice, do not to open files from un-trusted sources or if you receive and unexpected attachment to an email i.e. email from a trusted source, but the email content is out of character for that sender. You should also be very careful with Email forwards such as games embedded in excel and Power point presentations of pretty pictures or half naked girls on motor bikes, these are all classic ways to infect your computer with malicious software.
This patch has been tested and determined to be safe, it has now been installed in all of our Windows machines.

MS09-012 Security flaw in Microsoft Windows allowing Elevation of user Privileges (KB959454, KB952004, KB956572) affects Windows 2000, XP, Vista and Windows Server 2003 & 2008

This security update resolves a security flaw in Microsoft Windows which could allow a user who has gained access to your system, legitimately or otherwise to elevate their security privilege to an administrator. An attacker who successfully exploited any of these vulnerabilities could take complete control over the affected system.
This patch has been tested and determined to be safe, it has now been installed in all of our Windows machines.

MS09-016 Vulnerabilities in Microsoft ISA Server (KB961759, KB960995, KB968078)

This security update resolves an issue with Microsoft Internet Security and Acceleration (ISA) Server and Microsoft Forefront Threat Management Gateway (TMG), Medium Business Edition (MBE). This could create a denial of service attack if specifically designed data is passed over a network to the affected system, or the disclosure of confidential information if a user visits a Web site that contains content controlled by the attacker.
This patch does not affects most of our clients but will be installed on those affected.

MS09-015 Blended Threat Vulnerability in Search Path Could Allow Elevation of Privilege (KB959426) affects Windows 2000, XP, Vista and Windows Server 2003 & 2008

This security update resolves a security flaw in Microsoft Windows which could allow a user who has gained access to your system, legitimately or otherwise to elevate their security privilege to an administrator. An attacker who successfully exploited any of these vulnerabilities could take complete control over the affected system.
This patch has been tested and determined to be safe, it has now been installed in all of our Windows machines.

There are a long list of other updates already deployed the only ones of note are Microsoft Internet Explorer 8 Release Candidate 1 (RC1) and its subsequent updates despite testing ok there have been wide spread reports of IE8 slowing computers down. Therefore no more computers will be upgraded at this time and I would reiterate my advice to use Firefox rather than IE. If IE 8 has already been installed on your computer, uninstalling it and reverting back to IE 7 does not seem to help speed it back up.

We will continue to monitor the situation and await further updates from Microsoft.

As ever any questions please let me know.

2000, 2003, 2008, 2009, 8.1, 9.0, administrator, advert, Apple Mac, April, April 2009, associated, attachment, attack, attacker, Automatic updates, Bulletin, changes, computers, configuration, Converters, denial of service, deployed, DirectX, DirectX 8.1, DirectX 9.0, disclosure of confidential information, elevate, Elevation, Elevation of Privilege, email, Email forwards, embedded, Excel, Excel file, Excel Viewer, file, File converter, files, Firefox, fixed, flaw, Gain access, gained access, games, half naked girls, HTTP Services, IE 6, IE 7, IE8, infect, infected, infected Movie, installed, Internet Explorer 6, Internet Explorer 7, Internet Explorer 8, ISA Server, issue, Issues Microsoft Office Excel, KB952004, KB956572, KB959426, KB959454, KB959964, KB959988, KB959993, KB959995, KB959997, KB960000, KB960003, KB960477, KB960995, KB961373, KB961759, KB963027, KB968078 Microsoft Internet Security and Acceleration Server, KB968557, KB968694, know issue, Kraya, legitimately, Mac, malicious, malicious software, Microsoft, Microsoft DirectX, Microsoft Forefront Threat Management Gateway, Microsoft Internet Explorer, Microsoft Internet Explorer 8 Release Candidate 1, Microsoft ISA Server, Microsoft Office, Microsoft Office 2000, Microsoft Office 2003, Microsoft Office 2007, Microsoft Office Excel Viewer, Microsoft Office XP, Microsoft windows, Microsoft WordPad, Movie, movie File MPEG, MS Office for Mac, MS09-009, MS09-010, MS09-011, MS09-012, MS09-013, MS09-014, MS09-015, MS09-016, neglect performance, network, office, Office 2000, Office 2003, Office 2007, Office Compatibility, Office Converter, Office XP, opened, patch, phased roll out, Power point, Power point presentations, pretty pictures, prevent, Privileges, ramsay, RC1, recommend, remotely, RTF, safe, screens, Security, security bulletins, security privilege, security update, security warnings, severe, slow, slowing, slowing of graphics drivers, Social Networks, software, sources, specially, specially crafted, specially crafted Web page, standing advice, Stephen, stepram, summary, system, tested, TMG, un-trusted, unexpected, untrusted, update, update fixes, Updates, user, user visits, visits, Vulnerabilities, Vulnerability, Web page, Web site, Windows, Windows 2000, Windows machines, Windows server, Windows Server 2000, Windows Server 2003, Windows Server 2008, Windows Web Services, windows XP, WinHTTP, WordPad, WordPerfect, Write, XP, your system

SECURITY ALERT – Microsoft Security Advisory 969136

Apr 6th

Posted by stephen in Security

1 comment

Vulnerability in Microsoft Office PowerPoint

An Update to this post has been PUBLISHED on 13th May 2009

Microsoft has published a security alert advising that it is investigating new reports of a vulnerability in Microsoft Office PowerPoint that could allow a computer to be compromised if a user opens an infected PowerPoint Presentation.

Microsoft is actively working towards a solution and we will update you as soon as they update us. The following software is affected;
Microsoft Office PowerPoint 2000 Service Pack 3
Microsoft Office PowerPoint 2002 Service Pack 3
Microsoft Office PowerPoint 2003 Service Pack 3
Microsoft Office 2004 for Mac

This can not be run automatically through an e-mail, a user must open the attachment that is sent in the e-mail message. However if a user were to visit a Web site that contains an Office file this would compromise the computer.

Therefore please do not open or save Office files that you receive from un-trusted sources or that are received unexpectedly from trusted sources. This vulnerability could be exploited when a user opens a file.

You should be aware that Kaspersky and Other Antivirus tools may not pick up on this, therefore do not assume that if a file has been scanned by anti virus that it is safe.

969136, Advisory, affected, ALERT, Antivirus, Apple, Apple Mac, attachment, compromise, compromised, Computer, e-mail, e-mail message, exploited, infected, infected PowerPoint Presentation, investigating, Mac, Microsoft, Microsoft Office, Microsoft Office 2004 for Mac, Microsoft Office PowerPoint, Microsoft Office PowerPoint 2000, Microsoft Office PowerPoint 2000 Service Pack 3, Microsoft Office PowerPoint 2002 Service Pack 3, Microsoft Office PowerPoint 2003 Service Pack 3, Microsoft Security, Microsoft Security Advisory, MS Office, office, Office 2000, Office 2002, Office 2003, Office 2004, Office file, PowerPoint, PowerPoint 2000, PowerPoint 2002, PowerPoint 2003, PowerPoint Presentation, ramsay, Security, SECURITY ALERT, Social Networks, software, solution, Stephen, stepram, un-trusted sources, update, Vulnerability

Technological Ramblings by Stephen

Stephen Ramsay is the Head of Krayatec Edinburgh’s leading Linux centric IT Support Company. We provide IT Support, telecoms and technology partnerships to businesses running Windows, Linux and Apple based systems. We also manage the complete and seamless integration of, all these operating systems into one coherent, network and technology strategy.
This blog is part work, part personal, so I hope you enjoy the mix and feel free to leave some comments, reply via Twitter, or drop me an Email for more information, on anything you read here, or to find out a bit more about what we do and how we do it.
Categories
- hardware
- how to
- Journeys
- Kraya
- Linux
- Privacy
- Random Rambelings
- Rants
- Security
  - Apple
  - Windows updates
- tweets
- Uncategorized
- Windows
Tag Cloud
anti-virus Apple Apple Mac Computer computers email IMAP issues junk Kerio Kerio MailServer Kerio Offline Outlook Connector Kraya KrayaTec Linux Mac Mail Server MailServer Microsoft Microsoft windows network office Outlook ramsay Random Security Server slow Social Networks software spam Stephen Stephen ramsay stepram Thunderbird tweets twitter Ubuntu update Vista Vulnerability webmail Windows windows XP XP
blogrol
Kraya
Open Source Software
Social Networks
usefull geekerie
- DNS / MX Propagation Checker
- Whats my dns
Calendar
September 2010

M T W T F S S

« Jul

1 2 3 4 5

6 7 8 9 10 11 12

13 14 15 16 17 18 19

20 21 22 23 24 25 26

27 28 29 30
Blog Archives

September 2010
M	T	W	T	F	S	S
« Jul
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30

Posts tagged Mac

Technological Ramblings by Stephen

Categories

Tag Cloud

blogrol

Kraya

Open Source Software

Social Networks

usefull geekerie

Calendar

Blog Archives