SANS has released their Top Cyber Security Risks report. Top two priorities: Unpatched internal systems and vulnerable websites.
“Featuring attack data from TippingPoint intrusion prevention systems protecting 6,000 organizations, vulnerability data from 9,000,000 systems compiled by Qualys, and additional analysis and tutorial by the Internet Storm Center and key SANS faculty members.”
Word today that there is a 0-Day exploit targeting a flaw in SMB2 that can allow a single packet to crash a Windows Vista/7/2008 machine. Not too many details yet but the code is out and there is a Metasploit module available.
So it seems OS X 10.6 has an old version of Flash bundled with it and it won’t keep your updated version if you’re upgrading. Somehow in the rush to get 10.6 out the door, Apple didn’t update to the newest version and doesn’t during the install.
We all know that Flash is a significant vector for attack so you need to make sure you update it as soon as you have installed your new breed of Leopard.
