Critical Adobe Reader hole to be patched Thursday
Adobe will release a patch on Thursday for a critical hole in Reader that was disclosed at the Black Hat conference late last month, the company said on Wednesday.
Adobe had announced on August 5 that the emergency fix was coming this week, in advance of the next quarterly security release, scheduled for October 12.
The security update will resolve an undisclosed number of critical issues in Reader 9.3.3 for Windows, Mac, and Unix; Acrobat 9.3.3 for Windows and Mac; and Reader 8.2.3 and Acrobat 8.2.3 for Windows and Mac, according to Adobe's advisory.
The flaw, which could be exploited to take control of a computer, is related to the way Adobe's PDF (portable document format) reader software handles fonts, said Charlie Miller, principal analyst at Independent Security Evaluators who disclosed the hole at the security conference.
The vulnerability is an "integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, (that) allows remote attackers to execute arbitrary code via a TrueType font," according to the description in the National Vulnerability Database.
Demystifying Technology III-What is Net Neutrality?
"Net neutrality is about preventing high-speed Internet providers from discriminating against certain sorts of providers or users of their network. For a hundred years, we've treated communications providers like sidewalks. The sidewalks can't choose between different walkers and have them travel at different speeds."-Alan GreenBlatt
Network neutrality (also net neutrality, Internet neutrality) is a principle proposed for user access networks participating in the Internet that advocates no restrictions by Internet Service Providers and governments on content, sites, platforms, on the kinds of equipment that may be attached, and no restrictions on the modes of communication allowed.
The principle states that if a given user pays for a certain level of Internet access, and another user pays for the same level of access, then the two users should be able to connect to each other at the subscribed level of access.
Neutrality proponents claim that telecom companies seek to impose a tiered service model in order to control the pipeline and thereby remove competition, create artificial scarcity, and oblige subscribers to buy their otherwise uncompetitive services.
Opponents of net neutrality characterize its regulations as "a solution in search of a problem", arguing that broadband service providers have no plans to block content or degrade network performance.In spite of this claim, certain Internet service providers have intentionally slowed peer-to-peer (P2P) communications.
Critics of net neutrality also argue that data discrimination of some kinds, particularly to guarantee quality of service, is not problematic, but is actually highly desirable.
Demystifying Technology II-What is a server?
A server computer is a computer, or series of computers, that link other computers or electronic devices together. They often provide essential services across a network, either to private users inside a large organization or to public users via the internet. For example, when you enter a query in a search engine, the query is sent from your computer over the internet to the servers that store all the relevant web pages. The results are sent back by the server to your computer.
Many servers have dedicated functionality such as web servers, print servers, and database servers. Enterprise servers are servers that are used in a business context.
The server is used quite broadly in information technology. Despite the many Server branded products available (such as Server editions of Hardware, Software and/or Operating Systems), in theory any computerised process that shares a resource to one or more client processes is a Server. To illustrate this, take the common example of File Sharing. While the existence of files on a machine does not classify it as a server, the mechanism which shares these files to clients by the operating system is the Server.
Similarly, consider a web server application (such as the multiplatform "Apache HTTP Server"). This web server software can be run on any capable computer. For example, while a laptop or Personal Computer is not typically known as a server, they can in these situations fulfil the role of one, and hence be labelled as one. It is in this case that the machine's purpose as a web server classifies it in general as a Server.
In the hardware sense, the word server typically designates computer models intended for running software applications under the heavy demand of a network environment. In this client server configuration one or more machines, either a computer or a computer appliance, share information with each other with one acting as a host for the other.
While nearly any personal computer is capable of acting as a network server, a dedicated server will contain features making it more suitable for production environments. These features may include a faster CPU, increased high-performance RAM, and typically more than one large hard drive. More obvious distinctions include marked redundancy in power supplies, network connections, and even the servers themselves.
Demystifying Technology-What is a Duel Core Processor?
A dual core processor is a CPU with two separate cores on the same die, each with its own cache. It's the equivalent of getting two microprocessors in one.
In a single-core or traditional processor the CPU is fed strings of instructions it must order, execute, then selectively store in its cache for quick retrieval. When data outside the cache is required, it is retrieved through the system bus from random access memory (RAM) or from storage devices. Accessing these slows down performance to the maximum speed the bus, RAM or storage device will allow, which is far slower than the speed of the CPU. The situation is compounded when multi-tasking. In this case the processor must switch back and forth between two or more sets of data streams and programs. CPU resources are depleted and performance suffers.
In a dual core processor each core handles incoming data strings simultaneously to improve efficiency. Just as two heads are better than one, so are two hands. Now when one is executing the other can be accessing the system bus or executing its own code. Adding to this favorable scenario, both AMD and Intel's dual-core flagships are 64-bit.
A dual core processor is different from a multi-processor system. In the latter there are two separate CPUs with their own resources. In the former, resources are shared and the cores reside on the same chip. A multi-processor system is faster than a system with a dual core processor, while a dual core system is faster than a single-core system, all else being equal.
An attractive value of dual core processors is that they do not require a new motherboard, but can be used in existing boards that feature the correct socket. For the average user the difference in performance will be most noticeable in multi-tasking until more software is SMT aware. Servers running multiple dual core processors will see an appreciable increase in performance.
Multi-core processors are the goal and as technology shrinks, there is more "real-estate" available on the die. In the fall of 2004 Bill Siu of Intel predicted that current accommodating motherboards would be here to stay until 4-core CPUs eventually force a changeover to incorporate a new memory controller that will be required for handling 4 or more cores.
Redefining Endpoint Security
Most security professionals believe that endpoint security is a strategy in which security software is distributed to end-user devices but centrally managed. Endpoint security systems work on a client/server model. A client program is installed on or downloaded to every endpoint, which in this case, is every user device that connects to the corporate network. Endpoints can include PCs, laptops, handheld devices, servers, printers and even specialized equipment.
Endpoint security software has been around longer than any other information security solution (namely desktop antivirus). Most of the time and effort IT administrators have spent in securing their environments has been focused on endpoint devices. However, most publicly disclosed data breaches include the compromise, exploit, loss, or theft of an endpoint device.
For years, security professionals looked beyond their networks for the source of data breaches. The fear of hackers, cybercriminals, and other external threats drove the market -- and subsequently the majority of information security solutions that are available today. So the vast majority of "endpoint" security solutions attempt to solve the "outsider" problem when in reality it is insiders who pose the greatest threat to organizations.
Endpoint = Device + User
Users often excuse themselves from "patching" and other computer maintenance tasks because they believe nothing of value is on the computer itself. What they forget is the value of that system may not be in what it is storing, but what it can be used for, or what other systems and data it can access.
Often, a device by itself doesn't have access to other systems and data. Usually a system only has this access in conjunction with the credentials of an authorized employee. So in most cases, the point at which a device becomes "valuable" to criminals is when it combines both the device and the user credentials.
As a result, an endpoint should not just be looked at as a device, system, computer, server or laptop. The definition of an endpoint should also include the notion of employees, contractors, third parties, telecommuters, travelers, and other insiders who use these systems.
Perhaps the term "endpoint" should include the notion of insiders due to the symbiotic relationship between the device and the user, which ultimately creates a valuable asset. Once an organization has a valuable asset, it needs to protect it; however, traditional security solutions only solve half the issue, because they are only looking for outside threats.
Endpoint security solutions that focus on digital fingerprinting, code analysis, software behavior, and other technical aspects miss the larger part of the problem -- the insider.
The Greatest Threat
In addition to traditional endpoint security agent software, organizations need a solution designed to protect them from their greatest threat -- the insider. Whether this is a careless, untrained or malicious individual, companies can protect themselves by using technologies designed to mitigate this threat.
Solutions should offer an all-in-one endpoint security suite designed to protect an organization from insider threats through features like data loss prevention, Web filtering, asset management, tracking and recovery and insider monitoring.
A key element in endpoint security is centralized management. Deployment, configuration, updates, reporting, auditing and monitoring must be done centrally, or major security gaps can result. Remote users such as travelers and telecommuters are often excluded due to the limitations of traditional endpoint security solutions.
The most effective endpoint agent can be loaded on any computer anywhere in the world and can still be managed centrally from the same cloud-based management platform.
To take it a step further, a cloud-based solution (also known as Software as a Service, or SaaS) can offer deployment ease and no hardware requirements, as well as maximum visibility, complete coverage, centralized management and global reporting.
The solution should include multiple risk-mitigation technologies within one agent from one vendor to avoid software conflicts and support nightmares. A combination endpoint/cloud solution can also take care of those remote users, travelers and telecommuters who need the same level of security but often don't get it, because they are not inside the brick and mortar of an office.
Endpoints should include both devices and users, because the combination of the two makes up the greatest threat to organizations today. The next generation in endpoint security software allows IT administrators, compliance officers and executives the ability to control what traditional endpoint security solutions ignore -- the insider.