ACC Mail ACC ACC Homepage
About ACCACC NewsFaculty Services IndexStudent Services IndexACC User DocumentationACC Computing PoliciesRecommended Systems and Purchase informationComputer Support Services
 

Security Bulletin Summary March 23, 2006

Adobe Announcement
Overview
Who is Affected

Recommended Actions

Administrative Users
Academic and All Home Users
Further Assistance

Other Bulletins
Recents CERT Alerts

ADMINISTRATIVE Staff: If you use a computer at HOME, please read on.

STUDENTS, FACULTY, ADMINISTRATIVE STAFF, ACADEMIC STAFF AND ALL HOME USERS must follow the recommendations below.

I. OVERVIEW

Critical vulnerabilities have been identified in Flash Player, Shockwave and other Macromedia products that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. Upgrade affected software as instructed below.

Note that Haverford's site licensed version of Flash, Flash MX, is not affected.

II. WHO IS AFFECTED?

All Macintosh OS X and Windows users are affected.

III. RECOMMENDED ACTION - ADMINISTRATIVE USERS ON CAMPUS

Please follow the recommended action for home systems.

IV. RECOMMENDED ACTION - STUDENTS, FACULTY, ACADEMIC STAFF, and ALL HOME COMPUTER USERS

  1. EVERYONE MUST install the latest version of Flash Player (8.0.24.0) on your computer from http://www.macromedia.com/go/getflashplayer/
  2. If you use Shockwave, upgrade to version 10.1.1 at http://www.macromedia.com/shockwave/download/
  3. If you any of the products below, follow the recomendations in Adobe's alert
    (http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html)

    # Flash Professional 8
    # Flash Basic
    # Flash MX 2004
    # Flash Debug Player 7.0.14.0 and earlier
    # Flex 1.5
    # Breeze Meeting Add-In 5.1 and earlier

V. FOR FURTHER ASSISTANCE

Students, faculty and academic staff please contact Academic Computing:
Telephone: 610-896-1480
Email: compctr@haverford.edu
Web: http://www.haverford.edu/acc/helpdesk/
In Person: Stokes 204 9am to 5pm, Monday through Friday and until 9am to 9pm on Tuesdays.

Administrative staff please contact Administrative Computing:
Telephone: 610-896-1355
Email: admincc@haverford.edu

VI. MORE INFORMATION

For additional information on this threat, please refer to the following web sites:

Macromedia - APSB06-03: Flash Player Update to Address Security Vulnerabilities
<http://www.macromedia.com/devnet/security/security_zone/apsb06-03.html>
US-CERT Vulnerability Note VU#945060
<http://www.kb.cert.org/vuls/id/945060>
CVE-2006-0024
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0024>
Microsoft Security Advisory (916208)
<http://www.microsoft.com/technet/security/advisory/916208.mspx>

For Questions and Comments, contact Haverford College's Academic Computing Center.
Last updated on March 24, 2006

HC HomeCampus DirectoryHaverford College Library ResourcesHaverford College Web Search EngineAcademic DepartmentsACC Home