Entries Tagged as “ Security”

New Critical ColdFusion security update for version 9 and above

May 14, 2013 / Shilpi Khariwal

  Security | Administrator | Adobe ColdFusion | Adobe ColdFusion 10 | Announcements | Hotfix | web application security

 

A security update for ColdFusion is now available for versions 10, 9, 9.0.1 and 9.0.2. This hot-fix addresses issues reported in Advisory 13-03

If you are on ColdFusion 10, you will see a new update 10 within the ColdFusion administrator for you to download and install.

Adobe recommends users update their product installation with this update. Here's a link to the related security bulletin. 

We highly recommend locking down public facing servers to prevent against unknown attacks. As an additional precaution, we recommend commenting RDS servlet in web.xml

Complete instructions for protecting server can be found accessed here. ColdFusion 10 Lockdown GuideColdFusion 9 Lockdown Guide

 


A security advisory for ColdFusion

May 08, 2013 / Hemant Khandelwal

  Security | Adobe ColdFusion

Adobe has released a new security advisory for ColdFusion and is available here.

As a mitigation step, the advisory advises you to restrict public access to the CFIDE/administrator, CFIDE/adminapi and CFIDE/gettingstarted directories by following the hardening guidance in the ColdFusion 9 Lockdown Guide and ColdFusion 10 Lockdown Guide.

 


The latest ColdFusion security bulletin is updated with a revised description

April 19, 2013 / Hemant Khandelwal

  Security | Adobe ColdFusion

The title says it all. Please check the bulletin for details here http://www.adobe.com/support/security/bulletins/apsb13-10.html


New ColdFusion security update for version 9 and above

April 08, 2013 / Shilpi Khariwal

  Security | Adobe ColdFusion | Adobe ColdFusion 10 | Announcements | Updates | web application security

 

An important security update for ColdFusion is now available for versions 10, 9, 9.0.1 and 9.0.2.

If you are on ColdFusion 10, you will see a new update 9 within the ColdFusion administrator for you to download and install.

Adobe recommends users update their product installation with this update. Here's a link to the related security bulletin.

Note: It is recommended that, request related functionality is not used with CFThread. 

 


ColdFusion security bulletin dated January 15, 2013 is updated

March 20, 2013 / Hemant Khandelwal

  Security

Adobe has recently updated security bulletin dated January 15, 2013 to provide additional information to inspect files and scheduled tasks of unknown origin along with recommendation to follow security best practices.

The updated security bulletin is available here.


Blue Mango Theme Design By Mark Aplet

Super Powered by Mango Blog