>>>My intention is not to spread FUD, but to ensure people are patched and 'ready' ASAP.
If that is your intention, then don't release the 'sploit. G! On Wed, Aug 11, 2010 at 5:21 PM, Procheckup news <n...@procheckup.com>wrote: > > Regrettably Adobe has seen fit to release only patches for version 8 and > version 9. > > The easiest solution is to restrict access to /CFIDE/, which unfortunately > only a slight majority of Coldfusion sites have done. > > The greatest problem is that the patches can be easily analysed and reverse > engineered to identify the exploit, an experienced person can do this in 4-5 > hours. > > My intention is not to spread FUD, but to ensure people are patched and > 'ready' ASAP. > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology-Michael-Dinowitz/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:336200 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
