CF Security Update

I got an email with a security update bulletin from Adobe yesterday. 

It seems there is some sort of vulnerability via cfid and cftoken regarding session hijacking.  It affects both cf7 and cf8 unless you are using J2EE session management.

Patch can be found here.

If you use shared hosting and your host knows CF well then you are probably all set.  If they don't or your not sure you should let them know about the update.  Also if you don't get secuirty bulletins via email from adobe you should sign up for that today.

On a side note, I find the font color for the link in the security bulletin very hard to differentiate from the text of the page.  Took me a bit to find where to actually download the update.

TweetBacks
Comments

NAVIGATION

Home
About Me

RSS


Search

Subscribe

Enter your email address to subscribe to this blog.

Recent Entries

Flash Camp Boston
New Blog Design
Pre-Conference Training at cf.Objective()
FireFox 3.6 KTML Editor Fix
I am now a part of the Adobe Community Professionals Group

Recent Comments

FireFox 3.6 KTML Editor Fix
Fred said: Found another bug in Firefox 3.6 When inserting a table you can't select the number of columns. So I... [More]

Repeating Events Question
ueghbxedu said: UaejcB <a href="http://ysyhrmkbkhco.com/&...;, [url=http://pwncz... [More]

Repeating Events Question
fadxkfyuadn said: n6qVCL <a href="http://bdiorhdtbwzb.com/&...;, [url=http://uvnao... [More]

FireFox 3.6 KTML Editor Fix
Joshua said: While changing that far will load the editor, does it show the drop down class menu correctly now? [More]

FireFox 3.6 KTML Editor Fix
Al Johnson said: HI, I am still fighting to keep my code going as there is nothing better than KTML nad I have writt... [More]

Calendar

Sun Mon Tue Wed Thu Fri Sat
 123456
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31    

Archives By Subject

blogs (31) [RSS]
books (4) [RSS]
Crazy (39) [RSS]
DIY (8) [RSS]
Flex (3) [RSS]
games (10) [RSS]
GRRR (13) [RSS]
Ideas (11) [RSS]
Local (14) [RSS]
LOLpics (2) [RSS]
money (9) [RSS]
music (3) [RSS]
Personal (27) [RSS]
Photos (8) [RSS]
Politics (8) [RSS]
Projects (22) [RSS]
Review (18) [RSS]
RPM (9) [RSS]
Spam (16) [RSS]
Technology (66) [RSS]
Testing (3) [RSS]
TV (15) [RSS]
video (32) [RSS]
Web Dev (218) [RSS]
World of Warcraft (16) [RSS]