Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.


November, 2010


Adobe Shockwave Settings Remote Code Execution

Disclosed November 3, 2010    Fully Patched
Vendors: Adobe
Vulnerability Severity: Low
Exploit Impact: Remote Code Execution
Exploit Availability:

Security is a Team Sport

Posted November 2, 2010    Peter McCalister

In organizations that aren’t sophisticated with measuring the value of risk, getting budget for security can be a tough gig. SC Magazine has an entire blog dedicated to an active running list of publicly known breaches, yet no matter how many examples you show, sometimes the logic that it will never be you is just…


Trend Micro Titanium Maximum Security 2011 Local Kernel Level Privilege Escalation

Disclosed November 2, 2010    Fully Patched
Vendors: Trend Micro
Vulnerability Severity: Medium
Exploit Impact:
Exploit Availability:

eEye @ CSI 2010

Posted November 1, 2010    Morey Haber

I just returned from the Computer Security Institute CSI 2010 conference in National Harbor, Maryland. While there, I spoke on the topic of Logic Bombs using modern examples like Aurora and Stuxnet. This was my first time attending a CSI conference and I must honestly state, I was thoroughly impressed with the quality of the…

Misuse of Privilege in Virtualized Environments

Posted November 1, 2010    Peter McCalister

A key factor to consider when approaching virtualization security is that the hypervisor is always going to be a high-value target due to its control over the entire virtual environment.