New Allaire Security Zone Bulletin Posted

[aleph1 () UNDERGROUND ORG (Aleph One)]

Dear Allaire Customer --

New security issues that may affect ColdFusion  and Allaire Forums customers have come to our attention recently. 
Please visit the Security Zone at the Allaire Web site to learn about these new issues and what actions you can take to 
address them:

http://www.allaire.com/security

This week we posted the following new or recently updated Allaire Security Bulletins.

UPDATED:

ASB99-11: Solutions to Issues that Allow Users to Execute Commands on NT Servers through MDAC RDS (Bulletin updated 
with Microsoft® SQL Server 7.0 and Microsoft Data Engine (MSDE)  vulnerability information.)

ADDED:

ASB00-07: Patch Available for Allaire Forums 2.0.5 Security Issue

As a Web application platform vendor, one of our highest concerns is the security of the systems our customers deploy. 
We understand how important security is to our customers, and we're committed to providing the technology and 
information customers need to build secure Web applications. Thank you for your time and consideration on this issue.

-- Security Response Team, Allaire Corporation

P.S. As a reminder, Allaire has set up an email address that customers can use to report security issues associated 
with an Allaire product: secure () allaire com

======================================================================================
Allaire respects the Web and the privacy of those who use it. If you do not
want to receive any future messages from Allaire please forward this email to
remove () allaire com with the subject "REMOVE".
======================================================================================