Unofficial Updater 2 now patches APSB13-03

I had intended to get this posting out earlier when I updated Unofficial Updater 2 on the 16th. Here are the changes that were made with the latest release UU2.

APSA13-01 does note that ColdFusion 8 and earlier is susceptible to the attack that APSB13-03 fixes. Based upon the security advisory it does not seem that Adobe will be providing a patch for ColdFusion 8 since core support for ColdFusion 8 ended last year. For ColdFusion 8 and earlier please make sure you properly secure the CFIDE directory and other mitigations steps noted in the security advisory.

I have also published an updated set of hashesets that can be used with hashdeep at to check the validity of CFIDE after applying APSB13-03. For details please see my previous post.