Mailing Lists & Feeds
Current Activity Calendar
| December 27, 2006 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Public Exploit Code Available for DoS Vulnerability in Microsoft Windows Workstationadded December 27, 2006US-CERT is aware of a publicly available exploit code for a buffer overflow vulnerability in Microsoft Windows Workstation. According to Secunia Advisory SA23487, there is a flaw in the way the Workstation service handles large RPC requests. By sending specially crafted data to the Workstation service, a remote attacker could cause a denial-of-service condition on a vulnerable system. Initial analysis indicates that Windows XP and Windows 2000 are vulnerable to this flaw. Until a security fix from Microsoft becomes available, US-CERT recommends the following action to help mitigate the security risks:
US-CERT will continue to investigate and will provide additional information as it becomes available. Proof-of-Concept Code for Vulnerability in Microsoft Windowsadded December 26, 2006US-CERT is aware of publicly available proof-of-concept code for a local privilege escalation vulnerability in Microsoft Windows 2000, Windows Server 2003, Windows XP, and Windows Vista. More information concerning this flaw is available at the Microsoft Security Response Center Blog. US-CERT will continue to investigate and will provide additional information as it becomes available. Mozilla Releases Security Advisories to Address Multiple Vulnerabilitiesadded December 20, 2006 | updated December 21, 2006Mozilla has released Security Advisories to correct multiple vulnerabilities in Firefox, Thunderbird, and SeaMonkey. If successfully exploited, these vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition on a vulnerable system. More information about these vulnerabilities can be found in the following:
US-CERT strongly encourages users to take the following actions to help mitigate the security risks:
Microsoft Publishes New Information on the Three Word Vulnerabilitiesadded December 19, 2006Microsoft has published new information on its Security Response Center Blog addressing the latest Word vulnerabilities reported earlier this month. Until a security fix from Microsoft becomes available, US-CERT recommends that users follow the recommendations in Microsoft Security Advisory 929433 to help mitigate the security risks for all three Word vulnerabilities. Public Exploit Code Available for a Vulnerability in Microsoft Wordadded December 14, 2006US-CERT is aware of public exploit code that has been released for a potentially new vulnerability in Microsoft Word. This vulnerability is different from the two previous Word vulnerabilities reported earlier this month. The flaw is caused by a memory corruption error when handling a malformed Word document. By persuading a user to open a specially crafted Word document, a remote attacker could execute arbitrary code or launch a denial of service attack. More information about this vulnerability can be found in the following:
Until a security fix from Microsoft becomes available, US-CERT recommends the following actions to help mitigate the security risks:
Additionally, US-CERT strongly encourages users not to open unfamiliar or unexpected email attachments, even if sent by a known and trusted source. Users may wish to read Cyber Security Tip ST04-010 for more information on working with email attachments. US-CERT will continue to investigate this vulnerability and provide additional information as it becomes available. Reports of Cross-Platform QuickTime Flawadded December 13, 2006US-CERT is investigating reports of a new cross-platform flaw in Apple QuickTime affecting both Windows and Mac OS versions of the player. According to a recent security blog posting from F-Secure, the flaw affects any website that allows the embedding of QuickTime content. US-CERT will continue to investigate and will provide additional information as it becomes available. Quickspace Worm Exploits Cross-Site Scripting Vulnerability in MySpaceadded December 7, 2006 | updated December 13, 2006US-CERT is aware of a cross-site scripting (XSS) vulnerability in the MySpace web site. There is a flaw in the way the MySpace web site filters user-supplied scripts. The QuickSpace worm exploits this flaw by using an Apple QuickTime feature to execute an XSS attack. The impacts of this vulnerability include disclosure of sensitive information (user credentials, email addresses), modification of MySpace profile, worm propagation to other MySpace profiles, or covert redirection to a malicious web site. More information about this vulnerability can be found in the following:
Until a security fix becomes available, US-CERT recommends the following actions to help mitigate the security risks:
Microsoft Releases December Security Bulletinadded December 12, 2006Microsoft has released updates to address vulnerabilities in Microsoft Windows and Visual Studio as part of the Microsoft Security Bulletin Summary for December 2006. We strongly encourage users to review the bulletins and follow best-practice security policies to determine what updates should be applied. Additionally, more information about these vulnerabilities can be found in the Vulnerability Notes Database and Technical Cyber Security Alert TA06-346A. Public Exploit Code Available for a New Vulnerability in Microsoft Wordadded December 11, 2006US-CERT is aware of a new vulnerability in Microsoft Word. Reports indicate that the issue is caused by a flaw in the way Word handles malformed data structures. By persuading a user to open a specially crafted Word document sent as an email attachment or from a malicious web site, a remote attacker could execute arbitrary code with the privileges of the user. This vulnerability is different from the Word vulnerability reported on December 6, that was also reported in Microsoft Security Advisory 929433. According to Microsoft, the following products are vulnerable: Windows 2003 SP0 - SP1, Word XP, Word 2000, Word 2002, Word 2003, and the Word Viewer 2003. Word 2007 is NOT affected by the vulnerability. More information about this vulnerability can be found in the following:
Until a security fix from Microsoft becomes available, US-CERT recommends the following actions to help mitigate the security risks:
Additionally, US-CERT strongly encourages users not to open unfamiliar or unexpected email attachments, even if sent by a known and trusted source. Users may wish to read Cyber Security Tip ST04-010 for more information on working with email attachments. US-CERT will continue to investigate this vulnerability and provide additional information as it becomes available. Microsoft Releases Advance Notification for December Security Bulletinadded December 7, 2006Microsoft has issued a Security Bulletin Advance Notification indicating that their December release cycle will contain six bulletins, some of which have a maximum severity rating of Critical. The notification further states that five of the bulletins are for Windows, and one is for Visual Studio. The release is scheduled for Tuesday, December 12th. We will provide additional information as it becomes available. Windows Media Player ASX File Handling Vulnerabilityadded December 7, 2006US-CERT is aware of a heap buffer overflow vulnerability in Windows Media Player. The flaw occurs when the Windows Media Playback/Authoring library (WMVCORE.DLL) processes malformed ASX Playlist files. By persuading a user to access a specially crafted HTML document (e.g., a web page or an HTML email message), a remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the user or cause a denial of service. Until a security fix from Microsoft becomes available, US-CERT recommends the following actions to help mitigate the security risks:
US-CERT will continue to investigate this vulnerability and provide additional information as it becomes available. Updates Available for Multiple Vulnerabilities in Adobe Productsadded December 7, 2006Adobe has released updates to address vulnerabilities in Adobe Download Manager, Adobe Reader, and Adobe Acrobat 7. US-CERT recommends that users review the updates and follow the instructions provided in the following: More information about this vulnerability can be found in the following:
Active Exploitation of a Vulnerability in Microsoft Wordadded December 6, 2006 | updated December 6, 2006US-CERT is aware of reports of active exploitation of a new vulnerability in Microsoft Word. Successful exploitation could allow an attacker to execute arbitrary code with the privileges of the user running Word. More information about this vulnerability can be found in the following:
US-CERT recommends that users take the following actions to mitigate the security risks:
Additionally, US-CERT strongly encourages users not to open unfamiliar or unexpected email attachments, even if sent by a known and trusted source. Users may wish to read Cyber Security Tip ST04-010 for more information on working with email attachments. US-CERT will continue to investigate this vulnerability and provide additional information as it becomes available. Adobe Reader and Acrobat ActiveX Vulnerabilitiesadded November 29, 2006 | updated November 30, 2006US-CERT is aware of a report of multiple vulnerabilities that affect the ActiveX control for Adobe Reader and Acrobat. More information about these vulnerabilities can be found in the following:
Until an official update, patch, or more information becomes available, we recommend the following actions to help mitigate the security risks:
Apple Releases Security Update for Multiple Vulnerabilitiesadded November 29, 2006Apple has released Security Update 2006-007 to correct multiple vulnerabilities in Mac OS X and related products. More information about the vulnerabilities can be found in these Vulnerability Notes and Technical Cyber Security Alert TA06-333A. US-CERT encourages users to apply the appropriate updates as soon as possible. US-CERT will continue to investigate these vulnerabilities and provide additional information as it becomes available. Google Search Appliance Vulnerable to Cross-site Scriptingadded November 29, 2006US-CERT is aware of a cross-site scripting (XSS) vulnerability in Google Search Appliance and Google Mini devices. Specifically, the flaw exists in the way that Google Search Appliance and Google Mini devices handle UTF-7 (Unicode Transformation Format) encoded URIs (Uniform Resource Identifier). Until an official update, patch, or more information becomes available, we recommend the following actions to help mitigate the security risks:
New Spybot Worm Targets Old Symantec Vulnerabilityadded November 28, 2006 | updated November 29, 2006Symantec has confirmed reports of a new worm attempting to exploit previously patched flaws in Microsoft Windows and Symantec Client Security and Antivirus Corporate Edition. The worm, named W32.Spybot.ACYR, spreads through Internet Relay Chat (IRC) channels and to network shares with weak passwords. Successful exploitation could allow a remote unauthenticated attacker to execute arbitrary code with SYSTEM privileges. According to Symantec in its Security Response Weblog, the impact of the attack is minimal thus far. Symantec further states that customers who have applied the patch are not susceptible to this new attack. More information about the vulnerabilities in the Symantec products can be found in the following:
US-CERT recommends that users to take the following actions to mitigate the security risks:
US-CERT will continue to investigate and provide additional information as it becomes available. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more
Get Adobe Reader