Current Activity Calendar

	May 2007
Su	M	Tu	W	Th	F	Sa
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Please click on a date above to see current activity for that day.

May 23, 2007 - Current Activity

This is an archived copy of current activity, if you would like to see the most recent version, please click here.

*May 23*	Microsoft Office ActiveX Control Vulnerability
*May 22*	Cisco Releases Security Advisory to Address Multiple Vulnerabilities in Cisco IOS
*May 22*	Microsoft Releases Security Advisory to Announce Microsoft Office Enhancements
*May 16*	Symantec Norton Internet Security ActiveX Control Vulnerability
*May 15*	Samba Releases Update to Address Multiple Vulnerabilities
*May 10*	Cisco Releases Security Advisory to Address Multiple Vulnerabilities in IOS FTP Server
*May 9*	Microsoft Releases May Security Bulletin

Microsoft Office ActiveX Control Vulnerability

added May 23, 2007 at 08:46 pm

US-CERT is investigating reports of a vulnerability in a Microsoft Office 2000 ActiveX control. Excessive data passed to the OUACTRL ActiveX control may result in a buffer overflow allowing arbitrary code execution or causing a denial-of-service condition.

US-CERT recommends disabling ActiveX as described in the Securing Your Web Browser document.

Cisco Releases Security Advisory to Address Multiple Vulnerabilities in Cisco IOS

added May 22, 2007 at 02:30 pm

Cisco has released Security Advisory cisco-sa-20070522-SSL to address multiple vulnerabilities in Cisco IOS. These vulnerabilities may lead to a sustained denial-of-service condition when processing malformed SSL messages.

US-CERT recommends administrators apply the workarounds as described in Cisco Security Advisory cisco-sa-20070522-SSL.

US-CERT will provide additional information as it becomes available.

Microsoft Releases Security Advisory to Announce Microsoft Office Enhancements

added May 22, 2007 at 09:15 am

Microsoft has released the Microsoft Office Isolated Conversion Environment (MOICE) feature and File Block Functionality for Microsoft Office 2003 and 2007 Office system.

Microsoft states that MOICE converts Office 2003 binary documents to the newer Office open XML format in an isolated environment providing an additional layer of security.

The File Block Functionality allows restrictions to be placed on specific Office file types by administrators to deny opening potentially unsafe documents.

More information regarding these enhancements can be found in Microsoft Security Advisory 937696.

US-CERT strongly encourages users to review the Security Advisory and take the appropriate actions and implement these enhancements where pertinent.

Symantec Norton Internet Security ActiveX Control Vulnerability

added May 16, 2007 at 02:42 pm

US-CERT is aware of a vulnerability in the Symantec Norton Internet Security 2004 ISAlertDataCOM ActiveX control. By convincing a user to view a specially crafted HTML document (e.g., a web page or an HTML email message or attachment), an attacker may be able to execute arbitrary code with the privileges of the user or could cause the web browser to crash.

More information about this vulnerability can be found in the following:

Vulnerability Note VU#983953
Symantec Advisory SYM07-007

US-CERT recommends the following actions to help mitigate the security risk:

Apply the update as described in Symantec Advisory SYM07-007
Disable the ISAlertDataCOM ActiveX control in Internet Explorer as described in Vulnerability Note VU#983953
Disable ActiveX as described in the Securing Your Web Browser document

Samba Releases Update to Address Multiple Vulnerabilities

added May 14, 2007 at 02:30 pm | updated May 15, 2007 at 02:29 pm

Samba has released version 3.0.25 to address several vulnerabilities. The impacts of these vulnerabilities include remote code execution, remote command injection, and system privilege elevation.

More information regarding these vulnerabilities can be found in the following:

Vulnerability Notes Database
Samba Security Announcement CVE-2007-2444: Local SID/Name translation bug can result in user privilege elevation
Samba Security Announcement CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution
Samba Security Announcement CVE-2007-2447: Remote Command Injection Vulnerability

US-CERT encourages administrators to apply the fixes and workarounds described in the Samba Security Announcements or contact their operating system vendor for updates.

Cisco Releases Security Advisory to Address Multiple Vulnerabilities in IOS FTP Server

added May 10, 2007 at 02:40 pm

Cisco has released Security Advisory cisco-sa-20070509-iosftp to address multiple vulnerabilities in IOS FTP Server. These vulnerabilities may allow unauthorized, remote users to access the filesystem, cause a denial-of-service condition, or execute arbitrary code.

US-CERT encourages administrators to apply the fixes and workarounds described in Security Advisory cisco-sa-20070509-iosftp.

Microsoft Releases May Security Bulletin

added May 8, 2007 at 02:20 pm | updated May 9, 2007 at 10:11 am

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Windows DNS RPC Interface, Office, Exchange, CAPICOM, and BizTalk as part of the Microsoft Security Bulletin Summary for May 2007.

More information about these vulnerabilities is located in the Vulnerability Notes Database and Technical Cyber Security Alert TA07-128A.

US-CERT strongly encourages users to review the bulletins and follow best-practice security policies to determine what updates should be applied.

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting

DHS Threat Advisory