Current Activity Calendar

	July 2007
Su	M	Tu	W	Th	F	Sa
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31

Please click on a date above to see current activity for that day.

July 10, 2007 - Current Activity

This is an archived copy of current activity, if you would like to see the most recent version, please click here.

*July 10*	Microsoft Releases July Security Bulletins
*July 10*	SAP Products Contain Vulnerabilities
*July 10*	Web Browser Code Execution Vulnerability
*July 5*	Microsoft Releases Advance Notification for July Security Bulletins
*July 5*	New Storm Worm Variant Spreads through Social Engineering
*July 2*	Russian Cyber Attacks Reported
*June 28*	Publicly Available Exploit Code for a Vulnerability in RealNetworks Media Players

Microsoft Releases July Security Bulletins

added July 10, 2007 at 03:33 pm

Microsoft has released updates to address vulnerabilities in Windows, Excel, Office Publisher, and .NET Framework as part of the Microsoft Security Bulletin Summary for July 2007.

US-CERT will provide additional information as it becomes available.

US-CERT strongly encourages users to review the bulletins and follow best-practice security policies to determine what updates should be applied.

SAP Products Contain Vulnerabilities

added July 10, 2007 at 03:31 pm

US-CERT is aware of vulnerabilities that exist in the SAP Message and DB Web Servers. These vulnerabilities may allow an unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition.

More information regarding this vulnerability can be found in Vulnerability Note VU#305657 and VU#679041.

To help mitigate the security risk, US-CERT recommends users upgrade their SAP server to the latest version as soon as possible.

Web Browser Code Execution Vulnerability

added July 10, 2007 at 12:15 pm

US-CERT is aware of a public exploit code for a new vulnerability targeting Microsoft Internet Explorer. The public exploit code demonstrates the vulnerability using the Mozilla Firefox firefoxurl:// URL protocol. To trigger this vulnerability, an attacker must persuade a user who has Firefox installed to access a specially crafted web page with Internet Explorer.

US-CERT will provide additional information as it becomes available.

Microsoft Releases Advance Notification for July Security Bulletins

added July 5, 2007 at 01:52 pm

Microsoft has issued a Security Bulletin Advance Notification indicating that their July release cycle will contain six bulletins, three of which have a maximum severity rating of Critical. The notification further states that the three Critical bulletins are for Windows, Office, Excel, and .NET Framework. There will also be two Important bulletins for Office Publisher and Windows XP Professional as well as one Moderate bulletin for Windows Vista. Microsoft will also release an updated version of the Microsoft Windows Malicious Software Removal Tool. The release is scheduled for Tuesday, July 10, 2007.

US-CERT will provide additional information as it becomes available.

New Storm Worm Variant Spreads through Social Engineering

added June 29, 2007 at 01:31 pm | updated July 5, 2007 at 09:42 am

US-CERT is aware of a new variant of the Trojan Worm known as "Storm Worm" that uses social engineering with mass mailing to spread to unsuspecting victims. This variant of Storm Worm arrives as an email message and contains a link to a malicious website that, when visited, installs malware on the user's system.

Subject lines can change at any time, but the following are some examples that are currently being used:

You've received a postcard from a family member!
4th Of July Celebration
America's 231 Birthday
Celebrate Your Independence
Celebrate Your Nation

US-CERT recommends users take the following preventative measures to mitigate the security risks:

Install anti-virus software, and keep its virus signature files up-to-date.
Block executable and unknown file types at the email gateway.
Refer to the Recognizing and Avoiding Email Scams document for more information on avoiding email scams.
Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Russian Cyber Attacks Reported

added July 2, 2007 at 01:12 pm

US-CERT is aware of reports of cyber attacks occurring in Russian cyber-space. According to reports these attacks may be politically motivated. It is reported that the attacks are similar to those that affected Estonia in April and May.

More information can be found in the following:

http://www.washingtonpost.com/wp-dyn/content/article/2007/07/01/AR2007070100009.html

US-CERT will continue to monitor this activity and may update with additional information.

Publicly Available Exploit Code for a Vulnerability in RealNetworks Media Players

added June 28, 2007 at 11:50 am

US-CERT is aware of publicly available exploit code for a buffer overflow vulnerability in RealNetworks media players. By supplying a user with a crafted media file or stream, a remote unauthenticated attacker could execute arbitrary code or cause a denial-of-service condition on a vulnerable system.

More information regarding this vulnerability can be found in Vulnerability Note VU#770904 and iDefense Labs Public Advisory: 06.26.07.

To help mitigate the security risk, US-CERT recommends users upgrade their media player to the latest version as soon as possible.

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting

DHS Threat Advisory