Skip to content

Home  |   FAQ  |   Contact  |   Privacy & Use

customize
Current Activity Calendar
Left Arrow
August 2007
 Right Arrow
Su M Tu W Th F Sa
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31
Please click on a date above to see current activity for that day.

  • Latest Current Activity
    •

    August 22, 2007 - Current Activity

    This is an archived copy of current activity, if you would like to see the most recent version, please click here.

    August 22Multiple Vulnerabilities in Trend Micro Products
    August 21Several New Storm Worm Trojan Propagation Techniques
    August 17Yahoo! Messenger Web Camera Invitation Handling Vulnerability
    August 15Cisco Releases Security Advisory for Vulnerabilities in Cisco VPN Client
    August 15Microsoft Releases August Security Bulletins
    August 14Storm Worm Variant Continues to Spread
    August 14Publicly Available Exploit for Microsoft FlashPix ActiveX Control


    Multiple Vulnerabilities in Trend Micro Products

    added August 22, 2007 at 12:58 pm

    Trend Micro has released updates to address several vulnerabilities in their ServerProtect, AntiSpyware, and PC-cillin Internet Security products. By sending a crafted RPC request or creating a file on the local file system with an overly long path, an attacker may be able to cause a denial-of-service condition or execute arbitrary code on an affected system.

    More information regarding the vulnerabilities, affected products, and fixes can be found in the ServerProtect Security Patch 4 release notes and Trend Micro Solution Detail 1035845.

    US-CERT recommends that users and administrators apply the patches and hot fixes as described in the above Trend Micro documents.


    Several New Storm Worm Trojan Propagation Techniques

    added August 21, 2007 at 03:58 pm

    US-CERT is aware of several new propagation techniques being used by the Storm Worm Trojan to spread. The new variants arrive as either an email message claiming to contain a link to adult pictures, or as credentials for a membership-based website, asking you to login to change your temporary ID and password.  The messages contain links to malicious websites that when visited, install malware on the user's system. 

    US-CERT urges users and administrators to take the following preventative measures to mitigate the security risks:


    Yahoo! Messenger Web Camera Invitation Handling Vulnerability

    added August 16, 2007 at 10:05 am | updated August 17, 2007 at 11:21 am

    US-CERT is aware of a publicly reported heap overflow vulnerability in Yahoo! Messenger. By enticing a user to accept a specially crafted web camera invitation, a remote attacker may be able to cause a a denial-of-service condition or execute arbitrary code on an affected system.

    More information regarding this vulnerability can be found in Vulnerability Note VU#515968.

    Until a fix is available, US-CERT recommends that users reject all web camera invitations and block outgoing network traffic on TCP port 5100.


    Cisco Releases Security Advisory for Vulnerabilities in Cisco VPN Client

    added August 15, 2007 at 02:21 pm

    Cisco has issued a Security Advisory to address two vulnerabilities in their VPN Client for Microsoft Windows. These vulnerabilities may allow an attacker to elevate privileges on an affected system.

    More information regarding these vulnerabilities can be found in the Cisco Security Advisory: Local Privilege Escalation Vulnerabilities in Cisco VPN Client.

    US-CERT strongly recommends that administrators review the Cisco Security Advisory above and follow best-practice security policies to determine what updates or workarounds should be applied.


    Microsoft Releases August Security Bulletins

    added August 14, 2007 at 02:16 pm | updated August 15, 2007 at 07:44 am

    Microsoft has released updates to address vulnerabilities in Windows, Windows Media Player, Windows Gadgets, Office, Excel, Internet Explorer, Visual Basic, Virtual Sever, and Virtual PC as part of the Microsoft Security Bulletin Summary for August 2007.

    More information about these vulnerabilities is located in the Vulnerability Notes Database and Technical Cyber Security Alert TA07-226A.

    US-CERT strongly encourages users to review the bulletins and follow best-practice security policies to determine what updates should be applied.


    Storm Worm Variant Continues to Spread

    added August 14, 2007 at 02:01 pm

    US-CERT is aware of public reports that the Storm Worm variant, previously reported in the US-CERT Current Activity on 29-June-2007, is currently on the rise. This variant of the Storm Worm arrives as an email message and contains a link to a malicious website that, when visited, installs malware on the user's system. The subject line of the email message may contain one of the examples listed in these US-CERT Current Activity 16-April-2007 and 20-January-2007 documents.

    US-CERT urges users and administrators to take the following preventative measures to mitigate the security risks:


    Publicly Available Exploit for Microsoft FlashPix ActiveX Control

    added August 14, 2007 at 12:53 pm

    US-CERT is aware of publicly available exploit code for a buffer overflow vulnerability in the Microsoft DirectX Media 6.0 SDK FlashPix ActiveX control. This vulnerability may allow a remote, unauthenticated attacker to cause a denial-of-service condition or execute arbitrary code on an affected system by convincing a user to view a specially crafted HTML document.    

    More information can be found in Vulnerability Note VU#466601.

    US-CERT encourages users to Disable ActiveX controls as described in the Securing Your Web Browser document.