Mailing Lists & Feeds
Current Activity Calendar
| August 24, 2007 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Several New Storm Worm Trojan Propagation Techniquesadded August 21, 2007 at 03:58 pm | updated August 24, 2007 at 02:38 pm
US-CERT is aware of several new propagation
techniques being used by the Storm Worm Trojan to spread. The new variants
arrive as either an email message claiming to contain a link to adult pictures,
or as credentials for a membership-based website, asking you to login to change
your temporary ID and password. The
messages contain links to malicious websites that when visited, install malware
on the user's system.
Multiple Vulnerabilities in Trend Micro Productsadded August 22, 2007 at 12:58 pm | updated August 23, 2007 at 03:54 pm
Trend Micro has released updates to address several vulnerabilities in their ServerProtect, AntiSpyware, and PC-cillin Internet Security products. By sending a crafted RPC request or creating a file on the local file
system with an overly long path, an attacker may be able to cause a denial-of-service condition or execute arbitrary code on an affected system.
To mitigate the security risks, US-CERT recommends that users and administrators apply the patches and hot fixes as described in the above documents as soon as possible. Yahoo! Messenger Web Camera Invitation Handling Vulnerabilityadded August 16, 2007 at 10:05 am | updated August 17, 2007 at 11:21 am
US-CERT is aware of a publicly reported heap overflow vulnerability in Yahoo! Messenger. By enticing a user to accept a specially crafted web camera invitation, a remote attacker may be able to cause a a denial-of-service condition or execute arbitrary code on an affected system. Cisco Releases Security Advisory for Vulnerabilities in Cisco VPN Clientadded August 15, 2007 at 02:21 pm
Cisco has issued a Security Advisory to address two vulnerabilities in their VPN Client for Microsoft Windows. These vulnerabilities may allow an attacker to elevate privileges on an affected system. Microsoft Releases August Security Bulletinsadded August 14, 2007 at 02:16 pm | updated August 15, 2007 at 07:44 am
Microsoft has released updates to address vulnerabilities in Windows, Windows Media Player, Windows Gadgets, Office, Excel, Internet Explorer, Visual Basic, Virtual Sever, and Virtual PC as part of the Microsoft Security Bulletin Summary for August 2007. Storm Worm Variant Continues to Spreadadded August 14, 2007 at 02:01 pm
US-CERT is aware of public reports that the Storm Worm variant, previously reported in the US-CERT Current Activity on 29-June-2007, is currently on the rise. This variant of the Storm Worm arrives as an email message and contains a link to a malicious website that, when visited, installs malware on the user's system. The subject line of the email message may contain one of the examples listed in these US-CERT Current Activity 16-April-2007 and 20-January-2007 documents.
Publicly Available Exploit for Microsoft FlashPix ActiveX Controladded August 14, 2007 at 12:53 pm
US-CERT is aware of publicly available exploit code for a buffer overflow vulnerability in the Microsoft DirectX Media 6.0 SDK FlashPix ActiveX control. This vulnerability may allow a remote, unauthenticated attacker to cause a denial-of-service condition or execute arbitrary code on an affected system by convincing a user to view a specially crafted HTML document. |
||||||||||||||||||||||||||||||||||||||||||||||||||
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more
Get Adobe Reader