Current Activity Calendar

	September 2007
Su	M	Tu	W	Th	F	Sa
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

Please click on a date above to see current activity for that day.

September 11, 2007 - Current Activity

This is an archived copy of current activity, if you would like to see the most recent version, please click here.

*September 11*	Microsoft Releases September Security Bulletins
*September 11*	Worm Targeting Skype for Windows Users
*September 10*	Storm Worm Variant Spreads by Fictitious NFL Email
*September 6*	Microsoft Releases Advance Notification for September Security Bulletins
*September 6*	Apple Releases Security Update to Address Vulnerability in iTunes
*September 5*	Cisco Addresses Vulnerabilities in Content Switching Module and Video Surveillance Products
*September 4*	Multiple Vulnerabilities in Kerberos Administration Daemon

Microsoft Releases September Security Bulletins

added September 11, 2007 at 01:56 pm

Microsoft has released updates to address vulnerabilities in Windows, Visual Studio, Windows Services for UNIX, Subsystem for UNIX-based Applications, MSN Messenger, and Windows Live Messenger as part of the Microsoft Security Bulletin Summary for September 2007.

More information about these vulnerabilities is located in the Vulnerability Notes Database.

US-CERT strongly encourages users to review the bulletins and follow best-practice security policies to determine what updates should be applied.

Worm Targeting Skype for Windows Users

added September 11, 2007 at 01:40 pm

US-CERT is aware of public reports of a new worm targeting Skype users on Windows based systems. This worm uses Skype's chat function to send a message to other users. The chat message contains a link that appears to be to a .JPG image file, that when followed, attempts to download or install a malicious .scr file. If one saves or executes this malicious .scr file, the host computer will be infected with the w32/Ramex.A virus.

More information regarding this worm can be found in the Skype status announcement.

US-CERT will continue to monitor this activity and may update with additional information.

Storm Worm Variant Spreads by Fictitious NFL Email

added September 10, 2007 at 02:47 pm

US-CERT is aware of public reports that the Storm Worm variant, previously reported in the US-CERT Current Activity on 29-June-2007, is currently spreading by email messages purporting to be an NFL (National Football League) game statistics website. This variant of the Storm Worm arrives as an email message and contains a link to a malicious website that, when visited, installs malware on the user's system.

US-CERT urges users and administrators to take the following preventative measures to mitigate the security risks:

Install anti-virus software, and keep its virus signature files up-to-date.
Block executable and unknown file types at the email gateway.
Refer to the Recognizing and Avoiding Email Scams document for more information on avoiding email scams.
Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Microsoft Releases Advance Notification for September Security Bulletins

added September 6, 2007 at 01:50 pm

Microsoft has issued a Security Bulletin Advance Notification indicating that their September release cycle will contain five bulletins, some of which have a maximum severity rating of Critical. The notification further states that the bulletins are for Windows, Visual Studio, Windows Services for UNIX, Subsystem for UNIX-based Applications, MSN Messenger, Windows Live Messenger, and SharePoint Server. The release is scheduled for Tuesday, September 11, 2007.

US-CERT will provide additional information as it becomes available.

Apple Releases Security Update to Address Vulnerability in iTunes

added September 6, 2007 at 01:19 pm

Apple has released iTunes 7.4 to address a vulnerability in the way that iTunes processes album cover art. By enticing a user to open a specially crafted music file, an attacker may be able to execute arbitrary code on an affected system.

US-CERT recommends that users update to iTunes version 7.4 as soon as possible.

Cisco Addresses Vulnerabilities in Content Switching Module and Video Surveillance Products

added September 5, 2007 at 02:19 pm

Cisco has issued two Security Advisories to address vulnerabilities in their Content Switching Module, Video Surveillance IP Gateway, Services Platform, and Integrated Services Platform devices. These vulnerabilities may allow a remote, unauthenticated user to cause a denial-of-service condition or gain complete administrative control of an affected device.

For more information about these vulnerabilities and affected products, see "Denial of Service Vulnerabilities in Content Switching Module" and "Cisco Video Surveillance IP Gateway and Services Platform Authentication Vulnerabilities."

US-CERT strongly recommends that administrators review the advisories and follow best-practice security policies to determine what updates or workarounds should be applied.

Multiple Vulnerabilities in Kerberos Administration Daemon

added September 4, 2007 at 03:15 pm

US-CERT is aware of multiple vulnerabilities in the Kerberos administration daemon that may allow a remote user to execute arbitrary code or cause a denial-of-service condition on an affected system.

More information regarding these vulnerabilities may be found in the following:

US-CERT strongly encourages users and administrators to review the documents above and apply the patches as described in MIT krb5 Security Advisory 2007-006 to address these vulnerabilities.

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting

DHS Threat Advisory