Current Activity Calendar

	September 2007
Su	M	Tu	W	Th	F	Sa
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28	29
30

Please click on a date above to see current activity for that day.

September 18, 2007 - Current Activity

This is an archived copy of current activity, if you would like to see the most recent version, please click here.

*September 18*	Microsoft Windows MFC Libraries Buffer Overflow Vulnerability
*September 14*	Public Exploit Code Targeting Firefox and QuickTime
*September 11*	Microsoft Releases September Security Bulletins
*September 11*	Worm Targeting Skype for Windows Users
*September 10*	Storm Worm Variant Spreads by Fictitious NFL Email
*September 6*	Microsoft Releases Advance Notification for September Security Bulletins
*September 6*	Apple Releases Security Update to Address Vulnerability in iTunes

Microsoft Windows MFC Libraries Buffer Overflow Vulnerability

added September 18, 2007 at 02:08 pm | updated September 18, 2007 at 04:20 pm

US-CERT is aware of a vulnerability in the Microsoft Windows MFC42 and MFC71 libraries. Specifically, the vulnerability exists due to the "FindFile" function failing to properly validate the length of user supplied input. By passing an overly long argument to the "FindFile" function, an attacker may be able to cause a buffer overflow and execute arbitrary code on an affected system. Any application that utilizes these libraries and allows users to manipulate the arguments being passed to the API may be affected.

US-CERT will continue to investigate and provide additional information as it becomes available.

Public Exploit Code Targeting Firefox and QuickTime

added September 12, 2007 at 04:26 pm | updated September 14, 2007 at 09:02 am

US-CERT is aware of working publicly available exploit code that targets users with Firefox and QuickTime installed. This exploit allows a remote, unauthenticated attacker to execute arbitrary commands on an affected system.

More information regarding this vulnerability can be found in Vulnerability Note VU#751808.

Until updates are available, US-CERT encourages administrators and users to view only trusted QuickTime movies.

Microsoft Releases September Security Bulletins

added September 11, 2007 at 01:56 pm

Microsoft has released updates to address vulnerabilities in Windows, Visual Studio, Windows Services for UNIX, Subsystem for UNIX-based Applications, MSN Messenger, and Windows Live Messenger as part of the Microsoft Security Bulletin Summary for September 2007.

More information about these vulnerabilities is located in the Vulnerability Notes Database.

US-CERT strongly encourages users to review the bulletins and follow best-practice security policies to determine what updates should be applied.

Worm Targeting Skype for Windows Users

added September 11, 2007 at 01:40 pm

US-CERT is aware of public reports of a new worm targeting Skype users on Windows based systems. This worm uses Skype's chat function to send a message to other users. The chat message contains a link that appears to be to a .JPG image file, that when followed, attempts to download or install a malicious .scr file. If one saves or executes this malicious .scr file, the host computer will be infected with the w32/Ramex.A virus.

More information regarding this worm can be found in the Skype status announcement.

US-CERT will continue to monitor this activity and may update with additional information.

Storm Worm Variant Spreads by Fictitious NFL Email

added September 10, 2007 at 02:47 pm

US-CERT is aware of public reports that the Storm Worm variant, previously reported in the US-CERT Current Activity on 29-June-2007, is currently spreading by email messages purporting to be an NFL (National Football League) game statistics website. This variant of the Storm Worm arrives as an email message and contains a link to a malicious website that, when visited, installs malware on the user's system.

US-CERT urges users and administrators to take the following preventative measures to mitigate the security risks:

Install anti-virus software, and keep its virus signature files up-to-date.
Block executable and unknown file types at the email gateway.
Refer to the Recognizing and Avoiding Email Scams document for more information on avoiding email scams.
Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

Microsoft Releases Advance Notification for September Security Bulletins

added September 6, 2007 at 01:50 pm

Microsoft has issued a Security Bulletin Advance Notification indicating that their September release cycle will contain five bulletins, some of which have a maximum severity rating of Critical. The notification further states that the bulletins are for Windows, Visual Studio, Windows Services for UNIX, Subsystem for UNIX-based Applications, MSN Messenger, Windows Live Messenger, and SharePoint Server. The release is scheduled for Tuesday, September 11, 2007.

US-CERT will provide additional information as it becomes available.

Apple Releases Security Update to Address Vulnerability in iTunes

added September 6, 2007 at 01:19 pm

Apple has released iTunes 7.4 to address a vulnerability in the way that iTunes processes album cover art. By enticing a user to open a specially crafted music file, an attacker may be able to execute arbitrary code on an affected system.

US-CERT recommends that users update to iTunes version 7.4 as soon as possible.

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting

DHS Threat Advisory