Mailing Lists & Feeds
Current Activity Calendar
| November 07, 2007 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Apple Releases Security Update to Address Multiple QuickTime Vulnerabilitiesadded November 6, 2007 at 03:51 pm | updated November 7, 2007 at 01:03 pm
Apple has released QuickTime 7.3 to address multiple vulnerabilities in QuickTime. The impacts of these vulnerabilities include arbitrary code execution and denial of service.
Mac OS X Leopard Firewall Changesadded November 5, 2007 at 05:06 pm | updated November 6, 2007 at 11:30 am
Apple's Mac OS X Leopard includes an application-based firewall feature. US-CERT is aware of ambiguities in the way the firewall components supplied with Leopard report the status of the firewall configuration. Users may be misinformed of the status of their firewall rule set, thus placing listening network services at an increased risk. Microsoft Releases Security Advisory to Address Macrovision Vulnerabilityadded November 6, 2007 at 09:40 am
Microsoft has released Security Advisory 944653 to address a vulnerability found in the Macrovision "secdrv.sys" driver included with Windows Server 2003 and Windows XP. The "secdrv.sys" driver fails to properly handle configuration parameters and may allow a local attacker to gain escalated privileges on an affected system. Mac DNS Changer Trojanadded November 1, 2007 at 08:56 am
US-CERT is aware of a Mac DNS changer Trojan. If executed, this Trojan will change the DNS settings of a user's machine and then report back to a command and control server. The Trojan appears as a DMG archive file which, if downloaded and installed, will run the Trojan on a user's system.
Federal Trade Commission Spoofed Emailadded October 30, 2007 at 11:18 am | updated October 31, 2007 at 08:09 am
US-CERT is aware of fraudulent email messages purporting to be from the Federal Trade Commission's (FTC) "Fraud Department". These messages refer to a complaint filed against the email's recipient and appear to be from "frauddep@ftc.gov". The email messages contain a link to malicious software and should not be followed. Please see the Federal Trade Commission website for additional information.
Active Exploitation of Microsoft Windows URI Protocol Handling Vulnerabilityadded October 26, 2007 at 03:15 pm
Microsoft has released a revision to Microsoft Security Advisory (943521), which was previously reported by US-CERT in the Microsoft Windows URI Protocol Handling Vulnerability Current Activity. This revision states that because of an active exploitation the severity rating has been increased.
New Storm Worm Variant Disables Security Softwareadded October 26, 2007 at 03:15 pm
US-CERT is aware of a new Storm Worm variant. Functionality in this variant can cause certain types of programs, including anti-virus and network access control programs, to appear as if they are functioning correctly, though the process(es) have been disabled by the worm.
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more
Get Adobe Reader