Skip to content

Home  |   FAQ  |   Contact  |   Privacy & Use

customize
Current Activity Calendar
Left Arrow
March 2008
 Right Arrow
Su M Tu W Th F Sa
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31
Please click on a date above to see current activity for that day.

  • Latest Current Activity
    •

    March 11, 2008 - Current Activity

    This is an archived copy of current activity, if you would like to see the most recent version, please click here.

    March 11RealPlayer ActiveX Vulnerability
    March 11Microsoft Releases March Security Bulletin
    March 11Trojan Exploiting Microsoft Excel Vulnerability
    March 7GNOME Evolution Vulnerability
    March 6Sun Java SE Updates
    March 6Microsoft Releases Advance Notification for March Security Bulletin
    March 5Increased Traffic to 7100/udp
    February 28Opera Releases Update
    February 28Final Netscape Navigator Release
    February 27Symantec Releases Security Advisory


    RealPlayer ActiveX Vulnerability

    added March 11, 2008 at 09:51 am | updated March 11, 2008 at 02:14 pm

    US-CERT is aware of reports of a vulnerability in RealPlayer. This vulnerability is due to improper handling of the "Console" property in the RealPlayer ActiveX control (rmoc3260.dll). Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code.

    US-CERT encourages users to do the following to help mitigate the risk:

    • Review US-CERT Vulnerability Note VU#831457.
    • Review Microsoft Support Document 240797 and set kill bits for the following CLSIDs:
            {0FDF6D6B-D672-463B-846E-C6FF49109662}
            {224E833B-2CC6-42D9-AE39-90B6A38A4FA2}
            {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93}
            {3B46067C-FD87-49B6-8DDD-12F0D687035F}
            {3B5E0503-DE28-4BE8-919C-76E0E894A3C2}
            {44CCBCEB-BA7E-4C99-A078-9F683832D493}
            {A1A41E11-91DB-4461-95CD-0C02327FD934}
            {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}
    US-CERT will provide more information as it becomes available.


    Microsoft Releases March Security Bulletin

    added March 11, 2008 at 01:54 pm

    Microsoft has released updates to address vulnerabilities in Microsoft Excel, Outlook, Office, and Office Web Components as part of the Microsoft Security Bulletin Summary for March 2008. All of these vulnerabilities could allow an attacker to execute arbitrary code.

    US-CERT strongly encourages users to review the bulletins and follow best-practice security policies to determine which updates should be applied.


    Trojan Exploiting Microsoft Excel Vulnerability

    added March 10, 2008 at 03:25 pm | updated March 11, 2008 at 01:39 pm

    US-CERT is aware of public reports of a trojan that may exploit a vulnerability in Microsoft Excel. This trojan is circulating through email messages that contain attached Excel files. Known file names for these attachments are OLYMPIC.XLS and SCHEDULE.XLS. These files may also contain Windows binary executables that can compromise an affected system.

    US-CERT encourage users to do the following to help mitigate the risk:

    • Review Microsoft Security Bulletin MS08-014 and apply any necessary updates.
    • Do not open unsolicited or untrusted email messages.
    • Use caution when opening email attachments.
    • Block executable files and unknown file types at the email gateway.
    • Install anti-virus software, and keep its virus signature files up-to-date.
    • Review the US-CERT Cyber Security Tip - Using Caution with Email Attachments.
    US-CERT will provide more information as it becomes available.


    GNOME Evolution Vulnerability

    added March 7, 2008 at 09:18 am

    US-CERT is aware of a vulnerability in GNOME Evolution. This vulnerability, which is caused by a format string error in the "emf_multipart_encrypted()" function in mail/em-format.c, occurs when displaying data from an encrypted email message. By convincing a user to select a specially crafted email message, a remote, authenticated attacker may be able to execute arbitrary code.

    US-CERT encourages users and administrators to apply updates as soon as possible. Administrators who compile Evolution from source should refer to GNOME Bug ID 520745; others should refer to their operating system vendor for updated software.

    US-CERT will provide more information as it becomes available.


    Sun Java SE Updates

    added March 6, 2008 at 09:00 am | updated March 6, 2008 at 04:22 pm

    Sun has released updates for Java SE. These updates address multiple vulnerabilities in Java Web Start, Java JDK, Java JRE, and Java SDK. These vulnerabilities may allow a remote attacker to execute arbitrary code, bypass security restrictions, or cause a denial-of-service condition.

    US-CERT encourages users to review the following Sun Alerts and apply any necessary updates:

    • Sun Alert 233321 - Two Security Vulnerabilities in the Java Runtime Environment Virtual Machine
    • Sun Alert 233322 - Security Vulnerability in the Java Runtime Environment with the Processing of XSLT Transformations
    • Sun Alert 233323 - Multiple Security Vulnerabilities in Java Web Start May Allow an Untrusted Application to Elevate Privileges
    • Sun Alert 233324 - A Security Vulnerability in the Java Plug-in May Allow an Untrusted Applet to Elevate Privileges
    • Sun Alert 233325 - Vulnerabilities in the Java Runtime Environment image Parsing Library
    • Sun Alert 233326 - Security Vulnerability in the Java Runtime Environment May Allow Untrusted JavaScript Code to Elevate Privileges through Java APIs
    • Sun Alert 233327 - Buffer Overflow Vulnerability in Java Web Start May Allow an Untrusted Application to Elevate its Privileges
    More information regarding the Java SE vulnerabilities can be found in Technical Cyber Security Alert TA08-066A.

    US-CERT will provide additional information as it becomes available.


    Microsoft Releases Advance Notification for March Security Bulletin

    added March 6, 2008 at 04:00 pm

    Microsoft has issued Security Bulletin Advance Notification indicating that its March release cycle will contain four bulletins, all of which will have the severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Office and Office Web components. The release is scheduled for Tuesday, March 11, 2008.

    US-CERT will provide additional information as it becomes available.


    Increased Traffic to 7100/udp

    added March 5, 2008 at 09:57 am

    US-CERT is aware of a dramatic increase in inbound traffic to port 7100/udp over the past 48 hours.

    7100/udp is used by multiple applications, most commonly X Font Server. X Font Server provides a mechanism for the X server to communicate with a font renderer and is commonly used on the X Window System. This increase in traffic is unusual as remote access to the X Font Server is not typically required for normal operations

    US-CERT encourages administrators to block inbound traffic to port 7100/udp at the network perimeter. Please note, proper risk and impact analysis procedures should be followed prior to taking defensive measures.

    US-CERT is currently investigating the nature of this activity and will provide updates as needed. 


    Opera Releases Update

    added February 28, 2008 at 10:52 am

    Opera has released version 9.26 for Windows. This version addresses multiple vulnerabilities in the Opera web browser. These vulnerabilities may allow an attacker to trick users into uploading arbitrary files or execute arbitrary scripts in the wrong security context.

    US-CERT encourages users to review the Opera 9.26 for Windows changelog and upgrade to Opera 9.26.

    US-CERT will provide more information as it becomes available.


    Final Netscape Navigator Release

    added February 28, 2008 at 10:39 am

    Netscape has released Netscape Navigator 9.0.0.6. This release addresses multiple vulnerabilities. This is the last release for Netscape Navigator. Support will be discontinued on March 1, 2008.

    US-CERT encourages users to review the release notes and upgrade to Netscape Navigator 9.0.0.6.


    Symantec Releases Security Advisory

    added February 27, 2008 at 08:01 am

    Symantec has released a security advisory addressing multiple vulnerabilities in various Symantec AntiVirus products.  These vulnerabilities are due to errors in the way that Symantec Decomposer handles .RAR files.  These vulnerabilities may allow a remote attacker to execute arbitrary code or cause a denial-of-service condition.

    US-CERT encourages users to review Symantec Security Advisory SYM08-006, apply the update, and follow the best security practices provided in the advisory.

    US-CERT will provide more information as it becomes available.