Current Activity Calendar

	June 2008
Su	M	Tu	W	Th	F	Sa
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30

Please click on a date above to see current activity for that day.

June 03, 2008 - Current Activity

This is an archived copy of current activity, if you would like to see the most recent version, please click here.

*June 2*	Microsoft Releases Security Advisory
*June 2*	VMware Releases Security Advisory
*May 29*	Samba Releases Version 3.0.30
*May 29*	Apple Releases Security Updates
*May 28*	Adobe Flash Player Vulnerability
*May 28*	Cisco Releases Security Advisory
*May 22*	IBM Lotus Sametime Vulnerability
*May 22*	Cisco Releases Security Advisories
*May 20*	CA ARCserve Backup Vulnerabilities
*May 19*	Natural Disasters and Phishing Scams

Microsoft Releases Security Advisory

added June 2, 2008 at 11:47 am

Microsoft has released Security Advisory 953818 to address reports of a blended threat that affects Windows users who have installed Apple's Safari web browser. According to the advisory, by convincing a user to visit a specially crafted website, an attacker may be able to execute arbitrary code on an affected system due to Safari's default file downloading behavior and the way that Windows Internet Explorer handles the downloaded files.

US-CERT encourages users to review Microsoft Security Advisory 953818. Please note that the advisory indicates that the workaround does not correct the vulnerability, but it may help mitigate risk against known attack vectors.

US-CERT will provide additional information as it becomes available.

VMware Releases Security Advisory

added June 2, 2008 at 09:46 am

VMware has released a security advisory indicating that updates are available for VMware Workstation, VMware Player, VMware ACE, and VMware Fusion. These updates address multiple vulnerabilities that may allow an attacker to execute arbitrary code in the context of the "vmx" process on the host system or to bypass security restrictions.

US-CERT encourages users to review VMware Security Advisory VMSA-2008-0008 and apply any necessary updates.

Samba Releases Version 3.0.30

added May 29, 2008 at 09:26 am

Samba has released version 3.0.30 to address a vulnerability. This vulnerability is due to a heap-based buffer overflow condition in the receive_smb_raw() routine. By sending a specially crafted SMB response, an attacker may be able to execute arbitrary code on the affected system.

US-CERT encourages users to review the Samba Security Announcement and apply appropriate patches from their vendor, upgrade to Samba 3.0.30, or apply the patch supplied by the Samba development team.

Apple Releases Security Updates

added May 29, 2008 at 07:43 am

Apple has released Mac OS X v10.5.3 and Security Update 2008-003 to address multiple vulnerabilities. These vulnerabilities affect a number of applications, libraries and the kernel. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, access the system with escalated privileges, obtain sensitive information, conduct cross-site scripting attacks or cause a denial-of-service condition.

US-CERT encourages users to review Apple Article HT1897 and apply any necessary updates.

Adobe Flash Player Vulnerability

added May 27, 2008 at 06:44 pm | updated May 28, 2008 at 06:03 pm

US-CERT is aware of public reports of active exploitation of a vulnerability in Adobe Flash Player. By convincing a user to open a specially crafted Flash file, which may be embedded in a compromised website, a remote, unauthenticated attacker may be able to execute arbitrary code.

US-CERT encourages users to review the following and apply any necessary workarounds to help mitigate the risks:

Technical Cyber Security Alert TA08-149A
Vulnerability Notes Database VU#395473
Adobe Product Security Incident Response Team Blog

US-CERT will provide more information as it becomes available.

Cisco Releases Security Advisory

added May 28, 2008 at 01:24 pm

Cisco has released a Security Advisory to address a vulnerability in CiscoWorks Common Services. This vulnerability may allow a remote attacker to execute arbitrary code.

US-CERT encourages users to review Cisco Security Advisory cisco-sa-20080528-cw and apply any necessary updates or workarounds.

IBM Lotus Sametime Vulnerability

added May 22, 2008 at 10:23 am

IBM has released a Technote to address a vulnerability in Lotus Sametime. This vulnerability is due to an error in the way long URLs are processed within the Community Services Multiplexer (StMux.exe). By sending a specially crafted URL, an attacker may be able to cause a stack-based buffer overflow and execute arbitrary code.

US-CERT encourages users to review the IBM Technote "Potential stack overflow vulnerability with IBM Lotus Sametime Community Services multiplexer (MUX)" and apply any necessary updates or workarounds.

Cisco Releases Security Advisories

added May 22, 2008 at 10:06 am

Cisco has released three security advisories to address multiple vulnerabilities in Cisco IOS Secure Shell, Service Control Engine, and Voice Portal. These vulnerabilities may allow an attacker to take control of the affected system or cause a denial-of-service condition.

US-CERT encourages users to review the following Cisco Security Advisories and apply any necessary updates or workarounds.

Cisco IOS Secure Shell Denial of Service Vulnerabilities - cisco-sa-20080521-ssh
Cisco Service Control Engine Denial of Service Vulnerabilities - cisco-sa-20080521-sce
Cisco Voice Portal Privilege Escalation Vulnerability - cisco-sa-20080521-cvp

CA ARCserve Backup Vulnerabilities

added May 20, 2008 at 09:32 am

CA has released updates to address two vulnerabilities in BrightStor ARCserve Backup. The first vulnerability is due to an input validation error within the logging service, "caloggerd." The second vulnerability is due to a buffer overflow conditions within multiple "xdr" functions. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users to review the CA Security Notice and apply any necessary updates or workarounds.

Natural Disasters and Phishing Scams

added May 19, 2008 at 07:22 pm

In the past, US-CERT has received reports of an increased number of phishing scams that take advantage of natural disasters. Due to recent natural disasters, US-CERT would like to remind users to remain cautious when receiving unsolicited email that could be a potential phishing scam.

Phishing scams may appear as requests for donations from a charitable organization asking users to click on a link that will take them to a fraudulent website that appears to be a legitimate charity. The users are then asked to provide personal information that can further expose them to future compromises.

Users are encouraged to take the following measures to protect themselves from this type of phishing scam:

Do not follow unsolicited web links received in email messages.
Review the Federal Trade Commission's Charity Checklist.
Verify the legitimacy of the email by contacting the organization directly through a trusted contact number. Trusted contact information can be found on the Better Business Bureau National Charity Report Index.

For additional information regarding phishing, US-CERT recommends reading the following documents:

US-CERT: United States Computer Emergency Readiness Team

Information For

Sign Up

Reporting

DHS Threat Advisory