October 24, 2008 - Current Activity

Microsoft Releases Out-of-Band Security Bulletin MS08-067

Microsoft has released Security Bulletin MS08-067 to address a vulnerability in the Windows Server Service. This vulnerability is due to improper handling of specially crafted RPC requests. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code.

US-CERT encourages users and administrators to review Microsoft Security Bulletin MS08-067 and apply any necessary updates to help mitigate the risks.

Cisco Releases Advisory for Cisco PIX and ASA

Cisco Security Advisory cisco-sa-20081022-asa was released to address multiple vulnerabilities in Cisco ASA and PIX. These vulnerabilities may allow an attacker to bypass authentication mechanisms or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20081022-asa and apply any necessary updates or workarounds to help mitigate the risks.

Microsoft Releases Advance Notification for Out-of-Band October Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating the upcoming release of an out-of-band bulletin. The notification states that this is a Critical bulletin and is for Microsoft Windows. Release of this bulletin is scheduled for Thursday, October 23.

US-CERT will provide additional information as it becomes available.

Trend Micro OfficeScan Critical Patch Release

Trend Micro has released a Critical Patch to address a vulnerability in OfficeScan. This vulnerability is due to a stack-based buffer overflow condition. By sending a specially crafted HTTP request containing form data to the server CGI module, an attacker may be able to execute arbitrary code on the affected system.

US-CERT encourages users and administrators to review Trend Micro Critical Patch Release overview for Build 1374 and Build 3110 and apply any necessary updates to help mitigate the risks.

F-Secure Releases Security Bulletin FSC-2008-3

F-Secure has released a Security Bulletin to address a vulnerability that affects a number of their products. This vulnerability is due to improper RPM parsing. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.

US-CERT encourages users to review F-Secure Security Bulletin FSC-2008-3 and apply any necessary updates to help mitigate the risks.

Adobe Releases Security Bulletin for Flash Player

Adobe has released a Security Bulletin to address multiple security issues in Flash Player. Some of these issues may allow an attacker to conduct clickjacking types of attacks that could enable the camera or microphone through Flash Player. Additional information about clickjacking attacks can be found in a recently posted Current Activity entry.

US-CERT encourages users and administrators to review the Adobe Security Bulletin and upgrade to Flash Player version 10.0.12.36 to help mitigate the risks.

Oracle Releases Critical Patch Update for October 2008

Oracle has released their Critical Patch Update for October 2008 to address 36 vulnerabilities across several products. This update contains the following security fixes:

• 15 updates for Oracle Database Suite
• 6 updates for Oracle Application Server
• 4 updates for Oracle E-Business Suite and Applications
• 5 updates for Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne
• 6 Updates for BEA Product Suite

Microsoft Updates Security Advisory 951306

In April 2008, Microsoft released Security Advisory 951306 to alert users of a vulnerability in Microsoft Windows. This vulnerability may allow local users, or users who can legitimately run code in the context of IIS or SQL Server, to operate with elevated privileges. Recently, Microsoft Security Response Center (MSRC) posted several blog entries indicating that the Security Advisory was updated to reflect the availability of public exploit code. A patch or update is not available to correct this issue.

US-CERT encourages users and administrators to do the following to help mitigate the risks:

• Review the updated Security Advisory 951306 and apply the suggested workarounds.
• Review the MSRC blog entries from October 9, 2008 and October 13, 2008.

Microsoft Releases October Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Host Integration Server, and Office as part of the Microsoft Security Bulletin Summary for October 2008. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information or operate with elevated privileges.

US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

CA ARCserve Backup Vulnerabilities

CA has released a Security Notice to address multiple vulnerabilities in CA ARCserve Backup. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Security Notice and apply any necessary updates to help mitigate the risks.