Skip to content

Home  |   FAQ  |   Contact  |   Privacy & Use

customize
Current Activity Calendar
Left Arrow
January 2009
 Right Arrow
Su M Tu W Th F Sa
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31
Please click on a date above to see current activity for that day.

  • Latest Current Activity
    •

    January 16, 2009 - Current Activity

    This is an archived copy of current activity, if you would like to see the most recent version, please click here.

    January 16Widespread Infection of Win32/Conflicker/Downadup Worm
    January 16Symantec Releases Security Advisory
    January 15Spam, Phishing, and Malware Related to Presidential Inauguration
    January 15Cisco Releases Security Advisory for IronPort Encryption Appliance and IronPort PXE Encryption product
    January 13Oracle Releases Critical Patch Update for January 2009
    January 13Microsoft Releases January Security Bulletin
    January 13BlackBerry Security Advisories
    January 12Oracle Issues Pre-Release Announcement for January Critical Patch Update
    January 9Malicious Code Circulating via Israel/Hamas Conflict Spam Messages
    January 8Microsoft Releases Advance Notification for January Security Bulletin


    Widespread Infection of Win32/Conflicker/Downadup Worm

    added January 16, 2009 at 06:27 pm

    US-CERT is aware of public reports indicating a widespread infection of the Win32/Conflicker/Downadup worm. This worm exploits a previously patched vulnerability addressed in Microsoft Security Bulletin MS08-067. This worm attempts to propagate via multiple methods including removable media.

    US-CERT strongly encourages users to review Microsoft Security Bulletin MS08-067 and update unpatched systems as soon as possible.

    Additionally, US-CERT recommends that users take the following preventative measures to help mitigate the security risks:

    • Install antivirus software, and keep the virus signatures up to date.
    • Review the Microsoft Malware Protection Center blog entry for details regarding the worm.
    • Review the Using Caution with USB Drives Cyber Security Tip for more information on protecting removable media.


    Symantec Releases Security Advisory

    added January 16, 2009 at 08:55 am

    Symantec has released a security advisory to address a vulnerability in the Symantec AppStream LaunchObj ActiveX control. By convincing a user to view a specially crafted HTML document, an attacker may be able to execute arbitrary code with the privileges of the user.

    US-CERT encourages users to review Vulnerability Note VU#194505 and Symantec Security Advisory SYM09-001, apply the update, and follow the best practices provided in the advisory.


    Spam, Phishing, and Malware Related to Presidential Inauguration

    added January 15, 2009 at 11:11 am

    US-CERT has received reports of an increased number of phishing sites and spam related to the upcoming Presidential Inauguration. US-CERT reminds users that phishing and spamming campaigns often coincide with highly publicized events.  Users should remain cautious when receiving unsolicited email.

    US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:

    • Install antivirus software, and keep the virus signatures up to date.
    • Do not follow unsolicited links and do not open unsolicited email messages.
    • Use caution when visiting untrusted websites.
    • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
    • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.


    Cisco Releases Security Advisory for IronPort Encryption Appliance and IronPort PXE Encryption product

    added January 15, 2009 at 09:10 am

    Cisco has released a Security Advisory to address multiple vulnerabilities in the IronPort Encryption Appliance and the IronPort PXE Encryption product. These vulnerabilities may allow an unauthorized attacker to view the contents of secure email messages or gain access to the IronPort Encryption Appliance administration interface.

    US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20090114-ironport and apply the necessary updates listed.


    Oracle Releases Critical Patch Update for January 2009

    added January 13, 2009 at 04:08 pm

    Oracle has released their Critical Patch Update for January 2009 to address 41 vulnerabilities across several products. This update contains the following security fixes:

    • 10 updates for Oracle Database
    • 1 update for Oracle Times Ten Data Server
    • 9 updates for Oracle Secure Backup
    • 4 updates for Oracle Application Server
    • 1 update for Oracle Collaboration Suite
    • 4 updates for Oracle Application Suite
    • 1 update for Oracle Enterprise Manager
    • 6 updates for PeopleSoft and JDEdwards Suite
    • 5 updates for BEA Products Suite
    US-CERT encourages users to review the January Critical Patch Update and apply any necessary updates.


    Microsoft Releases January Security Bulletin

    added January 13, 2009 at 02:09 pm

    Microsoft has released the Microsoft Security Bulletin Summary for January 2009. Included in this bulletin is an update to address a vulnerability in Microsoft Windows. This vulnerability may allow an attacker to execute arbitrary code.

    US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.


    BlackBerry Security Advisories

    added January 13, 2009 at 10:23 am

    Research In Motion has released Security Advisories KB17118 and KB17119 to address vulnerabilities in the PDF Distiller of the BlackBerry Attachment Service for BlackBerry Unite and BlackBerry Enterprise Server. The vulnerabilities are due to the improper processing of PDF files within the Distiller component of the BlackBerry Attachment Service. By convincing a user to open a maliciously crafted PDF attachment on a BlackBerry smartphone, an attacker may be able to execute arbitrary code on the system running the BlackBerry Attachment Service.

    US-CERT encourages users to review BlackBerry Security Advisories KB17118 and KB17119 and apply the updates or implement the workarounds listed in the documents to help mitigate the risk.

    US-CERT will provide additional information as it becomes available.


    Oracle Issues Pre-Release Announcement for January Critical Patch Update

    added January 12, 2009 at 09:09 am

    Oracle has issued a Pre-Release Announcement indicating that its January Critical Patch Update (CPU) will contain 41 new security fixes across hundreds of products.

    The announcement further states that there is/are:

    • 10 updates for Oracle Database
    • 1 update for Oracle Times Ten Data Server
    • 9 updates for Oracle Secure Backup
    • 4 updates for Oracle Application Server
    • 1 update for Oracle Collaboration Suite
    • 4 updates for Oracle Application Suite
    • 1 update for Oracle Enterprise Manager
    • 6 updates for PeopleSoft and JDEdwards Suite
    • 5 updates for BEA Products Suite
    The release is scheduled for Tuesday, January 13, 2009.

    US-CERT will provide additional information as it becomes available.


    Malicious Code Circulating via Israel/Hamas Conflict Spam Messages

    added January 9, 2009 at 09:25 am

    US-CERT is aware of public reports of malicious code circulating via spam email messages related to the Israel/Hamas conflict in Gaza. These messages may contain factual information about the conflict and appear to come from CNN. Additionally, the messages indicate that additional news coverage of the conflict can be viewed by following a link provided in the email body. If users click on this link, they are redirected to a bogus CNN website that appears to contain a video.  Users who attempt to view this video will be prompted to update to a new version of Adobe Flash Player in order to view the video. This update is not a legitimate Adobe Flash Player update; it is malicious code. If users download this executable file, malicious code may be installed on their systems.

    US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:

    • Install antivirus software, and keep the virus signatures up to date.
    • Do not follow unsolicited links and do not open unsolicited email messages.
    • Use caution when visiting untrusted websites.
    • Use caution when downloading and installing applications.
    • Obtain software applications and updates directly from the vendor's website.
    • Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
    • Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.


    Microsoft Releases Advance Notification for January Security Bulletin

    added January 8, 2009 at 01:22 pm

    Microsoft has issued a Security Bulletin Advance Notification indicating that the January release cycle will contain one bulletin, which will have a severity rating of Critical. The notification states that this Critical bulletin is for Microsoft Windows. Release of this bulletin is scheduled for Tuesday, January 13.

    US-CERT will provide additional information as it becomes available.