02.20.2009 - Current Activity

This is an archived copy of current activity, if you would like to see the most recent version, please click here.

February 20	Adobe Releases Security Bulletin for Critical Vulnerability
February 17	Active Exploitation of Microsoft Internet Explorer 7 Vulnerability
February 17	Apple Releases Security Updates
February 10	BlackBerry Security Advisory
February 10	Microsoft Releases February Security Bulletin Summary
February 9	HP Releases Security Bulletin to Address a Vulnerability in Multiple Printers
February 6	IRS Stimulus Package Phishing Scam
February 6	HP Releases Security Bulletin for HP OpenView Network Node Manager
February 5	Microsoft Releases Advanced Notification for February Security Bulletin
February 4	Cisco Releases Security Advisory for Cisco Wireless LAN Controllers

---

Adobe Releases Security Bulletin for Critical Vulnerability

added February 20, 2009 at 11:20 am | updated February 20, 2009 at 03:55 pm

Adobe has released a Security Bulletin to alert users of a vulnerability in Adobe Reader and Acrobat. This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. Adobe indicates that it has received reports of active exploitation.

US-CERT encourages users to take the following actions to help mitigate the risks:

• Review Adobe Security Bulletin APSA09-01.
• Review US-CERT Vulnerability Note VU#905281.
• Review US-CERT Technical Cyber Security Alert TA09-051A.
  
• Disable JavaScript in Adobe Reader and Acrobat. Acrobat JavaScript can be disabled in the General preferences dialog (Edit, Preferences, JavaScript, and un-check "Enable Acrobat JavaScript").
• Prevent Internet Explorer from automatically opening PDF documents.
• Disable the displaying of PDF documents in the web browser. This can be disabled in the the General preferences dialog (Edit, Preferences, Internet, and un-check "Display PDF in browser").
  
• Use caution when opening untrusted PDF files.
• Install antivirus software, and keep virus signatures up to date.

US-CERT will provide additional information as it becomes available.

Active Exploitation of Microsoft Internet Explorer 7 Vulnerability

added February 17, 2009 at 04:25 pm

US-CERT is aware of a public report indicating active exploitation of a previously patched vulnerability in Microsoft Internet Explorer 7. This vulnerability was addressed in Microsoft Security Advisory MS09-002. Additional information is available in US-CERT Technical Cyber Security Alert TA09-041A.

US-CERT encourages users to apply the update or workarounds as specified in Microsoft Security Advisory MS09-002. Additional information can be found in Microsoft Knowledge Base Article 961260.

Apple Releases Security Updates

added February 17, 2009 at 04:25 pm

Apple has released the following security updates:

• Security Update 2009-001
• Java for Mac OS X 10.5 Update 3
• Java for Mac OS X 10.4 Release 8
• Safari 3.2.2 for Windows   
  

These security updates address vulnerabilities in multiple Apple products. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, access the system with escalated privileges, or obtain sensitive information.

US-CERT encourages users and administrators to review the following Apple Security Articles and apply any necessary updates:

• Security Update 2009-001 (Article: HT3438)
• Java for Mac OS X 10.5 Update 3 (Article: HT3437)
• Java for Mac OS X 10.4 Release 8 (Article: HT3436)
• Safari 3.2.2 for Windows (Article: HT3439)

BlackBerry Security Advisory

added February 10, 2009 at 03:39 pm

Research In Motion has released a Security Advisory to address a vulnerability in the BlackBerry Application Web Loader ActiveX control. By convincing a user to view a specially crafted HTML document, an attacker may be able to execute arbitrary code with the privileges of the user. The attacker could also cause Internet Explorer to crash.

US-CERT encourages users to review BlackBerry Security Advisory KB16248 and apply the resolution or implement the workaround listed in the document to help mitigate the risk.

Microsoft Releases February Security Bulletin Summary

added February 10, 2009 at 03:37 pm

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, Internet Explorer, Exchange Server, and SQL Server as part of the Microsoft Security Bulletin Summary for February 2009. These vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

HP Releases Security Bulletin to Address a Vulnerability in Multiple Printers

added February 9, 2009 at 09:26 am

Hewlett-Packard has released Security Bulletin HPSBPI02398 SSRT080166 to address a vulnerability in multiple HP printers. This vulnerability may allow an unauthorized remote attacker to gain access to files.

US-CERT encourages users to review HP Security Bulletin  HPSBPI02398 SSRT080166 and apply any necessary updates.

IRS Stimulus Package Phishing Scam

added February 6, 2009 at 10:03 am | updated February 6, 2009 at 02:43 pm

US-CERT is aware of public reports indicating that phishing scams are circulating via fraudulent U.S. Internal Revenue Service emails offering users stimulus package payments. These emails include text that attempts to convince users to follow a link to a website or to complete an attached document. The website and document request the user to provide personal information.

Users receiving the fraudulent email messages are encouraged to send the email message and the website URL to the IRS at phishing@irs.gov.

US-CERT encourages users to do the following to help mitigate the risks:

• Do not follow unsolicited web links received in email messages.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks (pdf) document for more information on social engineering attacks.
• Review the How to Report and Identify Phishing, E-mail Scams and Bogus IRS Web Sites document on the IRS website.
  

HP Releases Security Bulletin for HP OpenView Network Node Manager

added February 6, 2009 at 10:03 am

HP has released a security bulletin to address a vulnerability in HP OpenView Network Node Manager. This vulnerability may allow a remote attacker to execute arbitrary code.

US-CERT recommends that users and administrators review the HP Support document and apply any necessary updates to help mitigate the risks.

Microsoft Releases Advanced Notification for February Security Bulletin

added February 5, 2009 at 02:55 pm

Microsoft has issued a Security Bulletin Advanced Notification indicating that the February release cycle will contain four bulletins, two of which have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Internet Explorer, and Microsoft Exchange Server. There will also be two Important bulletins for Microsoft SQL Server and Microsoft Office. Release of these bulletins is scheduled for Tuesday, February 10.

US-CERT will provide additional information as it becomes available.

Cisco Releases Security Advisory for Cisco Wireless LAN Controllers

added February 4, 2009 at 02:14 pm

Cisco has released a security advisory to address multiple vulnerabilities in Cisco Wireless LAN Controllers. These vulnerabilities may allow an attacker to cause a denial-of-service condition or operate with escalated privileges.

US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20090204-wlc and apply any necessary updates to help mitigate the risks.