Mailing Lists & Feeds
Current Activity Calendar
| June 08, 2009 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Microsoft Releases Advance Notification for June Security Bulletinadded June 4, 2009 at 04:22 pm
Microsoft has issued a Security Bulletin Advance Notification indicating that the June release cycle will contain ten bulletins, six of which will have a severity rating of critical. The notification states that these critical bulletins are for Microsoft Windows, Office, and Internet Explorer. There will also be three important bulletins for Microsoft Windows and one moderate bulletin for Microsoft Windows. Release of these bulletins is scheduled for Tuesday, June 9. Apple Releases iTunes 8.2 and QuickTime 7.6.2added June 2, 2009 at 08:25 am
Apple has released iTunes 8.2 and QuickTime 7.6.2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. VMware Releases Security Advisoryadded May 29, 2009 at 09:02 am
VMware has released a security advisory to address multiple vulnerabilities in VMware Workstation, Player, ACE, Server, Fusion, ESX, and ESXi. The first of these vulnerabilities is due to a error in the VMware Descheduled Time Accounting driver. Exploitation of this vulnerability may result in denial of service in Windows-based virtual machines. The second vulnerability is due to a known error in the libpng package used by some VMware products. Exploitation of this vulnerability may allow an attacker to execute arbitrary code. Microsoft Releases Security Advisory 971778added May 28, 2009 at 04:44 pm
Microsoft has released security advisory 971778 indicating that it is investigating public reports of a vulnerability in DirectX. This vulnerability exists in the way Microsoft DirectShow handles QuickTime files and does not require Apple QuickTime to be installed on the system. By convincing a user to open a specially crafted QuickTime media file, a remote attacker may be able to execute arbitrary code. Additionally, the advisory indicates that Microsoft Windows 2000 Service Pack 4, Windows XP, and Server 2003 are vulnerable. BlackBerry Security Advisoryadded May 27, 2009 at 08:55 am
Research In Motion has released security advisory KB18327 to address multiple vulnerabilities in the PDF distiller of the BlackBerry Attachment Service. By convincing a user to open a specially crafted PDF file on a BlackBerry smartphone, an attacker may be able to execute arbitrary code on the computer hosting the BlackBerry Attachment Service. Microsoft Releases Service Pack 2 for Windows Vista and Windows Server 2008added May 26, 2009 at 05:13 pmMicrosoft has released Service Pack 2 for Windows Vista and Windows Server 2008. This service pack contains multiple security updates and hotfixes. US-CERT encourages users and administrators to review Microsoft Knowledge Base article 948465 and follow best-practice security policies to determine if the update should be applied. Novell Releases Updates for GroupWiseadded May 22, 2009 at 12:07 pm
Novell has released updates for GroupWise 7 and 8 to address multiple vulnerabilities in GroupWise WebAccess and Internet Agents. These vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site scripting attacks, or obtain unauthorized access.
NSD DNS Buffer Overflow Vulnerabilityadded May 20, 2009 at 09:23 am | updated May 20, 2009 at 03:54 pm
NLnet Labs has released a patch to address a vulnerability in NSD DNS versions 2.0.0 through 3.2.1. This vulnerability is due to an error in the way NSD processes certain types of packets that may lead to a buffer overflow. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to cause the DNS software to crash, resulting in a denial-of-service condition. Cisco Releases Security Advisory for CiscoWorks TFTP Vulnerabilityadded May 20, 2009 at 01:31 pm
Cisco has released a security advisory to address a vulnerability in CiscoWorks TFTP. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to view or modify application and host operating system files, possibly resulting in arbitrary code execution or a denial-of-service condition. The security advisory indicates that the following Cisco products are affected by this vulnerability:
Mac OS X Includes Known Vulnerable Version of Javaadded May 20, 2009 at 11:22 am
Current releases of Mac OS X (version 10.5.7 and version 10.4.11 with security update 2009-002) include a version of Java Runtime Environment (JRE) containing known security vulnerabilities. US-CERT is aware of publicly available exploit code for one of these vulnerabilities. This vulnerability may allow untrusted applets to obtain read, write, and execute permissions to local files and applications with the privileges of the local user. A fix for this vulnerability has been released by Sun, but Mac OS X users cannot apply the fix directly. Mac OS X users must use Apple updates to obtain updated JRE versions. At this time, Apple has not yet released an update to address this issue. |
|||||||||||||||||||||||||||||||||||||||||||||||
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more
Get Adobe Reader