Skip to content

Home  |   FAQ  |   Contact  |   Privacy & Use

customize
Current Activity Calendar
Left Arrow
September 2009
 Right Arrow
Su M Tu W Th F Sa
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30
Please click on a date above to see current activity for that day.

  • Latest Current Activity
    •

    September 23, 2009 - Current Activity

    This is an archived copy of current activity, if you would like to see the most recent version, please click here.

    September 23Montgomery County Animal Shelter Search Engine Poisoning Campaign
    September 23Apple Releases iTunes 9.0.1
    September 22Microsoft Releases Fix It for SMB Vulnerability
    September 18Adobe Releases Security Bulletin for RoboHelp Server 8
    September 11Fraudulent 9/11 Web Sites
    September 11Apple Releases Security Update 2009-005 and Mac OS X v10.6.1
    September 10Apple Releases Security Updates
    September 10Mozilla Releases Security Advisory
    September 9Microsoft Releases Security Advisory 975497
    September 9Cisco Releases Security Advisory for a Vulnerability in Multiple Cisco Products


    Montgomery County Animal Shelter Search Engine Poisoning Campaign

    added September 23, 2009 at 06:55 pm

    US-CERT is aware of public reports regarding a search engine result poisoning campaign affecting search results for the Montgomery County Animal Shelter. Users seeking details on rumors about the closure of a "Montgomery County Animal Shelter" may be led to click on illegitimate search results which attempt to download malicious code. The rumors are being spread via e-mail, forums, and social networking sites, usually taking the form of a plea for readers to contact the shelter and adopt animals prior to the shelter's closing.

    US-CERT is monitoring the situation and will provide updates as they become available.


    Apple Releases iTunes 9.0.1

    added September 23, 2009 at 09:23 am

    Apple has released iTunes 9.0.1 to address a vulnerability that may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

    US-CERT encourages users to review Apple article HT3884 and apply any necessary updates to help mitigate the risks.


    Microsoft Releases Fix It for SMB Vulnerability

    added September 22, 2009 at 10:43 am

    Microsoft has released Microsoft Knowledge Base Article 975497 to address a previously reported vulnerability in Microsoft Sever Message Block (SMB). This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

    US-CERT encourages users and administrators to review Microsoft Knowledge Base Article 975497 and Microsoft Security Advisory 975497 and apply the Fix it tool or workarounds. Microsoft Knowledge Base Article 975497 addresses the vulnerability that was previously reported in the "Microsoft Releases Security Advisory 975497" Current Activity entry.


    Adobe Releases Security Bulletin for RoboHelp Server 8

    added September 18, 2009 at 03:53 pm

    Adobe has released security bulletin APSB09-14 to address a vulnerability in RoboHelp Sever 8. This vulnerability may allow a remote attacker to execute arbitrary code.

    US-CERT encourages users and administrators to review Adobe security bulletin APSB09-14 and apply any necessary updates.


    Fraudulent 9/11 Web Sites

    added September 11, 2009 at 03:59 pm

    US-CERT is aware of public reports indicating that attackers are using legitimate web pages to run malicious code on victims' machines.

    Reports, including a posting by Sophos, indicate that these messages

    • Include keywords and names related to the 9/11/2001 terrorist attack
    • Prompt users with a fake virus scan that attempts to make users believe they have a security issue. The users are then asked to download fake security software that is actually malicious code.
           Please note that these characteristics may change at any time.

    US-CERT encourages users and administrators to take the following preventative measures to help mitigate the security risks:


    Apple Releases Security Update 2009-005 and Mac OS X v10.6.1

    added September 11, 2009 at 09:43 am

    Apple has released Security Update 2009-005 and Mac OS X v10.6.1 to address multiple vulnerabilities in a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain elevated privileges, or access local files.

    US-CERT encourages users and administrators to review Apple articles HT3865 and HT3864 and apply any necessary updates to help mitigate the risks. Apple article HT3864 addresses the vulnerability previously reported in the "Adobe Flash Vulnerability Affecting Apple Snow Leopard" Current Activity entry.


    Apple Releases Security Updates

    added September 10, 2009 at 09:20 am

    Apple has released the following security updates:

    • OS 3.1 for iPhone
    • OS 3.1.1 for iPod touch
    • Quicktime 7.6.4
    These security updates address vulnerabilities in multiple Apple products. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, access the system with escalated privileges, or obtain sensitive information.

    US-CERT encourages users and administrators to review the following Apple Security Articles and apply any necessary updates:

        * iPhone and iPod OS update (Article: HT3860)
        * Quicktime Update (Article: HT3661)


    Mozilla Releases Security Advisory

    added September 10, 2009 at 09:20 am

    Mozilla has released a security advisory to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, mislead users by spoofing a URL, or cause a denial of service.

    US-CERT encourages users to review Mozilla Foundation Security Advisories 2009-47, 2009-48, 2009-49, 2009-50, and 2009-51 and apply any necessary updates or workarounds to help mitigate the risks.

    US-CERT will provide more information as it becomes available.


    Microsoft Releases Security Advisory 975497

    added September 9, 2009 at 08:20 am

    Microsoft has released security advisory 975497 to address reports of a vulnerability in Microsoft Server Message Block. The vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

    US-CERT encourages users and administrators to review Microsoft Security Advisory 975497 and implement the suggested workarounds listed in the advisory to help mitigate the risks.

    US-CERT will provide additional information as it becomes available.


    Cisco Releases Security Advisory for a Vulnerability in Multiple Cisco Products

    added September 9, 2009 at 08:20 am

    Cisco has released a Security Advisory to address a vulnerability in multiple products. This vulnerability may allow a remote attacker to cause a denial-of-service condition.  The security advisory indicates that the following Cisco products are affected by this vulnerability:

    • Cisco IOS Software
    • Cisco IOS-XE Software
    • Cisco CatOS Software
    • Cisco Adaptive Security Appliance and Cisco PIX
    • Cisco NX-OS Software   
    US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20090908-tcp24 and apply any necessary updates.