07.23.2010 - Current Activity
This is an archived copy of current activity, if you would like to see the most recent version, please click here.
Cisco Releases Security Advisory for CDS Internet Streamer
added July 22, 2010 at 08:30 am
Cisco has released a security advisory to address a vulnerability in the Cisco Internet Streamer application that is part of the Cisco Content Delivery System. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to obtain sensitive information, including password files and system logs. This information could be used to leverage subsequent attacks.
US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100721 and apply any necessary updates to help mitigate the risks.
Microsoft Windows .LNK Vulnerability
added July 16, 2010 at 10:08 am | updated July 21, 2010 at 08:49 am
US-CERT is aware of a vulnerability affecting Microsoft Windows. This vulnerability is due to the failure of Microsoft Windows to properly obtain icons for .LNK files. Microsoft uses .LNK files, commonly referred to as "shortcuts," as references to files or applications.
By convincing a user to display a specially crafted .LNK file, an attacker may be able to execute arbitrary code that would give the attacker the privileges of the user. Viewing the location of an .LNK file with Windows Explorer is sufficient to trigger the vulnerability. By default, Microsoft Windows has AutoRun/AutoPlay features enabled. These features can cause Windows to automatically open Windows Explorer when a removable drive is connected, thus opening the location of the .LNK and triggering the vulnerability. Other applications that display file icons can be used as an attack vector for this vulnerability as well. Depending on the operating system and AutoRun/AutoPlay configuration, exploitation can occur without any interaction from the user. This vulnerability can also be exploited remotely through a malicious website, or through a malicious file or WebDAV share.
Microsoft has released Microsoft Security Advisory 2286198 in response to this issue. Users are
encouraged to review the advisory and consider implementing the workarounds
listed to reduce the threat of known attack vectors. Please note that
implementing these workarounds may affect functionality. The workarounds include
- disabling the display of icons for shortcuts
- disabling the WebClient service
- blocking the download of .LNK and .PIF files from the internet
In addition to implementing the workarounds listed in Microsoft Security Advisory 2286198, US-CERT encourages users and administrators to consider implementing the following best practice security measures to help further reduce the risks of this and other vulnerabilities:
- Disable AutoRun as described in Microsoft Support article 967715.
- Implement the principle of least privilege as defined in the Microsoft TechNet Library.
- Maintain up-to-date antivirus software.
US-CERT will provide additional information as it becomes available.
Mozilla Releases Firefox 3.6.7
added July 21, 2010 at 08:44 am
The Mozilla Foundation has released Firefox 3.6.7 and Firefox 3.5.11 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions, or conduct cross-site scripting attacks. Some of these vulnerabilities also affect Thunderbird and SeaMonkey.
US-CERT encourages users and administrators to review the Mozilla Foundation security advisories released on July 20, 2010, and apply any necessary updates to help mitigate the risks.
Apple Releases iTunes 9.2.1
added July 20, 2010 at 07:54 am
Apple has released iTunes 9.2.1 to address a vulnerability. This vulnerability is due to improper handling of itpc URLs. itpc is the protocol used by Apple iTunes for handling podcasts. By convincing a user to access a specially crafted itpc URL, an attacker may be able to execute arbitrary code or cause a denial-of-service condition.
US-CERT encourages users and administrators to review Apple article HT4263 and update to iTunes 9.2.1 to help mitigate the risks associated with this vulnerability.
Oracle Releases Critical Patch Update for July 2010
added July 13, 2010 at 04:03 pm
Oracle has released its Critical Patch Update for July 2010 to address 59 vulnerabilities across multiple products. This update contains the following security fixes:
- 6 for Oracle Database Server
- 2 for TimesTen In-Memory Database
- 5 for Oracle Secure Backup
- 7 for Oracle Fusion Middleware
- 1 for Oracle Enterprise Manager
- 7 for Oracle E-Business Suite
- 2 for Oracle Supply Chain Products Suite
- 8 for Oracle PeopleSoft and JDEdwards Suite
- 21 for Oracle Sun Products Suite
Microsoft Releases July Security Bulletin
added July 13, 2010 at 01:25 pm
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for July 2010. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.
Oracle Critical Patch Update Pre-Release Announcement
added July 9, 2010 at 03:14 pm
Oracle has issued a critical patch update pre-release announcement indicating that its July release will contain 59 new vulnerability fixes. Release of the critical patch update is scheduled for Tuesday, July 13, 2010.
US-CERT encourages users and administrators to review the pre-release announcement; US-CERT will provide updates as they become available.
Microsoft Releases Advance Notification for July Security Bulletin
added July 8, 2010 at 03:51 pm
Microsoft has issued a Security Bulletin Advance Notification, indicating that its July release will contain four bulletins. Three bulletins will have the severity rating of critical and will be for Microsoft Windows and Office. The remaining bulletin will have the severity rating of important and will be for Microsoft Office. Release of these bulletins is scheduled for Tuesday, July 13, 2010.
US-CERT will provide additional information as it becomes available.
Google Releases Chrome 5.0.375.99
added July 7, 2010 at 08:46 am
Google has released Chrome 5.0.375.99 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.
Adobe Releases Update for Adobe Reader and Adobe Acrobat
added June 29, 2010 at 02:03 pm
Adobe has released an update for Reader and Acrobat to address multiple vulnerabilities. These vulnerabilities affect the following versions:
- Adobe Reader 9.3.2 and earlier versions for Windows, Macintosh, and UNIX
- Adobe Acrobat 9.3.2 and earlier versions for Windows and Macintosh
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB10-15 and apply any necessary updates to help mitigate the risks.