Skip to content

Home  |   FAQ  |   Contact  |   Privacy & Use

customize
Current Activity Calendar
Left Arrow
September 2010
 Right Arrow
Su M Tu W Th F Sa
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30
Please click on a date above to see current activity for that day.

  • Latest Current Activity
    •

    September 03, 2010 - Current Activity

    This is an archived copy of current activity, if you would like to see the most recent version, please click here.

    September 3Apple Releases iTunes 10
    September 3Google Releases Chrome 6.0.472.53
    September 1Insecure Loading of Dynamic Link Libraries in Windows Applications
    September 1VMware Releases Updates for ESX Service Console Packages
    August 31Cisco Releases Security Advisory for IOS XR Software Border Gateway Protocol
    August 31RealNetworks Releases Update to Address Vulnerabilities in RealPlayer
    August 25Cisco Releases Advisories for Unified Communications Manager and Unified Presence
    August 25APWG Fax Back Phishing Education Program
    August 25Adobe Releases Security Bulletin for Shockwave Player
    August 25Apple Releases Security Update 2010-005


    Apple Releases iTunes 10

    added September 3, 2010 at 07:53 am

    Apple has released iTunes 10 to address multiple vulnerabilities affecting the WebKit package. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

    US-CERT encourages users and administrators to review Apple article HT4328 and apply any necessary updates to help mitigate the risks.


    Google Releases Chrome 6.0.472.53

    added September 3, 2010 at 07:49 am

    Google has released Chrome 6.0.472.53 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, bypass security restrictions, obtain sensitive information, or conduct spoofing attacks.

    US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.


    Insecure Loading of Dynamic Link Libraries in Windows Applications

    added August 25, 2010 at 12:01 pm | updated September 1, 2010 at 10:27 am

    US-CERT is aware of a class of vulnerabilities related to how some Windows applications may load external dynamic link libraries (DLLs). When an application loads a DLL without specifying a fully qualified path name, Windows will attempt to locate the DLL by searching a defined set of directories. If an application does not securely load DLL files, an attacker may be able to cause the affected application to load an arbitrary library.

    By convincing a user to open a file from a location that is under an attacker's control, such as a USB drive or network share, a remote attacker may be able to exploit this vulnerability. Exploitation of this vulnerability may result in the execution of arbitrary code.

    Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#707943. US-CERT encourages users and administrators to review the vulnerability note and consider implementing the following workarounds until fixes are released by affected vendors

    • disable loading libraries from WebDAV and remote network shares
    • disable the WebClient service
    • block outgoing SMB traffic
    Update: Microsoft has released Fix it tool 50522 to assist users in setting the registry key value introduced with Microsoft support article 2264107 to help reduce the risks posed by the DLL loading behavior described in VU#707943. Users and administrators are encouraged to review Microsoft support article 2264107, the Microsoft Security Research & Defense TechNet blog entry, and to consider using the Fix it tool to help reduce the risks. Users should be aware that setting the registry key value as described in the support article or via the Fix it tool may reduce the functionality of some third-party applications.

    US-CERT will provide updates when additional details become available.


    VMware Releases Updates for ESX Service Console Packages

    added September 1, 2010 at 09:32 am

    VMware has released security updates for multiple third party packages for the ESX Service Console. These updates address vulnerabilities in the perl, krb5, samba, tar, and cpio packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or bypass security restrictions.

    US-CERT encourages users and administrators to review VMware security advisory VMSA-2010-0013 and apply any necessary updates to help mitigate the risks.


    Cisco Releases Security Advisory for IOS XR Software Border Gateway Protocol

    added August 31, 2010 at 08:40 am

    Cisco has released a security advisory to address a vulnerability in the Cisco IOS XR Software Border Gateway Protocol feature. Exploitation of this vulnerability may result in the continuous resetting of BGP peering sessions, which may cause a denial-of-service condition for affected networks.

    US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100827-bgp and apply any necessary updates to help mitigate the risks.


    RealNetworks Releases Update to Address Vulnerabilities in RealPlayer

    added August 31, 2010 at 08:23 am

    RealNetworks, Inc. has released an update for RealPlayer to address multiple vulnerabilities. These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information.

    US-CERT encourages users and administrators to review the RealNetworks, Inc. security advisory for these vulnerabilities and apply any necessary updates to help mitigate the risks.


    Cisco Releases Advisories for Unified Communications Manager and Unified Presence

    added August 25, 2010 at 01:53 pm

    Cisco has released security advisories to address multiple vulnerabilities affecting Unified Communications Manager and Unified Presence.

    These vulnerabilities affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition, which could cause an interruption of voice services.

    Cisco Unified Communications Manager users and administrators are encouraged to review Cisco security advisory cisco-sa-20100825-cucm and apply any necessary updates to help mitigate the risks. Cisco Unified Presence users and administrators are encouraged to review Cisco security advisory cisco-sa-20100825-cup and apply any necessary updates to help mitigate the risks.


    APWG Fax Back Phishing Education Program

    added August 25, 2010 at 01:16 pm

    In an effort to respond to a growing public threat by offline phishers that conduct various scams via fax, the Anti-phishing Working Group (APWG) has partnered with the Internal Revenue Service (IRS) to create the APWG Fax Back Phishing Education Program. This program is designed to provide telecommunications companies and Fax over Internet Protocol (FoIP) hosting firms with information that can be used to educate consumers about these types of scams. Offline phishing differs from traditional phishing in that it involves sending emails with attachments or direct faxes to individuals or businesses and is not done strictly online. Recipients of offline phishing scams are coerced to complete the fake documents and fax them back or be penalized.

    In conjunction with IRS's Online Fraud Detection and Prevention (OFDP) group, APWG created a fax coversheet that can be downloaded by carriers and used to notify victims of offline phishing. This fax coversheet also provides links to other APWG resources which allow the victims to submit a complaint directly to the appropriate clearinghouse.

    More information about the APWG Fax Back Phishing Education Program and the advisory fax coversheet can be found at the following


    Adobe Releases Security Bulletin for Shockwave Player

    added August 25, 2010 at 08:15 am

    Adobe has released a security update to address multiple vulnerabilities affecting Shockwave Player 11.5.7.609 and earlier versions. These vulnerabilities may allow an attacker to execute arbitrary code.

    US-CERT encourages users and administrators to review Adobe security bulletin APSB10-20 and upgrade to Adobe Shockwave Player 11.5.8.612 to help mitigate the risks.


    Apple Releases Security Update 2010-005

    added August 25, 2010 at 08:15 am

    Apple has released security update 2010-005 to address multiple vulnerabilities affecting the ATS, CFNetwork, ClamAV, CoreGraphics, libsecurity, PHP, and Samba applications. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, or impersonate hosts within a domain.

    US-CERT encourages users and administrators to review Apple article HT4312 and apply any necessary updates to help mitigate the risks.