September 14, 2011 - Current Activity

This is an archived copy of current activity, if you would like to see the most recent version, please click here.

September 14	Cisco Releases Multiple Security Advisories
September 13	Adobe Releases Security Advisory for Adobe Reader and Acrobat
September 13	Microsoft Releases September Security Bulletin
September 9	Fraudulent DigiNotar SSL Certificate
August 29	Potential Hurricane Irene Phishing Scams
August 25	Cisco Releases Security Advisories
August 23	Google Releases Chrome 13.0.782.215
August 17	Mozilla Releases Firefox 6 and 3.6.20
August 10	RIM Releases Security Advisory for BlackBerry Enterprise Server
August 10	Adobe Releases Security Bulletins for Multiple Products

---

Cisco Releases Multiple Security Advisories

added September 14, 2011 at 02:31 pm

Cisco has released two security advisories to address vulnerabilities affecting the CiscoWorks LAN Management Solution, the Cisco Unified Service Monitor, and the Cisco Unified Operations Manager. These vulnerabilities may allow an unauthenticated attacker to execute arbitrary code.

US-CERT encourages users and administrators to review Cisco security advisories cisco-sa-20110914-lms and cisco-sa-20110914-cusm and apply any necessary updates to help mitigate the risks.

 

Adobe Releases Security Advisory for Adobe Reader and Acrobat

added September 9, 2011 at 08:18 am | updated September 13, 2011 at 04:21 pm

Adobe has released a security advisory to address multiple vulnerabilities in Adobe Reader and Acrobat. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or operate with escalated privileges.

US-CERT encourages users and administrators to review Adobe security advisory APSB11-24 and apply any necessary updates to help mitigate the risks.

Microsoft Releases September Security Bulletin

added September 8, 2011 at 02:04 pm | updated September 13, 2011 at 02:47 pm

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Server Software as part of the Microsoft Security Bulletin Summary for September 2011. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges.

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.

Fraudulent DigiNotar SSL Certificate

added August 30, 2011 at 08:40 am | updated September 9, 2011 at 02:29 pm

US-CERT is aware of public reports of the existence of fraudulent SSL certificates issued by DigiNotar. These fraudulent SSL certificates could be used by an attacker to masquerade as legitimate sites.

Mozilla has released Firefox 3.6.22 and Firefox 6.0.2 to address this issue. Additional information can be found in the Mozilla Security Blog.

Microsoft has removed the DigiNotar root certificates from the Microsoft Certificate Trust List. This change affects all versions of Windows Vista, Windows 7, Windows XP, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2003. Additional information can be found in Microsoft Security Advisory 2607712.

Google Chrome users are protected from this attack due to Chrome's built-in certificate pinning feature. Google has also released Chrome 13.0.782.220 for Windows, Mac, Linux, and Chrome Frame to address this issue. Additional information can be found in the Google Security Blog and in the Google Chrome Releases blog entry.

Apple has released Security Update 2011-005 for Mac OS X 10.6.8, Mac OS X Server 10.6.8, OS X Lion 10.7.1, and Lion Server 10.7.1 to address this issue. Additional information can be found in Apple article HT4920.

Adobe will be releasing an update to remove the DigiNotar certificate from the Adobe Approved Trust List. In the meantime, Adobe has released a blog entry containing a work-around for Adobe Reader and Acrobat 9, and Adobe Reader and Acrobat X.

US-CERT encourages users and administrators to apply any necessary updates to help mitigate the risks. US-CERT will provide additional information as it becomes available.

Potential Hurricane Irene Phishing Scams

added August 29, 2011 at 12:05 pm

In the past, US-CERT has received reports of phishing scams and malware campaigns related to topics that are of high-interest to the U.S. Government or news media, such as Hurricane Irene. Users' systems have been compromised by receiving and accessing phishing emails with subject lines that seem relevant to a high-interest subject and appear to originate from a valid sender. US-CERT reminds users to remain vigilant for potential malicious cyber activity seeking to capitalize on interest in Hurricane Irene. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Irene, even if it appears to originate from a trusted source.

US-CERT encourages users and administrators to use caution when encountering these types of email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns:

• Do not follow unsolicited web links in email messages.
• Use caution when opening email attachments. Refer to the Using Caution with Email Attachments Cyber Security Tip for more information on safely handling email attachments.
• Maintain up-to-date antivirus software.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks Cyber Security Tip for more information on social engineering attacks.
• Report phishing to US-CERT by sending email to phishing-report@us-cert.gov.

Cisco Releases Security Advisories

added August 25, 2011 at 12:54 pm

Cisco has released three security advisories to address vulnerabilities affecting the Cisco Unified Communications Manager, the Cisco Unified Presence Server, and the Cisco Intercompany Media Engine. These vulnerabilities may allow an attacker to disclose sensitive information or cause a denial-of-service condition.

US-CERT encourages users and administrators to review the following Cisco security advisories and apply any necessary updates to help mitigate the risks.

• Cisco Unified Communications Manager Denial of Service Vulnerabilities
• Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server
• Denial of Service Vulnerabilities in Cisco Intercompany Media Engine

Google Releases Chrome 13.0.782.215

added August 23, 2011 at 08:07 am

Google has released Chrome 13.0.782.215 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 13.0.782.215 to help mitigate the risks.

Mozilla Releases Firefox 6 and 3.6.20

added August 17, 2011 at 07:57 am

The Mozilla Foundation has released Firefox 6 and Firefox 3.6.20 to address multiple vulnerabilities.  These vulnerabilities may allow an attacker to execute arbitrary code, operate with escalated privileges, or obtain sensitive information.

US-CERT encourages users and administrators to review the Mozilla Foundation Security Advisories for Firefox 6 and Firefox 3.6.20 and apply any necessary updates to help mitigate the risks.

RIM Releases Security Advisory for BlackBerry Enterprise Server

added August 10, 2011 at 01:22 pm

RIM has released a security advisory to address a vulnerability in the BlackBerry MDS Connection Service and BlackBerry Messaging Agent for the BlackBerry Enterprise Server.  The vulnerability may allow an attacker to execute arbitrary code or gain unauthorized access to the BlackBerry Enterprise Server.

US-CERT encourages users and administrators to review the BlackBerry security advisory KB27244 and apply any necessary updates to help mitigate the risks.

Adobe Releases Security Bulletins for Multiple Products

added August 10, 2011 at 09:59 am

Adobe has released security bulletins to alert users of critical and important vulnerabilities in multiple products. The following products are affected:

• Adobe Shockwave Player 11.6.0.626 and earlier versions on the Windows and Macintosh operating systems
• Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris
• Adobe Flash Player 10.3.185.25 and earlier versions for Android
• Adobe Flash Media Server 4.0.2 and earlier versions
• Adobe Flash Media Server 3.5.6 and earlier versions for Windows and Linux
• Adobe Photoshop CS5 and CS5.1 and earlier for Windows and Macintosh
• RoboHelp 9.0.1.233 and earlier, RoboHelp 8, RoboHelp Server 9, and RoboHelp Server 8

Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, take control of an affected system, or perform a cross-site scripting attack.

US-CERT encourages users and administrators to review the Adobe security bulletins and apply any necessary updates to help mitigate the risks.