The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Oracle has released its Critical Patch Update for January 2012 to address 78 vulnerabilities across multiple products. This update contains the following security fixes:
- 2 for Oracle Database Server
- 1 for Oracle Fusion Middleware
- 3 for Oracle E-Business Suite
- 1 for Oracle Supply Chain Products Suite
- 6 for Oracle PeopleSoft Products
- 8 for Oracle JD Edwards Products
- 17 for Oracle Sun Products Suite
- 3 for Oracle Virtualization
- 27 for Oracle MySQL
US-CERT encourages users and administrators to review the January 2012 Critical Patch Update and apply any necessary updates to help mitigate the risks.
Additional information regarding CVE-2012-0110 can be found in US-CERT Vulnerability Note VU#738961.
Adobe has released a Security Advisory for Adobe Reader and Acrobat to address multiple vulnerabilities affecting the following software versions:
- Adobe Reader X (10.1.1) and earlier 10.x versions for Windows and Macintosh
- Adobe Reader 9.4.7 and earlier 9.x versions for Windows
- Adobe Reader 9.4.6 and earlier 9.x versions for Macintosh
- Adobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and Macintosh
- Adobe Acrobat 9.4.7 and earlier 9.x versions for Windows
- Acrobat 9.4.6 and earlier 9.x versions for Macintosh
US-CERT encourages users and administrators to review Adobe security advisory APSB12-01 and apply any necessary updates to help mitigate the risks.
On January 10, 2012, US-CERT received reports of a phishing campaign that is spoofing US-CERT email to deliver a variant of the Zeus/Zbot Trojan known as Ice-IX. This campaign appears to be targeting a large number of private sector organizations as well as federal, state, and local governments.
US-CERT advises that users do not open the email or any of the attachments and promptly delete the email from their inboxes.
Reports indicate that SOC@US-CERT.GOV is the primary email address being spoofed but other invalid email addresses are also being used.
The subject of the phishing email is: "Phishing incident report call number: PH000000XXXXXXX" with the "X" containing an incident report number that varies.
The attached zip file is titled "US-CERT Operation Center Report XXXXXXX.zip", with "X" indicating a random value or string. The zip attachment contains an executable file with the name "US-CERT Operation CENTER Reports.eml.exe", which is a variant of the Zeus/Zbot Trojan known as Ice-IX.