U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Oracle Releases Critical Patch Update for January 2012

Oracle has released its Critical Patch Update for January 2012 to address 78 vulnerabilities across multiple products. This update contains the following security fixes:

  • 2 for Oracle Database Server
  • 1 for Oracle Fusion Middleware
  • 3 for Oracle E-Business Suite
  • 1 for Oracle Supply Chain Products Suite
  • 6 for Oracle PeopleSoft Products
  • 8 for Oracle JD Edwards Products
  • 17 for Oracle Sun Products Suite
  • 3 for Oracle Virtualization
  • 27 for Oracle MySQL

US-CERT encourages users and administrators to review the January 2012 Critical Patch Update and apply any necessary updates to help mitigate the risks.

Additional information regarding CVE-2012-0110 can be found in US-CERT Vulnerability Note VU#738961.

Adobe Releases Security Advisory for Adobe Reader and Acrobat

Adobe has released a Security Advisory for Adobe Reader and Acrobat to address multiple vulnerabilities affecting the following software versions:

  • Adobe Reader X (10.1.1) and earlier 10.x versions for Windows and Macintosh
  • Adobe Reader 9.4.7 and earlier 9.x versions for Windows
  • Adobe Reader 9.4.6 and earlier 9.x versions for Macintosh
  • Adobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and Macintosh
  • Adobe Acrobat 9.4.7 and earlier 9.x versions for Windows
  • Acrobat 9.4.6 and earlier 9.x versions for Macintosh
Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or take control of the affected system.

US-CERT encourages users and administrators to review Adobe security advisory APSB12-01 and apply any necessary updates to help mitigate the risks.

Phishing Campaign Using Spoofed US-CERT Email Addresses

On January 10, 2012, US-CERT received reports of a phishing campaign that is spoofing US-CERT email to deliver a variant of the Zeus/Zbot Trojan known as Ice-IX. This campaign appears to be targeting a large number of private sector organizations as well as federal, state, and local governments.

US-CERT advises that users do not open the email or any of the attachments and promptly delete the email from their inboxes.

Reports indicate that SOC@US-CERT.GOV is the primary email address being spoofed but other invalid email addresses are also being used.

The subject of the phishing email is: "Phishing incident report call number: PH000000XXXXXXX" with the "X" containing an incident report number that varies.

The attached zip file is titled "US-CERT Operation Center Report XXXXXXX.zip", with "X" indicating a random value or string. The zip attachment contains an executable file with the name "US-CERT Operation CENTER Reports.eml.exe", which is a variant of the Zeus/Zbot Trojan known as Ice-IX.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top