The US-CERT Current Activity web page is a regularly updated summary
of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Last reviewed: September 9, 2011 09:11:32 EDT
Adobe Prenotification Security Advisory for Adobe Reader and Acrobat
added September 9, 2011 at 08:18 am
Adobe has issued a prenotification advisory indicating that it plans to release updates for Adobe Reader and Acrobat to address multiple vulnerabilities. The advisory indicates that updates for Windows and Macintosh will be available on September 13, 2011.
US-CERT encourages users and administrators to review the Adobe Advisory.
US-CERT will provide additional information as it becomes available.
Microsoft Releases Advance Notification for September Security Bulletin
added September 8, 2011 at 02:04 pm
Microsoft has issued a Security Bulletin Advance Notification indicating that its September release will contain five bulletins. These bulletins will have the severity rating of important and will be for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, September 13, 2011.
US-CERT will provide additional information as it becomes available.
Fraudulent DigiNotar SSL Certificate
added August 30, 2011 at 08:40 am | updated August 30, 2011 at 11:27 am
US-CERT is aware of public reports of the existence of at least one fraudulent SSL certificate issued by DigiNotar. This fraudulent SSL certificate could be used by an attacker to masquerade as any subdomain of google.com.
Mozilla will be releasing new versions of Firefox for desktop (3.6.21, 6.0.1, 7, 8, and 9) and mobile (6.0.1, 7, 8, and 9). Additional information can be found in the Mozilla Security Blog.
Microsoft has removed the DigiNotar root certificate from the Microsoft Certificate Trust List. This change affects all versions of Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2. Microsoft will be releasing a future update for Windows XP and Windows Server 2003 to address this issue. Additional information can be found in Microsoft Security Advisory 2607712.
Google Chrome users are protected from this attack due to Chrome’s built-in certificate pinning feature. Google also plans to disable the DigiNotar certificate authority. Additional information can be found in the Google Security Blog.
US-CERT encourages users and administrators to apply any necessary updates to help mitigate the risks. US-CERT will provide additional information as it becomes available.
Potential Hurricane Irene Phishing Scams
added August 29, 2011 at 12:05 pm
In the past, US-CERT has received reports of phishing scams and malware campaigns related to topics that are of high-interest to the U.S. Government or news media, such as Hurricane Irene. Users’ systems have been compromised by receiving and accessing phishing emails with subject lines that seem relevant to a high-interest subject and appear to originate from a valid sender. US-CERT reminds users to remain vigilant for potential malicious cyber activity seeking to capitalize on interest in Hurricane Irene. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Irene, even if it appears to originate from a trusted source.
US-CERT encourages users and administrators to use caution when encountering these types of email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns:
- Do not follow unsolicited web links in email messages.
- Use caution when opening email attachments. Refer to the Using Caution with Email Attachments Cyber Security Tip for more information on safely handling email attachments.
- Maintain up-to-date antivirus software.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
- Refer to the Avoiding Social Engineering and Phishing Attacks Cyber Security Tip for more information on social engineering attacks.
- Report phishing to US-CERT by sending email to phishing-report@us-cert.gov.
Cisco Releases Security Advisories
added August 25, 2011 at 12:54 pm
Cisco has released three security advisories to address vulnerabilities affecting the Cisco Unified Communications Manager, the Cisco Unified Presence Server, and the Cisco Intercompany Media Engine. These vulnerabilities may allow an attacker to disclose sensitive information or cause a denial-of-service condition.
US-CERT encourages users and administrators to review the following Cisco security advisories and apply any necessary updates to help mitigate the risks.
- Cisco Unified Communications Manager Denial of Service Vulnerabilities
- Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server
- Denial of Service Vulnerabilities in Cisco Intercompany Media Engine
Google Releases Chrome 13.0.782.215
added August 23, 2011 at 08:07 am
Google has released Chrome 13.0.782.215 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 13.0.782.215 to help mitigate the risks.
Mozilla Releases Firefox 6 and 3.6.20
added August 17, 2011 at 07:57 am
The Mozilla Foundation has released Firefox 6 and Firefox 3.6.20 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, operate with escalated privileges, or obtain sensitive information.
US-CERT encourages users and administrators to review the Mozilla Foundation Security Advisories for Firefox 6 and Firefox 3.6.20 and apply any necessary updates to help mitigate the risks.
RIM Releases Security Advisory for BlackBerry Enterprise Server
added August 10, 2011 at 01:22 pm
RIM has released a security advisory to address a vulnerability in the BlackBerry MDS Connection Service and BlackBerry Messaging Agent for the BlackBerry Enterprise Server. The vulnerability may allow an attacker to execute arbitrary code or gain unauthorized access to the BlackBerry Enterprise Server.
US-CERT encourages users and administrators to review the BlackBerry security advisory KB27244 and apply any necessary updates to help mitigate the risks.
Adobe Releases Security Bulletins for Multiple Products
added August 10, 2011 at 09:59 am
Adobe has released security bulletins to alert users of critical and important vulnerabilities in multiple products. The following products are affected:
- Adobe Shockwave Player 11.6.0.626 and earlier versions on the Windows and Macintosh operating systems
- Adobe Flash Player 10.3.181.36 and earlier versions for Windows, Macintosh, Linux and Solaris
- Adobe Flash Player 10.3.185.25 and earlier versions for Android
- Adobe Flash Media Server 4.0.2 and earlier versions
- Adobe Flash Media Server 3.5.6 and earlier versions for Windows and Linux
- Adobe Photoshop CS5 and CS5.1 and earlier for Windows and Macintosh
- RoboHelp 9.0.1.233 and earlier, RoboHelp 8, RoboHelp Server 9, and RoboHelp Server 8
Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, take control of an affected system, or perform a cross-site scripting attack.
US-CERT encourages users and administrators to review the Adobe security bulletins and apply any necessary updates to help mitigate the risks.
Microsoft Releases August Security Bulletin
added August 4, 2011 at 01:25 pm | updated August 9, 2011 at 02:38 pm
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft Office, Microsoft .NET Framework, and Microsoft Developer Tools as part of the Microsoft Security Bulletin Summary for August 2011. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, cause a denial-of-service condition, or disclose sensitive information.
US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.
Article source: http://www.us-cert.gov/current/index.html#adobe_prenotification_security_advisory_for2
View full post on National Cyber Security