Skip to content

Home  |   FAQ  |   Contact  |   Privacy & Use

customize
Current Activity Calendar
Left Arrow
March 2008
 Right Arrow
Su M Tu W Th F Sa
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31
Please click on a date above to see current activity for that day.

  • Latest Current Activity
    •

    March 20, 2008 - Current Activity

    This is an archived copy of current activity, if you would like to see the most recent version, please click here.

    March 19Microsoft Releases Windows Vista Service Pack 1
    March 19MIT Kerberos Security Advisories
    March 19Apple Security Updates
    March 19VMware Security Advisory
    March 18CA BrightStor ARCserve Backup Vulnerability
    March 18F-Secure Releases Security Bulletin
    March 17Microsoft Updates March Security Bulletin
    March 14Websites Compromised Through SQL Injection
    March 14Search Engine IFRAME Injection Attacks
    March 12Cisco Releases Security Advisory to Address Multiple Vulnerabilities


    Microsoft Releases Windows Vista Service Pack 1

    added March 19, 2008 at 04:53 pm

    Microsoft has released Windows Vista Service Pack 1.  This Service Pack provides updates to increase reliability, performance, compatibility, and security.

    US-CERT encourages users review the following Microsoft articles:


    MIT Kerberos Security Advisories

    added March 19, 2008 at 07:41 am | updated March 19, 2008 at 03:12 pm

    MIT has released two Security Advisories to address multiple vulnerabilities in Kerberos 5. These vulnerabilities affect krb4-enabled KDC servers and the GSS RPC library used by kadmind. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code, obtain sensitive information, or cause a denial of service condition.

    US-CERT encourages users to do the following to help mitigate the risks:

    US-CERT will provide more information as it becomes available.


    Apple Security Updates

    added March 18, 2008 at 05:08 pm | updated March 19, 2008 at 03:03 pm

    Apple has released Safari 3.1 and Security Update 2008-002 to address multiple vulnerabilities.

    These vulnerabilities may allow an attacker to do the following:

    • Execute arbitrary code
    • Cause a denial-of-service condition
    • Bypass authentication
    • Elevate privileges
    • Obtain sensitive information
    • Cause untrusted certificates to appear trusted
    US-CERT encourages users to do the following to help mitigate the risk:
    • Review Apple Article 307563 and upgrade to Safari 3.1.
    • Review Apple Security Update 2008-002 and apply any necessary updates.
    • Review Technical Cyber Security Alert TA08-079A.
    US-CERT will provide more information as it becomes available.


    VMware Security Advisory

    added March 19, 2008 at 08:56 am

    VMware has released Security Advisory VMSA-2008-0005 to address multiple vulnerabilities in several VMware products. These vulnerabilities may allow an attacker to execute arbitrary code, escalate privileges, or cause a denial-of-service condition.

    US-CERT encourages users to review VMware Security Advisory VMSA-2008-0005 and apply any necessary updates.

    US-CERT will provide more information as it becomes available.


    CA BrightStor ARCserve Backup Vulnerability

    added March 18, 2008 at 11:14 am

    US-CERT has seen reports of a vulnerability in CA BrightStor ARCserve Backup. This vulnerability is due to a boundary error within the "AddColumn()" method in the "ListCtrl" ActiveX control. Exploitation of this vulnerability may allow a remote attacker to cause a stack-based buffer overflow and execute arbitrary code.

    US-CERT encourages users to do the following to help mitigate the risk:

    • Set a kill bit for the CLSID {BF6EFFF3-4558-4C4C-ADAF-A87891C5F3A3}.
    • Disable ActiveX as described in the Securing Your Web Browser document.
    US-CERT will provide more information as it becomes available.


    F-Secure Releases Security Bulletin

    added March 18, 2008 at 11:12 am

    F-Secure has released Security Bulletin FSC-2008-2 to address vulnerabilities in multiple F-Secure products. These vulnerabilities are caused by improper handling of malformed archives. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

    US-CERT encourages users to review F-Secure Security Bulletin FSC-2008-2 and apply the updates.

    US-CERT will provide more information as it becomes available.


    Microsoft Updates March Security Bulletin

    added March 14, 2008 at 06:00 pm | updated March 17, 2008 at 04:05 pm

    Microsoft has made revisions to all of the March Security Bulletins. These revisions

    • Clarify why a non-vulnerable version of Office was offered during this update.
    • Correct the registry key for verifying the update for ISA Server.
    • Remove MS07-015 as a replaced bulletin for Microsoft Office XP Service Pack 3.
    • Update vulnerability FAQs
    • Update file information tables for Outlook 2000 and 2003.
    Microsoft has also re-released MS08-014 to include additional information about issues relating to users of Excel 2003 Service Pack 2 or Service Pack 3.

    US-CERT encourages users to review the updated March Security Bulletins and apply any necessary updates.


    Websites Compromised Through SQL Injection

    added March 13, 2008 at 12:04 pm | updated March 14, 2008 at 06:01 pm

    US-CERT has seen reports of an attack that has compromised a large number of legitimate websites. The reports indicate that attackers are modifying the sites and embedding a reference to JavaScript code. Users who visit one of these infected websites may unknowingly execute malicious code. This code attempts to exploit known vulnerabilities for which patches are available but may not have been applied to the victim's system.

    This issue is currently exploiting a variety of vulnerabilities:

    • Baofeng Storm ActiveX
    • Ourgame GLChat ActiveX
    • Microsoft Internet Explorer VML (VU#122084)
    • Qvod Player ActiveX
    • Microsoft RDS.Dataspace ActiveX (VU#234812)
    • RealPlayer playlist ActiveX (VU#871673)
    • Storm Player ActiveX
    • Microsoft Windows WebViewFolderIcon ActiveX (VU#753044)
    • Xunlei Thunder DapPlayer ActiveX
    US-CERT encourages users to do the following to help mitigate the risks of this and similar attacks:
    • Regularly apply software updates and patches provided by vendors.
    • Disable JavaScript and ActiveX as described in the Securing Your Web Browser document.
    US-CERT will provide more information as it becomes available.


    Search Engine IFRAME Injection Attacks

    added March 14, 2008 at 05:45 pm | updated March 14, 2008 at 06:00 pm

    US-CERT has seen reports of attacks using specially crafted URLs that inject IFRAMEs as terms into search engines on legitimate websites.  The affected URLs include popular search terms, and may be returned as high ranking results in internet search engines. If the site hosting the search engine is vulnerable to cross-site scripting, users who follow the affected URLs may be unknowingly redirected to malicious websites. These sites may then attempt to exploit web browser vulnerabilities, entice users to download and install malicious code, or display unsolicited advertisements.

    US-CERT encourages users to do the following to help mitigate the risk of this and similar attacks:

    • Regularly apply software updates and patches provided by vendors.
    • Disable JavaScript and ActiveX as described in the Securing Your Web Browser document.


    Cisco Releases Security Advisory to Address Multiple Vulnerabilities

    added March 12, 2008 at 03:50 pm

    Cisco has released Security Advisory cisco-sa-20080312-ucp to address multiple vulnerabilities in the Cisco Secure Access Control Server for Windows User-Changeable Password (UCP) application. These vulnerabilities are due to buffer overflow conditions and improper sanitization of input passed to CSuserCGI.exe. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code.

    US-CERT encourages users to review Cisco Security Advisory cisco-sa-20080312-ucp and apply any necessary updates.

    US-CERT will provide more information as it becomes available.