US CERT Current Activity
The US-CERT Current Activity web
page is a regularly updated summary of the most frequent, high-impact types of security
incidents currently being reported to the US-CERT.
Copyright 2010 Carnegie Mellon University
Updated: 1 hour 21 min ago
Apple Releases iTunes 10
Apple has released iTunes 10 to address multiple vulnerabilities affecting the WebKit package. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
US-CERT encourages users and administrators to review Apple article HT4328 and apply any necessary updates to help mitigate the risks.
US-CERT encourages users and administrators to review Apple article HT4328 and apply any necessary updates to help mitigate the risks.
Categories: Alertas
Google Releases Chrome 6.0.472.53
Google has released Chrome 6.0.472.53 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, bypass security restrictions, obtain sensitive information, or conduct spoofing attacks.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.
Categories: Alertas
VMware Releases Updates for ESX Service Console Packages
VMware has released security updates for multiple third party packages for the ESX Service Console. These updates address vulnerabilities in the perl, krb5, samba, tar, and cpio packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or bypass security restrictions.
US-CERT encourages users and administrators to review VMware security advisory VMSA-2010-0013 and apply any necessary updates to help mitigate the risks.
US-CERT encourages users and administrators to review VMware security advisory VMSA-2010-0013 and apply any necessary updates to help mitigate the risks.
Categories: Alertas
Cisco Releases Security Advisory for IOS XR Software Border Gateway Protocol
Cisco has released a security advisory to address a vulnerability in the Cisco IOS XR Software Border Gateway Protocol feature. Exploitation of this vulnerability may result in the continuous resetting of BGP peering sessions, which may cause a denial-of-service condition for affected networks.
US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100827-bgp and apply any necessary updates to help mitigate the risks.
US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100827-bgp and apply any necessary updates to help mitigate the risks.
Categories: Alertas
RealNetworks Releases Update to Address Vulnerabilities in RealPlayer
RealNetworks, Inc. has released an update for RealPlayer to address multiple vulnerabilities. These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information.
US-CERT encourages users and administrators to review the RealNetworks, Inc. security advisory for these vulnerabilities and apply any necessary updates to help mitigate the risks.
US-CERT encourages users and administrators to review the RealNetworks, Inc. security advisory for these vulnerabilities and apply any necessary updates to help mitigate the risks.
Categories: Alertas
Cisco Releases Advisories for Unified Communications Manager and Unified Presence
Cisco has released security advisories to address multiple vulnerabilities affecting Unified Communications Manager and Unified Presence.
These vulnerabilities affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition, which could cause an interruption of voice services.
Cisco Unified Communications Manager users and administrators are encouraged to review Cisco security advisory cisco-sa-20100825-cucm and apply any necessary updates to help mitigate the risks. Cisco Unified Presence users and administrators are encouraged to review Cisco security advisory cisco-sa-20100825-cup and apply any necessary updates to help mitigate the risks.
These vulnerabilities affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition, which could cause an interruption of voice services.
Cisco Unified Communications Manager users and administrators are encouraged to review Cisco security advisory cisco-sa-20100825-cucm and apply any necessary updates to help mitigate the risks. Cisco Unified Presence users and administrators are encouraged to review Cisco security advisory cisco-sa-20100825-cup and apply any necessary updates to help mitigate the risks.
Categories: Alertas
APWG Fax Back Phishing Education Program
In an effort to respond to a growing public threat by offline phishers that conduct various scams via fax, the Anti-phishing Working Group (APWG) has partnered with the Internal Revenue Service (IRS) to create the APWG Fax Back Phishing Education Program. This program is designed to provide telecommunications companies and Fax over Internet Protocol (FoIP) hosting firms with information that can be used to educate consumers about these types of scams. Offline phishing differs from traditional phishing in that it involves sending emails with attachments or direct faxes to individuals or businesses and is not done strictly online. Recipients of offline phishing scams are coerced to complete the fake documents and fax them back or be penalized.
In conjunction with IRS's Online Fraud Detection and Prevention (OFDP) group, APWG created a fax coversheet that can be downloaded by carriers and used to notify victims of offline phishing. This fax coversheet also provides links to other APWG resources which allow the victims to submit a complaint directly to the appropriate clearinghouse.
More information about the APWG Fax Back Phishing Education Program and the advisory fax coversheet can be found at the following
In conjunction with IRS's Online Fraud Detection and Prevention (OFDP) group, APWG created a fax coversheet that can be downloaded by carriers and used to notify victims of offline phishing. This fax coversheet also provides links to other APWG resources which allow the victims to submit a complaint directly to the appropriate clearinghouse.
More information about the APWG Fax Back Phishing Education Program and the advisory fax coversheet can be found at the following
Categories: Alertas
Insecure Loading of Dynamic Link Libraries in Windows Applications
US-CERT is aware of a class of vulnerabilities related to how some Windows applications may load external dynamic link libraries (DLLs). When an application loads a DLL without specifying a fully qualified path name, Windows will attempt to locate the DLL by searching a defined set of directories. If an application does not securely load DLL files, an attacker may be able to cause the affected application to load an arbitrary library.
By convincing a user to open a file from a location that is under an attacker's control, such as a USB drive or network share, a remote attacker may be able to exploit this vulnerability. Exploitation of this vulnerability may result in the execution of arbitrary code.
Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#707943. US-CERT encourages users and administrators to review the vulnerability note and consider implementing the following workarounds until fixes are released by affected vendors
US-CERT will provide updates when additional details become available.
By convincing a user to open a file from a location that is under an attacker's control, such as a USB drive or network share, a remote attacker may be able to exploit this vulnerability. Exploitation of this vulnerability may result in the execution of arbitrary code.
Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#707943. US-CERT encourages users and administrators to review the vulnerability note and consider implementing the following workarounds until fixes are released by affected vendors
- disable loading libraries from WebDAV and remote network shares
- disable the WebClient service
- block outgoing SMB traffic
US-CERT will provide updates when additional details become available.
Categories: Alertas
Adobe Releases Security Bulletin for Shockwave Player
Adobe has released a security update to address multiple vulnerabilities affecting Shockwave Player 11.5.7.609 and earlier versions. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review Adobe security bulletin APSB10-20 and upgrade to Adobe Shockwave Player 11.5.8.612 to help mitigate the risks.
US-CERT encourages users and administrators to review Adobe security bulletin APSB10-20 and upgrade to Adobe Shockwave Player 11.5.8.612 to help mitigate the risks.
Categories: Alertas
Apple Releases Security Update 2010-005
Apple has released security update 2010-005 to address multiple vulnerabilities affecting the ATS, CFNetwork, ClamAV, CoreGraphics, libsecurity, PHP, and Samba applications. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, cause a denial-of-service condition, or impersonate hosts within a domain.
US-CERT encourages users and administrators to review Apple article HT4312 and apply any necessary updates to help mitigate the risks.
US-CERT encourages users and administrators to review Apple article HT4312 and apply any necessary updates to help mitigate the risks.
Categories: Alertas
Microsoft Releases Security Advisory
Microsoft has released a security advisory indicating that it is aware of a remote attack vector for a class of vulnerabilities related to how applications load external dynamic link libraries (DLLs). If an application does not securely load DLL files, an attacker may be able to cause the application to load an arbitrary library. By convincing a user to open a file from a location that is under an attacker's control, such as a USB drive or network share, a remote attacker may be able exploit this vulnerability. Exploitation of this vulnerability may result in the execution of arbitrary code or elevation of privileges.
At this time, US-CERT is aware of reports of publicly available exploit code for this vulnerability.
US-CERT encourages users and administrators to review Microsoft security advisory 2269637 and consider implementing the workarounds listed in the document. Please note that these workarounds may reduce the functionality of the affected systems. Workarounds include
At this time, US-CERT is aware of reports of publicly available exploit code for this vulnerability.
US-CERT encourages users and administrators to review Microsoft security advisory 2269637 and consider implementing the workarounds listed in the document. Please note that these workarounds may reduce the functionality of the affected systems. Workarounds include
- disabling the loading of libraries from WebDAV and remote network shares
- disabling the WebClient service
- blocking TCP ports 139 and 445 at the firewall
Categories: Alertas
VideoLAN Releases a Security Advisory for VLC Media Player
VideoLAN has released a security advisory to address a vulnerability in VLC Media Player. This vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. The updated release also addresses additional issues that could result in a denial-of-service attack.
US-CERT encourages users and administrators to review VideoLAN security advisory VideoLAN-SA-1004 and apply any necessary updates or workarounds to help mitigate the risks.
US-CERT encourages users and administrators to review VideoLAN security advisory VideoLAN-SA-1004 and apply any necessary updates or workarounds to help mitigate the risks.
Categories: Alertas
Google Releases Chrome 5.0.375.127
Google has released Chrome 5.0.375.127 for Windows, Mac, and Linux to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or conduct spoofing attacks.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.
Categories: Alertas
Adobe Releases Security Update for Adobe Reader and Acrobat
Adobe has released an update for Reader and Acrobat to address multiple vulnerabilities. These vulnerabilities affect the following versions:
Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or execute arbitrary code.
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB10-17 and apply any necessary updates to help mitigate the risks.
- Adobe Reader 9.3.3 and earlier versions for Windows, Macintosh, and UNIX
- Adobe Acrobat 9.3.3 and earlier versions for Windows and Macintosh
Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or execute arbitrary code.
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB10-17 and apply any necessary updates to help mitigate the risks.
Categories: Alertas
Cisco IOS Software Vulnerability
Cisco has released a security advisory to address a vulnerability affecting IOS Software Release 15.1(2)T. This vulnerability may allow an attacker to cause a denial-of-service condition by sending a specially crafted packet through normal network traffic.
US-CERT encourages users and administrators to review Cisco advisory cisco-sa-20100812-tcp and apply any necessary updates to help mitigate the risks.
US-CERT encourages users and administrators to review Cisco advisory cisco-sa-20100812-tcp and apply any necessary updates to help mitigate the risks.
Categories: Alertas
Apple Releases QuickTime 7.6.7
Apple has released QuickTime 7.6.7 for Windows to address a vulnerability. This vulnerability is due to a stack buffer overflow that exists in QuickTime error logging. By convincing a user to open a specially crafted movie file, a remote attacker may be able to execute arbitrary code or cause a denial-of-service condition.
US-CERT encourages users and administrators to review Apple article HT4290 and update to QuickTime 7.6.7 to help mitigate the risks.
US-CERT encourages users and administrators to review Apple article HT4290 and update to QuickTime 7.6.7 to help mitigate the risks.
Categories: Alertas
Apple Releases Updates for iPhone, iPod touch, and iPad
Apple has released iOS 4.0.2 for the iPhone and iPod touch and iOS 3.2.2 for the iPad to address vulnerabilities in the FreeType and IOSurface packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or gain system privileges.
iPhone and iPod touch users are encouraged to review Apple article HT4291 and upgrade to iOS 4.0.2. iPad users are encouraged to review Apple article HT4292 and upgrade to iOS 3.2.2. Additional information regarding the vulnerability affecting the FreeType package can be found in US-CERT Vulnerability Note VU#275247.
iPhone and iPod touch users are encouraged to review Apple article HT4291 and upgrade to iOS 4.0.2. iPad users are encouraged to review Apple article HT4292 and upgrade to iOS 3.2.2. Additional information regarding the vulnerability affecting the FreeType package can be found in US-CERT Vulnerability Note VU#275247.
Categories: Alertas
Adobe Releases Security Update for Flash Player
Adobe has released Flash Player 10.1.82.76 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. This vulnerability also affects Adobe Air 2.0.2.12310 and earlier versions.
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB10-16 and apply any necessary updates to help mitigate the risks. Additional information can be found in the US-CERT Vulnerability Note VU#660993.
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB10-16 and apply any necessary updates to help mitigate the risks. Additional information can be found in the US-CERT Vulnerability Note VU#660993.
Categories: Alertas
Google Releases Chrome 5.0.375.126
Google has released Chrome 5.0.375.126 for Linux, Mac, and Windows. Chrome 5.0.375.126 contains an updated version of the Flash plugin which addresses multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.
Categories: Alertas
Microsoft Releases August Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, and Silverlight as part of the Microsoft Security Bulletin Summary for August 2010. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges.
US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.
US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.
Categories: Alertas






