Current Activity Calendar
| April 16, 2008 - Current ActivityThis is an archived copy of current activity, if you would like to see the most recent version, please click here.Federal Subpoena Spear-Phishing Attackadded April 15, 2008 at 08:31 am | updated April 16, 2008 at 09:34 am
US-CERT is aware of public reports of a spear-phishing attack circulating via email messages that claim to be federal subpoenas. These messages appear to be legitimate because they can contain very specific information about the message recipient. The message requests that the user follow a link to download additional information about the case, but if a user clicks on this link, malicious code may be installed on the system.
Oracle Releases Critical Patch Update for April 2008added April 15, 2008 at 04:30 pm
Oracle has released their Critical Patch Update for April 2008 to address 41 vulnerabilities across several products. This update contains the following security fixes:
Multiple ClamAV Vulnerabilitiesadded April 14, 2008 at 03:32 pm | updated April 15, 2008 at 12:45 pm
Clam AntiVirus has released ClamAV 0.93 to address multiple vulnerabilities. Two of these vulnerabilities are due to buffer overflow conditions in the handling of Upack executables in libclamav/pe.c and PeSpin packed executables in libclamav/spin.c. There are two additional vulnerabilities due to improper handling of ARJ and RAR archives. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial-of-service condition. Oracle Issues Pre-Release Announcement for April Critical Patch Updateadded April 14, 2008 at 03:17 pm
Oracle has issued a Pre-Release Announcement indicating that its April Critical Patch Update (CPU) will contain 41 new security fixes across hundreds of products.
We will provide additional information as it becomes available. EMC DiskXtender Vulnerabilitiesadded April 14, 2008 at 03:17 pm
US-CERT is aware of reports of vulnerabilities in EMC DiskXtender. These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or bypass security restrictions on an affected system. Active Exploitation of GDI Vulnerabilitiesadded April 11, 2008 at 02:03 pm
US-CERT is following public reports indicating that attackers are attempting to exploit vulnerabilities in GDI. These vulnerabilities are due to buffer overflow conditions that exist in the processing of EMF and WMF image files. By convincing a user to open a specially crafted EMF or WMF file, a remote attacker may be able to execute arbitrary code. These vulnerabilities were addressed in Microsoft Security Bulletin MS08-021. Users who have not applied this patch are vulnerable. Email Attack Circulatingadded April 9, 2008 at 03:06 pm
US-CERT has seen reports of an email attack that is circulating. This attack is in the form of an email message with the subject line "Evacuation process has been started due to radiation leaks at San Clemente Nucklear Power Station." The message body states that the information is from a trusted news source and encourages users to follow a link to view a video. This link may direct users to a website hosting malicious code.
Adobe Flash Player Vulnerabilitiesadded April 9, 2008 at 07:34 am | updated April 9, 2008 at 10:36 am
Adobe has released Flash Player 9.0.124.0 to address multiple vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code or conduct cross-site scripting attacks. IBM Lotus Notes Vulnerabilitiesadded April 9, 2008 at 08:57 am
IBM has released Technote 1298453 to address multiple vulnerabilities in Lotus Notes. These vulnerabilities are due to improper handling of the following file types:
US-CERT encourages users to review IBM Technote 1298453 and apply the appropriate updates or workarounds. Microsoft Releases April Security Bulletinadded April 8, 2008 at 02:33 pm
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for April 2008. These vulnerabilities could allow an attacker to execute arbitrary code, access the system with elevated privileges, or redirect internet traffic. |
Information For
Sign Up
Reporting
DHS Threat Advisory
The threat level in the airline sector is High or Orange. Read more