Current Activity

Current Activity provides timely information on security risks to help you better protect your systems from malware campaigns and mitigate against new software vulnerabilities.

Microsoft Releases Advanced Notification for October Security Bulletin

added Friday, October 5, 2012 at 10:59 am

Microsoft has issued a Security Bulletin Advanced Notification indicating that its October release will contain seven bulletins. These bulletins will have the severity ratings of critical and important, and will be for Microsoft Windows, SQL Server, Server Software, Office, and Lync. These bulletins are scheduled for release on Tuesday, October 9, 2012.

US-CERT will provide additional information as it becomes available.

Adobe Releases Security Bulletin About Code Signing Certificate

added Friday, September 28, 2012 at 11:30 am

Adobe has released a security bulletin to address an issue with a current Adobe code signing certificate. The certificate to be revoked has been used to sign malicious code. The certificate will be revoked on October 4, 2012 for all software code signed after July 10, 2012. Adobe is issuing a new digital certificate for all affected products.

US-CERT encourages users and administrators to review the Adobe Security Bulletin ASPA12-01 and take any necessary actions to help mitigate the risk.

Increased Exploitation in Web Content Management Systems

added Friday, September 21, 2012 at 5:14 pm

US-CERT is aware of recent increases in the exploitation of known vulnerabilities in web content management systems (CMSs) such as Wordpress and Joomla. Compromised CMS installations can be used to host malicious content.

US-CERT recommends that users and administrators ensure that their CMS installations are patched or upgraded to remove known vulnerabilities. This may require contacting the hosting provider. Also, users and administrators can check for known vulnerabilities in the National Vulnerability Database by searching their CMS by name.

Microsoft Releases Security Advisory for Internet Explorer

added Wednesday, September 19, 2012 at 9:42 am | updated Friday, September 21, 2012 at 2:21 pm

Microsoft has released Security Advisory 2757760 to address a vulnerability in Microsoft Internet Explorer 6, 7 , 8, and 9. This vulnerability may allow an attacker to execute arbitrary code if a user accesses specially crafted HTML documents (e.g., a web page or an HTML email message or attachment).

US-CERT encourages users and administrators to review Microsoft Security Advisory 2757760. This advisory indicates that the workaround does not correct the vulnerability, but it may help mitigate the risk against known attack vectors.

Additional information regarding CVE-2012-4969 can be found in the US-CERT Technical Alert TA12-262A and Vulnerability Note VU#480095.

Update: Microsoft has released an out-of-band patch to address this vulnerability. US-CERT encourages users and administrators to review Microsoft Security Bulletin MS12-063 and apply any necessary updates to help mitigate the risk.

Microsoft Releases September Security Bulletin

added Thursday, September 6, 2012 at 02:06 pm | updated Tuesday, September 11, 2012 at 3:35 pm

Microsoft has released updates to address vulnerabilities in Microsoft Development Tools and Server Software as part of the Microsoft Security Bulletin summary for September 2012. These vulnerabilities may allow an attacker to operate with elevated privileges.

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.