Current Activity provides timely information on security risks to
help you better protect your systems from malware campaigns and
mitigate against new software vulnerabilities.
Adobe Releases Security Bulletin for Flash Player
Adobe has released a security bulletin for Adobe Flash Player to address multiple vulnerabilities. These vulnerabilities affect Adobe Flash Player 11.4.402.278 and earlier versions for Windows, Adobe Flash Player 11.4.402.265 and earlier versions for Macintosh, Adobe Flash Player 18.104.22.168 and earlier versions for Linux, Adobe Flash Player 22.214.171.124 and earlier versions for Android 4.x, and Adobe Flash Player 126.96.36.199 and earlier versions for Android 3.x and 2.x. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB12-22 and apply any necessary updates to help mitigate the risks.
Microsoft Releases October Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, SQL Server, Server Software, Office, and Lync as part of the Microsoft Security Bulletin summary for October 2012. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with elevated privileges.
US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.
Adobe Releases Security Bulletin About Code Signing Certificate
Adobe has released a security bulletin to address an issue with a current Adobe code signing certificate. The certificate to be revoked has been used to sign malicious code. The certificate will be revoked on October 4, 2012 for all software code signed after July 10, 2012. Adobe is issuing a new digital certificate for all affected products.
US-CERT encourages users and administrators to review the Adobe Security Bulletin ASPA12-01 and take any necessary actions to help mitigate the risk.
Increased Exploitation in Web Content Management Systems
US-CERT is aware of recent increases in the exploitation of known vulnerabilities in web content management systems (CMSs) such as Wordpress and Joomla. Compromised CMS installations can be used to host malicious content.
US-CERT recommends that users and administrators ensure that their CMS installations are patched or upgraded to remove known vulnerabilities. This may require contacting the hosting provider. Also, users and administrators can check for known vulnerabilities in the National Vulnerability Database by searching their CMS by name.
Microsoft Releases Security Advisory for Internet Explorer
Microsoft has released Security Advisory 2757760 to address a vulnerability in Microsoft Internet Explorer 6, 7 , 8, and 9. This vulnerability may allow an attacker to execute arbitrary code if a user accesses specially crafted HTML documents (e.g., a web page or an HTML email message or attachment).
US-CERT encourages users and administrators to review Microsoft Security Advisory 2757760. This advisory indicates that the workaround does not correct the vulnerability, but it may help mitigate the risk against known attack vectors.
Additional information regarding CVE-2012-4969 can be found in the US-CERT Technical Alert TA12-262A and Vulnerability Note VU#480095.
Update: Microsoft has released an out-of-band patch to address this vulnerability. US-CERT encourages users and administrators to review Microsoft Security Bulletin MS12-063 and apply any necessary updates to help mitigate the risk.