| Apr 15, 2008 |
Federal Subpoena Email Scam US-CERT has seen public reports of a scam circulating via email messages that claim to be federal subpoenas. These messages request that the user follow a link to download additional information about the case. If a user clicks on this link, malicious code may be installed on the system. US-CERT encourages users to do the following to help mitigate the risk:
|
| Apr 14, 2008 |
Oracle Issues Pre-Release Announcement for April Critical Patch Update Oracle has issued a Pre-Release Announcement indicating that its April Critical Patch Update (CPU) will contain 41 new security fixes across hundreds of products. The announcement further states that
We will provide additional information as it becomes available. |
| Apr 14, 2008 |
EMC DiskXtender Vulnerabilities US-CERT is aware of reports of vulnerabilities in EMC DiskXtender. These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or bypass security restrictions on an affected system. US-CERT encourages users to visit EMC's website for additional information regarding these vulnerabilities. |
| Apr 14, 2008 |
ClamAV PE Scanning Vulnerability US-CERT is aware of a report of a buffer overflow vulnerability affecting ClamAV. This heap-based buffer overflow vulnerablity may allow an attacker to execute arbitrary code on an affected system. US-CERT recommends that users do not scan PE files from untrusted sources. |
| Apr 11, 2008 |
Active Exploitation of GDI Vulnerabilities US-CERT has seen public reports of an exploit targeting vulnerabilities in GDI. These vulnerabilities are due to buffer overflow conditions that exist in the processing of EMF and WMF image files. By convincing a user to open a specially crafted EMF or WMF file, a remote attacker may be able to execute arbitrary code. These vulnerabilities were addressed in Microsoft Security Bulletin MS08-021. Users who have not applied this patch are vulnerable. Additional information about these vulnerabilities is available in the Vulnerability Notes Database. US-CERT encourages users to review MS08-021 and apply the patch or workarounds to help mitigate the risks. |
| Apr 09, 2008 |
Email Attack Circulating US-CERT has seen reports of an email attack that is circulating. This attack is in the form of an email message with the subject line "Evacuation process has been started due to radiation leaks at San Clemente Nucklear Power Station." The message body states that the information is from a trusted news source and encourages users to follow a link to view a video. This link may direct users to a website hosting malicious code. US-CERT encourages users to do the following to help mitigate the risk:
|
| Apr 09, 2008 |
IBM Lotus Notes Vulnerabilities IBM has released Technote 1298453 to address multiple vulnerabilities in Lotus Notes. These vulnerabilities are due to improper handling of the following file types:
US-CERT encourages users to review IBM Technote 1298453 and apply the appropriate updates or workarounds. |
| Apr 09, 2008 |
Adobe Flash Player Vulnerabilities Adobe has released Flash Player 9.0.124.0 to address multiple vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code or conduct cross-site scripting attacks. US-CERT encourages users to review Adobe Security Bulletin APSB08-11 and upgrade to Flash Player 9.0.124.0 to help mitigate the risks. US-CERT will provide additional information as it becomes available. |
| Apr 08, 2008 |
Microsoft Releases April Security Bulletin Microsoft has released updates to address vulnerabilities in Microsoft Windows, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for April 2008. These vulnerabilities could allow an attacker to execute arbitrary code, access the system with elevated privileges, or redirect internet traffic. More information about these vulnerabilities can be found in Technical Cyber Security Alert TA08-099. US-CERT encourages user to review the bulletins and follow best-practice security policies to determine which updates should be applied. |
| Apr 07, 2008 |
Email Attack Targeting Microsoft's April Security Bulletin Release Cycle US-CERT has seen reports of an email attack targeting Microsoft's April Security Bulletin release cycle. This attack arrives via email messages with the subject line "Critical Patch Released: Microsoft Security Bulletin MS08-64738." These email messages contain a link to a fraudulent Microsoft Update web site that hosts malicious code or contains an attachment that is embedded with malicious code. Users who follow the link or open the attachment may become infected with a Trojan. US-CERT encourages users to do the following to help mitigate the risks:
|