http://seclists.org/#cert en-us The <a href="http://www.cert.org/">Computer Emergency Response Team</a> has been responding to security incidents and sharing vulnerability information since the Morris Worm hit in 1986. This archive combines their technical security alerts, tips, and current activity lists. Wed, 16 May 2012 15:45:06 GMT Wed, 16 May 2012 15:45:06 GMT http://seclists.org/cert/2012/63 <p>Posted by Current Activity on May 16</p>US-CERT Current Activity<br> <br> Apple Releases QuickTime 7.7.2<br> <br> Original release date: Wednesday, May 16, 2012 at 10:23 am<br> Last revised: Wednesday, May 16, 2012 at 10:23 am<br> <br> Apple has released QuickTime 7.7.2 to address multiple vulnerabilities.<br> These vulnerabilities may allow an attacker to execute arbitrary code or<br> cause a denial-of-service condition.<br> <br> US-CERT encourages users and administrators to review Apple Support<br> Article HT5261 and apply any...<br> Wed, 16 May 2012 15:38:39 GMT http://seclists.org/cert/2012/63 http://seclists.org/cert/2012/62 <p>Posted by Current Activity on May 15</p>US-CERT Current Activity<br> <br> Google Releases Google Chrome 19<br> <br> Original release date: Tuesday, May 15, 2012 at 2:13 pm<br> Last revised: Tuesday, May 15, 2012 at 2:13 pm<br> <br> Google has released Google Chrome 19 for Linux, Mac, Windows, and Chrome<br> Frame to address multiple vulnerabilities. These vulnerabilities may<br> allow an attacker to execute arbitrary code or cause a denial-of-service<br> condition.<br> <br> US-CERT encourages users and administrators to review the...<br> Tue, 15 May 2012 19:09:37 GMT http://seclists.org/cert/2012/62 http://seclists.org/cert/2012/61 <p>Posted by Current Activity on May 10</p>US-CERT Current Activity<br> <br> Apple Releases Multiple Security Updates<br> <br> Original release date: Thursday, May 10, 2012 at 2:30 pm<br> Last revised: Thursday, May 10, 2012 at 2:30 pm<br> <br> Apple has released security updates for Apple OS X and Safari to address<br> multiple vulnerabilities for the following products:<br> <br> * Safari 5.1.7 for Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion<br> Server v10.7.4, OS X Lion v10.7.4, Windows 7, Vista, XP SP2 or later<br> * OS X...<br> Thu, 10 May 2012 19:18:15 GMT http://seclists.org/cert/2012/61 http://seclists.org/cert/2012/60 <p>Posted by US-CERT Alerts on May 08</p> National Cyber Alert System<br> <br> Technical Cyber Security Alert TA12-129A<br> <br> Microsoft Updates for Multiple Vulnerabilities<br> <br> Original release date: May 08, 2012<br> Last revised: --<br> Source: US-CERT<br> <br> Systems Affected<br> <br> * Microsoft Windows<br> * Microsoft .NET Framework<br> * Microsoft Office<br> * Microsoft Silverlight<br> <br> Overview<br> <br> Select Microsoft software products contain multiple<br> vulnerabilities....<br> Wed, 09 May 2012 01:22:07 GMT http://seclists.org/cert/2012/60 http://seclists.org/cert/2012/59 <p>Posted by Current Activity on May 08</p>US-CERT Current Activity<br> <br> Microsoft Releases May Security Bulletin<br> <br> Original release date: Tuesday, May 8, 2012 at 03:38 pm<br> Last revised: Tuesday, May 8, 2012 at 03:38 pm<br> <br> Microsoft has released updates to address vulnerabilities in Microsoft<br> Windows, Office, .NET Framework, and Silverlight as part of the<br> Microsoft Security Bulletin Summary for May 2012. These vulnerabilities<br> may allow an attacker to execute arbitrary code or operate with...<br> Tue, 08 May 2012 19:50:54 GMT http://seclists.org/cert/2012/59 http://seclists.org/cert/2012/58 <p>Posted by Current Activity on May 04</p>US-CERT Current Activity<br> <br> Adobe Releases Security Advisory for Adobe Flash Player<br> <br> Original release date: Friday, May 4, 2012 at 11:06 am<br> Last revised: Friday, May 4, 2012 at 11:06 am<br> <br> Adobe has released a Security Advisory for Adobe Flash Player to address<br> a vulnerability affecting the following software versions:<br> <br> * Adobe Flash Player 11.2.202.233 and earlier versions for Windows,<br> Macintosh, and Linux operating systems * Adobe Flash Player...<br> Fri, 04 May 2012 15:40:07 GMT http://seclists.org/cert/2012/58 http://seclists.org/cert/2012/57 <p>Posted by Current Activity on May 03</p>US-CERT Current Activity<br> <br> Microsoft Releases Advance Notification for May Security Bulletin<br> <br> Original release date: Thursday, May 3, 2012 at 03:49 pm<br> Last revised: Thursday, May 3, 2012 at 03:49 pm<br> <br> Microsoft has issued a Security Bulletin Advance Notification indicating<br> that its May release will contain seven bulletins. These bulletins will<br> have the severity ratings of critical and important and will be for<br> Microsoft Windows, Office, .NET...<br> Thu, 03 May 2012 20:23:22 GMT http://seclists.org/cert/2012/57 http://seclists.org/cert/2012/56 <p>Posted by Current Activity on May 01</p>US-CERT Current Activity<br> <br> Google Releases Chrome 18.0.1025.168<br> <br> Original release date: Tuesday, May 1, 2012 at 09:58 am<br> Last revised: Tuesday, May 1, 2012 at 09:58 am<br> <br> Google has released Chrome 18.0.1025.168 for Linux, Macintosh, Windows,<br> and Google Chrome Frame to address multiple vulnerabilities. These<br> vulnerabilities may allow an attacker to execute arbitrary code or cause<br> a denial-of-service condition.<br> <br> US-CERT encourages users and...<br> Tue, 01 May 2012 14:47:27 GMT http://seclists.org/cert/2012/56 http://seclists.org/cert/2012/55 <p>Posted by Current Activity on Apr 24</p>US-CERT Current Activity<br> <br> RuggedCom Rugged Operating System Vulnerability<br> <br> Original release date: Tuesday, April 24, 2012 at 4:14 pm<br> Last revised: Tuesday, April 24, 2012 at 4:14 pm<br> <br> RuggedCom Rugged Operating System (ROS), used in RuggedCom network<br> infrastructure devices, contains a hard-coded user account with a<br> predictable password.<br> <br> This user account cannot be manually disabled. An attacker who<br> successfully guesses the password may be able to...<br> Tue, 24 Apr 2012 20:42:48 GMT http://seclists.org/cert/2012/55 http://seclists.org/cert/2012/54 <p>Posted by Current Activity on Apr 24</p>US-CERT Current Activity<br> <br> DNSChanger Malware<br> <br> Original release date: Tuesday, April 24, 2012 at 2:20 pm<br> Last revised: Tuesday, April 24, 2012 at 2:20 pm<br> <br> US-CERT encourages users and administrators to ensure their systems are<br> not infected with the DNSChanger malware by utilizing tools and<br> resources available at the DNS Changer Working Group (DCWG) website.<br> Computers testing positive for infection of DNSChanger malware will need<br> to be cleaned of...<br> Tue, 24 Apr 2012 18:47:37 GMT http://seclists.org/cert/2012/54 http://seclists.org/cert/2012/53 <p>Posted by Current Activity on Apr 18</p>US-CERT Current Activity<br> <br> Oracle Releases Critical Patch Update for April 2012<br> <br> Original release date: Wednesday, April 18, 2012 at 9:55 am<br> Last revised: Wednesday, April 18, 2012 at 9:55 am<br> <br> Oracle has released its Critical Patch Update for April 2012 to address<br> 88 vulnerabilities across multiple products. This updates contains the<br> following security fixes:<br> <br> * 6 for Oracle Database Server * 11 for Oracle Fusion Middleware * 6<br> for Oracle...<br> Wed, 18 Apr 2012 15:09:47 GMT http://seclists.org/cert/2012/53 http://seclists.org/cert/2012/52 <p>Posted by Current Activity on Apr 16</p>US-CERT Current Activity<br> <br> Apple Releases Flashback Malware Security Updates<br> <br> Original release date: Monday, April 16, 2012 at 3:11 pm<br> Last revised: Monday, April 16, 2012 at 3:11 pm<br> <br> Apple has released security updates to address Flashback malware in the<br> following products:<br> <br> * OS X Lion v10.7.3 * OS X Lion Server v10.7.3 * Mac OS X v10.6.8 * Mac<br> OS X Server v10.6.8<br> <br> Apple has released a malware removal tool for the most common variant of<br> the...<br> Mon, 16 Apr 2012 21:12:16 GMT http://seclists.org/cert/2012/52 http://seclists.org/cert/2012/51 <p>Posted by Current Activity on Apr 12</p>US-CERT Current Activity<br> <br> HP ProCurve 5400 zl Switches Security Bulletin<br> <br> Original release date: Thursday, April 12, 2012 at 2:51 pm<br> Last revised: Thursday, April 12, 2012 at 2:51 pm<br> <br> Hewlett-Packard (HP) has released a security bulletin to address a<br> security vulnerability affecting HP 5400 zl series switches purchased<br> after April 30, 2011. These switches contain a compact flash card that<br> may be infected with malware.<br> <br> US-CERT encourages users...<br> Thu, 12 Apr 2012 19:22:32 GMT http://seclists.org/cert/2012/51 http://seclists.org/cert/2012/50 <p>Posted by Current Activity on Apr 11</p>US-CERT Current Activity<br> <br> Samba Releases Updates for 3.0.x - 3.6.3<br> <br> Original release date: Wednesday, April 11, 2012 at 11:00 am<br> Last revised: Wednesday, April 11, 2012 at 11:00 am<br> <br> Samba has released an update to address a vulnerability in Samba<br> versions 3.6.3 and all previous versions. Exploitation of this<br> vulnerability may allow a remote attacker to use anonymous connections<br> to execute arbitrary code with root privileges.<br> <br> US-CERT encourages...<br> Wed, 11 Apr 2012 18:06:51 GMT http://seclists.org/cert/2012/50 http://seclists.org/cert/2012/49 <p>Posted by US-CERT Alerts on Apr 11</p> National Cyber Awareness System<br> <br> Technical Cyber Security Alert TA12-101B<br> <br> Adobe Reader and Acrobat Security Updates and Architectural Improvements<br> <br> Original release date: April 10, 2012<br> Last revised: --<br> Source: US-CERT<br> <br> Systems Affected<br> <br> * Adobe Reader X (10.1.2) and earlier 10.x versions for Windows and Macintosh<br> * Adobe Reader 9.5 and earlier 9.x versions for Windows, Macintosh, and UNIX<br> * Adobe...<br> Wed, 11 Apr 2012 07:45:05 GMT http://seclists.org/cert/2012/49