Home
Up

 

 
Google
 
Web Knobology.com

 

 

 

bullet Adobe_Updates_for_Multiple_Vulnerabilities
bullet Apple_Updates_for_Multiple_Vulnerabilities_For December
bullet Microsoft_Updates_for_Multiple_Vulnerabilities_For December
bullet Apple_QuickTime_RTSP_Buffer_Overflow
bullet Apple_Updates_for_Multiple_Vulnerabilities
bullet Microsoft Updates for Multiple Vulnerabilities for November 2007
bullet Apple_QuickTime_Updates_for_Multiple_Vulnerabilities
bullet Adobe_Updates_for_Microsoft_Windows_URI_Vulnerability
bullet RealNetworks_RealPlayer_ActiveX_Playlist_Vulnerability
bulletOracle_Updates_for_Multiple_Vulnerabilities
bullet Microsoft_Updates_for_Multiple_Vulnerabilities
bullet Microsoft_Updates_for_Multiple_Vulnerabilities
bullet Trend_Micro_ServerProtect_Contains_Multiple_Vulnerabilities
bullet Microsoft_Updates_for_Multiple_Vulnerabilities
bullet Oracle_Releases_Patches_for_Multiple_Vulnerabilities
bullet Mozilla_Updates_for_Multiple_Vulnerabilities
bullet Apple_Releases_Security_Updates_for_QuickTime
bullet Adobe_Flash_Player_Updates_for_Multiple_Vulnerabilities
bulletTechnical_Cyber_Security_Alert_TA07-191A_Microsoft Vulnerabilities for July
bulletTechnical_Cyber_Security_Alert_TA07-177A MIT Kerberos
bullet Microsoft_Updates_for_Multiple_Vulnerabilities
bullet Mozilla_Updates_for_Multiple_Vulnerabilities
bullet Microsoft_Updates_for_Multiple_Vulnerabilities
bullet Apple_Updates_for_Multiple_Vulnerabilities
bullet Oracle_Releases_Patches_for_Multiple_Vulnerabilities
bulletMicrosoft_Windows_DNS_RPC_Buffer_Overflow
bullet Microsoft_Updates_for_Multiple_Vulnerabilities
bulletMIT_Kerberos_Vulnerabilities
bullet Microsoft_Update_for_Windows_Animated_Cursor_Vulnerability
bullet Microsoft_Windows_ANI_header_stack_buffer_overflow
bulletApple_Updates_for_Multiple_Vulnerabilities
bulletSun_Solaris_Telnet_Worm
bullet Sourcefire_Snort_DCE/RPC_Preprocessor_Buffer_Overflow
bulletApple_Updates_for_Multiple_Vulnerabilities
bullet Microsoft_Updates_for_Multiple_Vulnerabilities
bullet Cisco_IOS_is_Affected_by_Multiple_Vulnerabilities
bullet Sun_Updates_for_Multiple_Vulnerabilities_in_Java
bullet Oracle_Releases_Patches_for_Multiple_Vulnerabilities
bullet Microsoft_Updates_for_Multiple_Vulnerabilities
bulletMIT_Kerberos_Vulnerabilities
bulletApple_QuickTime_RTSP_Buffer_Overflow

horizontal rule


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-355A

Adobe Updates for Multiple Vulnerabilities

Original release date: December 21, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Adobe Flash Player 9.0.48.0 and earlier
* Adobe Flash Player 8.0.35.0 and earlier
* Adobe Flash Player 7.0.70.0 and earlier

Overview

Adobe has released Security bulletin APSB07-20 to address multiple
vulnerabilities affecting Adobe Flash Player. Attackers could exploit
these vulnerabilities to execute arbitrary code, perform DNS rebinding
and cross-site scripting attacks, conduct port scans, or cause a
denial of service.

I. Description

Adobe Security Update APSB07-20 addresses a number of vulnerabilities
affecting Adobe Flash 9.0.48.0 and earlier, 8.0.35.0 and earlier and
7.0.70 and earlier. Further details are available in the related
vulnerability notes.

An attacker could exploit these vulnerabilities by convincing a user
to load a specially crafted Flash file. Flash content is widely
deployed on the internet. An attacker could distribute Flash files
using web sites that allow user-supplied content, like popular social
networking sites.

II. Impact

The impacts of these vulnerabilities vary. An attacker may be able to
execute arbitrary code, perform DNS rebinding or cross-site scripting
attacks, conduct port scans, or cause a denial of service.

III. Solution

Upgrade Flash Player

Upgrade Flash Player according to the information in Adobe Security
bulletin APSB97-20. For the port scanning issue (CVE-2007-4324),
consider ActionScript network socket functionality per TechNote
kb402956.

Adobe provides a way to determine which version of Flash Player is
installed and a way to configure notifications of updates.

IV. References

* Vulnerability notes for Adobe Security Update APSB07-20 -
<http://www.kb.cert.org/vuls/byid?searchview&query=APSB07-20>

* Adobe Security Bulletin APSB07-20 - <http://www.adobe.com/support/security/bulletins/apsb07-20.html>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-355A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-355A Feedback VU#758769" in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
_________________________________________________________________

Revision History

December 21, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBR2vXdfRFkHkM87XOAQIkugf+OFoNkAsI7vI15fuTGWKzXTTRazJ/0XjP
8Ao9dQqNJwIBwiyLr/rpuFkV5KuJoU5wr7pj9nG74Nm6VNsTTov52kLa2z4Htx6d
zbDfFADHNpGQvWcXeR+OUsE/yXgMGSfesgooSbLdn9iRLSBZSDDz4WaTdhK4JVkO
snIveVADwWA2vVtGgwclPx0DhxAb57t2nBKQ+pNzsiIedTBiINbWyOG/A8Sst/B9
WuN2GXA1ARmQSTSBy2nuYNeF2g9z3FVRzAcBoMJ0ss0K2RBrcshJcgoZzIatCSlc
z8eQMxldtCaFuyRJTQ2vdwviBWUUlveYANTJJ6sh/rF3/EuwOyS0pg==
=gxJQ
-----END PGP SIGNATURE-----

Scanned By Sophos PureMessage


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Cyber Security Alert SA07-352A

Apple Updates for Multiple Vulnerabilities     

Original release date: December 18, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Apple Mac OS X versions prior to and including 10.4.11 (Tiger) and
10.5.1 (Leopard)

These vulnerabilities affect both Intel-based and PowerPC-based Apple
systems.

Overview

Apple Mac OS X is affected by multiple vulnerabilities. Apple has
released Security Update 2007-009 to address these vulnerabilities,
the most serious of which may allow a remote attacker to take
control of your computer.

Solution

Install an Update

Install Apple Security Update 2007-009 through Software Update.

Description

Apple Mac OS X is affected by multiple vulnerabilities. These
vulnerabilities could allow an attacker to run malicious programs
on your computer, crash your computer, access your data, or
initiate a video conference without your approval.

For more technical information, see US-CERT Technical Alert
TA07-352A.

References

* US-CERT Technical Cyber Security Alert TA07-352A -
<http://www.us-cert.gov/cas/techalerts/TA07-352A.html>

* Vulnerability notes for Apple Security Update 2007-009 -
<http://www.kb.cert.org/vuls/byid?searchview&query=apple-2007-009>

* Apple Security Update 2007-009 -
<http://docs.info.apple.com/article.html?artnum=307179>

* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/alerts/SA07-352A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "SA07-352A Feedback VU#905292" in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
_________________________________________________________________

Revision History

December 18, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBR2hO5PRFkHkM87XOAQLdvAf9EogUokt11opYSyQyDOsIcY/bZJYc3GhA
BeiDtan6rHqLUjCPVuNQBSFMDQm/1V1KPzoPWLwlV4p4aSNYIIImAd7EHReIXJrE
UW6xNq0xJwqOeEY8BDGlcl93wIn6oGxt1GJzrbAeFp87W0bYmR9AORw99sNxuaQV
7gdkLZuAzPkDOJjM7QBxx6IKTvS2Foka49EviO0sFWdPCz5EJiZD1MiLw2LwUvbE
+dBJ9lQDjF06IqNpE8TnUcUGQB1jwil5pasbTBeog+QhdTgfG3GeajlmNAI1ZVb3
GHqR2TQ+/hXxtZkvsVmWlc/djGx8cm31QbmQcWkZ7P5SGemmbUzsPQ==
=7iVx
-----END PGP SIGNATURE-----

Scanned By Sophos PureMessage


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-345A

Microsoft Updates for Multiple Vulnerabilities            

Original release date: December 11, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows
* Microsoft Internet Explorer

Overview

Microsoft has released updates that address critical vulnerabilities
in Microsoft Windows and Internet Explorer. Exploitation of these
vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary commands.

I. Description

Microsoft has released updates to address vulnerabilities that affect
Microsoft Windows and Internet Explorer as part of the Microsoft
Security Bulletin Summary for December 2007. The most severe
vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary commands. For more information, see the US-CERT
Vulnerability Notes Database.

II. Impact

A remote, unauthenticated attacker could execute arbitrary commands on
a vulnerable system.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the
December 2007 security bulletins. The security bulletins describe any
known issues related to the updates. Administrators are encouraged to
note these issues and test for any potentially adverse effects.
Administrators should consider using an automated update distribution
system such as Windows Server Update Services (WSUS).

IV. References

* US-CERT Vulnerability Notes for Microsoft December 2007 updates -
<http://www.kb.cert.org/vuls/byid?searchview&query=ms07-dec>

* Microsoft Security Bulletin Summary for December 2007 -
<http://www.microsoft.com/technet/security/bulletin/ms07-dec.mspx>

* Microsoft Update - <https://www.update.microsoft.com/microsoftupdate/>

* Windows Server Update Services -
<http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-345A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-345A Feedback VU#437393" in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
______________________________________________________________

Revision History

December 11, 2007: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBR18Qd/RFkHkM87XOAQKmPggAizWEwWaIVeYlbdXw6zGMS/zhqNuynvo5
D5gHuhs0UL+V96A8Aa/2c5oLaLDnR6Udk3yC8dSN1tLhwavwlQfXW33kAWWHOHpA
xLzI/szcP/XRS6UgQeWC1caH6SAjdT6wbTBLh4QSa6jODGPpHFyRLbQV2x23XKC7
4ehLACrh+NRpGKSJRffZEkUHDSoFSmSpgQHpOIHHS+mHzJcqtAm8C/v7Y0i5qeRU
uWSqUBLYIhpcOaYGOjbVBOyemRGAUzrNZYbfYhHyP7mF5rYu2jMDF7LwaTwvnKG8
3Ljv6ChkQ+7OzbyFDIDmX1B2ZC/gRUphdZrPkAGqPTChAAv/JbmxkQ==
=lx4/
-----END PGP SIGNATURE-----

Scanned By Sophos PureMessage


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System
Technical Cyber Security Alert TA07-334A

Apple QuickTime RTSP Buffer Overflow

Original release date: November 30, 2007
Last revised: --
Source: US-CERT

Systems Affected

A buffer overflow in Apple QuickTime affects:
* Apple QuickTime for Windows
* Apple QuickTime for Apple Mac OS X

Overview

Apple QuickTime contains a buffer overflow vulnerability in the way
QuickTime processes Real Time Streaming Protocol (RTSP) streams.
Exploitation of this vulnerability could allow an attacker to execute
arbitrary code.

I. Description

Apple QuickTime contains a stack buffer overflow vulnerability in the
way QuickTime handles the RTSP Content-Type header. Most versions of
QuickTime prior to and including 7.3 running on all supported Apple
Mac OS X and Microsoft Windows platforms are vulnerable. Since
QuickTime is a component of Apple iTunes, iTunes installations are
also affected by this vulnerability.

An attacker could exploit this vulnerability by convincing a user to
access a specially crafted HTML document such as a web page or email
message. The HTML document could use a variety of techniques to cause
QuickTime to load a specially crafted RTSP stream. Common web
browsers, including Microsoft Internet Explorer, Mozilla Firefox, and
Apple Safari can be used to pass RTSP streams to QuickTime, exploit
the vulnerability, and execute arbitrary code.

Exploit code for this vulnerability was first posted publicly on
November 25, 2007.

II. Impact

This vulnerability could allow a remote, unauthenticated attacker to
execute arbitrary code or commands and cause a denial-of-service
condition.

III. Solution

As of November 30, 2007, a QuickTime update for this vulnerability is
not available. To block attack vectors, consider the following
workarounds.

Block the rtsp:// protocol

Using a proxy or firewall capable of recognizing and blocking RTSP
traffic can mitigate this vulnerability. Known public exploit code for
this vulnerability uses the default RTSP port 554/tcp, however RTSP
can use a variety of ports.

Disable file association for QuickTime files

Disable the file association for QuickTime file types. This can be
accomplished by deleting the following registry keys:
HKEY_CLASSES_ROOT\QuickTime.*

This will remove the association for approximately 32 file types that
are configured to open with QuickTime Player.

Disable the QuickTime ActiveX controls in Internet Explorer

The QuickTime ActiveX controls can be disabled in Internet Explorer by
setting the kill bit for the following CLSIDs:
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
{4063BE15-3B08-470D-A0D5-B37161CFFD69}

More information about how to set the kill bit is available in
Microsoft Knolwedgebase Article 240797. Alternatively, the following
text can be saved as a .REG file and imported to set the kill bit for
these controls:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX
Compatibility\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}]
"Compatibility Flags"=dword:00000400

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX
Compatibility\{4063BE15-3B08-470D-A0D5-B37161CFFD69}]
"Compatibility Flags"=dword:00000400

Disable the QuickTime plug-in for Mozilla-based browsers

Users of Mozilla-based browsers, such as Firefox can disable the
QuickTime plugin, as specified in the PluginDoc article Uninstalling
Plugins.

Disable JavaScript

For instructions on how to disable JavaScript, please refer to the
Securing Your Web Browser document. This can help prevent some attack
techniques that use the QuickTime plug-in or ActiveX control.

Secure your web browser

To help mitigate these and other vulnerabilities that can be exploited
via a web browser, refer to Securing Your Web Browser.

Do not access QuickTime files from untrusted sources

Do not open QuickTime files from any untrusted sources, including
unsolicited files or links received in email, instant messages, web
forums, or internet relay chat (IRC) channels.

References

* US-CERT Vulnerability Note VU#659761 - <http://www.kb.cert.org/vuls/id/659761>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>

* Mozilla Uninstalling Plugins -
<http://plugindoc.mozdev.org/faqs/uninstall.html>

* How to stop an ActiveX control from running in Internet Explorer - <http://support.microsoft.com/kb/240797>

* IETF RFC 2326 Real Time Streaming Protocol - <http://tools.ietf.org/html/rfc2326>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-334A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-334A Feedback VU#659761" in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
_________________________________________________________________

Revision History

November 30, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBR1ArKvRFkHkM87XOAQJg7wf/X4wAipFWO2ZJ5MdPzTwzE+x1OUIJxenP
cFuLApajAMZ33yAyTTjA0sYhKveYhxSwqQTetEPiAWp5r/KPkJL5ugkeSvtzbAgf
U6rsCICcRpjPJ7IjqsW/u6Hk2PBVqWwgip+FhZG5J5mjRPUdRr3JbmKlsEm/XDxi
+ENxwrAgcoQHkLn76xn/9+1vTbI3zxi0GoyAR+GIFzs+Fsn+LazMCCrDI4ltPMnS
c+Qpa3/qkOC+svz63yyHBjhq6eT2HQBP/X/50syweUOf4SrpDOdexX+mRPr03i6+
9byGzjid5sObMAbpH1AzCtiDB56ai3zf+G5qV0uK2ziXihvNEn7JKA==
=Jc+L
-----END PGP SIGNATURE-----

Scanned By Sophos PureMessage


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-319A

Apple Updates for Multiple Vulnerabilities    

Original release date: November 15, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Apple Mac OS X version 10.3.x and 10.4.x
* Apple Mac OS X Server version 10.3.x and 10.4.x

These vulnerabilities affect both Intel-based and PowerPC-based Apple
systems.

Overview

Apple has released Mac OS X 10.4.11 and Security Update 2007-008 to
address multiple vulnerabilities affecting Apple Mac OS X and Mac OS X
Server. The most serious of these vulnerabilities may allow a remote
attacker to execute arbitrary code. Attackers may take advantage of
the less serious vulnerabilities to bypass security restrictions or
cause a denial of service.

I. Description

Apple Mac OS X 10.4.11 and Security Update 2007-008 address a number
of vulnerabilities affecting Apple Mac OS X and OS X Server. Further
details are available in the related vulnerability notes.

Several of the fixes included in this update address vulnerabilities
in products from other vendors that ship with Apple OS X or OS X
Server. These products include

* BIND
* bzip2
* Adobe Flash
* MIT Kerberos

Apple Mac OS X 10.4.11 and Security Update 2007-008 address
vulnerabilities for versions 10.3.x and 10.4.x.

II. Impact

The impacts of these vulnerabilities vary. Potential consequences
include remote execution of arbitrary code or commands, bypass of
security restrictions, and denial of service.

III. Solution

Install updates from Apple

Install Mac OS X 10.4.11 or Apple Security Update 2007-008. This and
other updates are available via Apple Update or via Apple Downloads.

IV. References

* Vulnerability notes for Apple Security Update 2007-008 -
<http://www.kb.cert.org/vuls/byid?searchview&query=apple_2007_008>

* About the security content of Mac OS X 10.4.11 and Security Update
2007-008 - <http://docs.info.apple.com/article.html?artnum=307041>

* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>

* Apple downloads - <http://www.apple.com/support/downloads/>

* ISC BIND - <http://www.isc.org/sw/bind/>

* bzip2 : Home - <http://www.bzip.org/>

* Adobe - Adobe Flash Player -
<http://www.adobe.com/products/flashplayer/>

* Kerberos: The Network Authentication Protocol -
<http://web.mit.edu/Kerberos/>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-319A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-319A Feedback VU#498105" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

November 15, 2007: Initial release




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRzx7ZvRFkHkM87XOAQJfIQgAmTZfjJAY/QTweUmvZtOJ9JQ4e/Gj0sE9
OPSrK/SplP92WUL1Ucb8I/VUSQEXXJhNv9dTCMcy7IMpqhx4UxPA6fBKWDJ+nUFi
sx/60EOAiIVW+yYK79VdoI1jrSs48E+CNdqEJCQcjUCVi29eGAdW63H2jOZV37/F
4iQBZYRqhiycZ9FS+S+9aRfMhfy8dEOr1UwIElq6X/tSwss1EKFSNrK5ktGifUtB
AJ+LJVBt2yZOIApcGhsxC3LYUDrDfhqGLIVM2XBc1yuV7Y2gaH4g9Txe+fWK79X2
LYHvhv2xtgLweR12YC+0hT60wSdrDTM6ZW0//ny25LZ7Y7D46ogSWQ==
=AgEr
-----END PGP SIGNATURE-----


Processed by Sophos Pure Message


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Cyber Security Alert SA07-317A

Microsoft Updates for Multiple Vulnerabilities           

Original release date: November 13, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows

Overview

A vulnerability in Microsoft Windows could allow an attacker to gain
control of your computer.

Solution

Install updates

Microsoft has released updates to remedy a vulnerability in Microsoft
Windows.

Updates for Microsoft Windows are available on the Microsoft Update
site. We also recommend enabling Automatic Updates.

Description

A vulnerability in Microsoft Windows may allow an attacker to access
your computer, install and run malicious software on your computer, or
cause it to crash.

More technical information is available in US-CERT Technical Cyber
Security Alert TA07-317A.

References

* US-CERT Technical Cyber Security Alert TA07-317A -
<http://www.us-cert.gov/cas/techalerts/TA07-317A.html>

* Microsoft security updates for November 2007 -
<http://www.microsoft.com/protect/computer/updates/bulletins/200711.mspx>

* US-CERT Vulnerability Notes for Microsoft November 2007 updates -
<http://www.kb.cert.org/vuls/byid?searchview&query=ms07-nov>

* Microsoft Security at Home - <http://www.microsoft.com/protect/>

* Microsoft Update - <https://update.microsoft.com/microsoftupdate/>

* Microsoft Automatic Updates -
<http://www.microsoft.com/athome/security/update/msupdate_keep_current.mspx#EZB>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/alerts/SA07-317A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "SA07-317A Feedback VU#484649" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

November 13, 2007: Initial release




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRzoChvRFkHkM87XOAQKatAf/W6DFSHDBnybpF4OK+WO3F68DxD0FKlqB
jyGJAkaiMAe9reft93ShKe4YmUi7AY0PMYFrN6DPYPsgRUbQixdw1V5MWHMaAEnn
KyQd2RGyQ1tzFW//PVs2a8VNOOyhk/JGeLyWU7TwN+dRaC+9n4PakTYkSL6hjKuH
/JIdvSjJ+g6/gl6f3YaXHReeDWB3BW8eLI50uwLlKFwBYh/+PFWax52YFPnlzRvk
yoqxfPmfNFWPPD2e3p5VVnwBh93q46Tba2uj8bpCeY5DVIhlrM7I0PDPS8oRaULP
i+XgUkBC03DYY+vMBoh02q2R5V1z6rSN1JwZJRfzjML4eZ36D7lU5g==
=/lDg
-----END PGP SIGNATURE-----


Processed by Sophos Pure Message


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System
Technical Cyber Security Alert TA07-310A

Apple QuickTime Updates for Multiple Vulnerabilities

Original release date: November 06, 2007
Last revised: --
Source: US-CERT

Systems Affected

Vulnerabilities in Apple QuickTime affect
* Apple Mac OS X
* Microsoft Windows

Overview

Apple QuickTime contains multiple vulnerabilities. Exploitation of
these vulnerabilities could allow a remote attacker to execute
arbitrary code or cause a denial-of-service condition.

I. Description

Apple QuickTime 7.3 resolves multiple vulnerabilities in the way
different types of image and media files are handled. An attacker
could exploit these vulnerabilities by convincing a user to access a
specially crafted image or media file that could be hosted on a web
page.

Note that Apple iTunes installs QuickTime, so any system with iTunes
is vulnerable.

II. Impact

These vulnerabilities could allow a remote, unauthenticated attacker
to execute arbitrary code or commands and cause a denial-of-service
condition. For further information, please see About the security
content of QuickTime 7.3.

III. Solution

Upgrade QuickTime

Upgrade to QuickTime 7.3. This and other updates for Mac OS X are
available via Apple Update.

Secure your web browser

To help mitigate these and other vulnerabilities that can be exploited
via a web browser, refer to Securing Your Web Browser.

References

* About the security content of the QuickTime 7.3 Update -
<http://docs.info.apple.com/article.html?artnum=306896>

* How to tell if Software Update for Windows is working correctly when no updates are available -
<http://docs.info.apple.com/article.html?artnum=304263>

* Apple QuickTime Download - <http://www.apple.com/quicktime/download/>

* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-310A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-310A Feedback VU#208011" in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
_________________________________________________________________

Revision History

November 6, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRzD0F/RFkHkM87XOAQLSVwf+LsCvcentaE5ATCISYhYd31ionkGNS9cn
LeBC+yCyR330ztfQ9iBphoxxp+fYKpa/RRfnFHqJlv80HYYOiJvnunCdOY5IAbo5
ZyS2vou/ArW5WzJqk9Yq+31hClKQOIoLf/+NcUc7iKkfSBUC8/RsspascX31a1U+
dMF217Q/i9imjMhHr+PXZagRT1naUo8ygeDZ+94Vq+3XUB6qZb6rux8vFdVX3nEY
yvg02JJTVpHy14Nk0KXfXwEq2Hc9uNTa/KwKknJMVqzev4eCAn+/wb424JxoKhqG
lthnzMr/US4Q0NLKpFStcNyETEiKgM9RuZ4v6OWc+nJKVe+QwrDYhQ==
=9WUY
-----END PGP SIGNATURE-----

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
	National Cyber Alert System
   Technical Cyber Security Alert TA07-297B

Adobe Updates for Microsoft Windows URI Vulnerability
   Original release date: October 24, 2007
   Last revised: --
   Source: US-CERT
Systems Affected
   Microsoft Windows XP and Windows Server 2003 systems with Internet
   Explorer 7 and any of the following Adobe products:
     * Adobe Reader 8.1 and earlier
     * Adobe Acrobat Professional, 3D, and Standard 8.1 and earlier
     * Adobe Reader 7.0.9 and earlier
     * Adobe Acrobat Professional, 3D, Standard, and Elements 7.0.9 and
       earlier
Overview
   Adobe has released updates for the Adobe Reader and Adobe Acrobat
   product families. The update addresses a URI handling vulnerability in
   Microsoft Windows XP and Server 2003 systems with Internet Explorer 7.
I. Description
   Installing Microsoft Internet Explorer (IE) 7 on Windows XP or Server
   2003 changes the way Windows handles Uniform Resource Identifiers
   (URIs). This change has introduced a flaw that can cause Windows to
   incorrectly determine the appropriate handler for the protocol
   specified in a URI. By creating a specially crafted URI in a PDF
   document, an attacker can execute arbitrary commands on a vulnerable
   system. More information about this vulnerability is available in
   US-CERT Vulnerability Note VU#403150.
   Public reports indicate that this vulnerability is being actively
   exploited with malicious PDF files. Adobe has released Adobe Reader
   8.1.1 and Adobe Acrobat 8.1.1, which mitigate this vulnerability.
II. Impact
   By convincing a user to open a specially crafted PDF file, a remote,
   unauthenticated attacker may be able to execute arbitrary commands.
III. Solution
Apply an update
   Adobe has released Adobe Reader 8.1.1 and Adobe Acrobat 8.1.1 to
   address this issue. These Adobe products handle URIs in a way that
   mitigates the vulnerability in Microsoft Windows.
Disable the mailto: URI in Adobe Reader and Adobe Acrobat
   If you are unable to install an updated version of the software, this
   vulnerability can be mitigated by disabling the mailto: URI handler in
   Adobe Reader and Adobe Acrobat. Please see Adobe Security Bulletin
   APSB07-18 for details.

Appendix A. Vendor Information
Adobe
   For information about updating affected Adobe products, see Adobe
   Security Bulletin APSB07-18.
Appendix B. References
    * Adobe Security Bulletin APSB07-18 -
      <http://www.adobe.com/support/security/bulletins/apsb07-18.htm>
    * Microsoft Security Advisory (943521) -
      <http://www.microsoft.com/technet/security/advisory/943521.mspx>
    * US-CERT Vulnerability Note VU#403150 -
      <http://www.kb.cert.org/vuls/id/403150>
 _________________________________________________________________
   The most recent version of this document can be found at:
     <http://www.us-cert.gov/cas/techalerts/TA07-297B.html>
 _________________________________________________________________
   Feedback can be directed to US-CERT Technical Staff. Please send
   email to <cert@cert.org> with "TA07-297B Feedback VU#403150" in the
   subject.
 _________________________________________________________________
   For instructions on subscribing to or unsubscribing from this
   mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
 _________________________________________________________________
   Produced 2007 by US-CERT, a government organization.
   Terms of use:
     <http://www.us-cert.gov/legal.html>
 _________________________________________________________________
Revision History
   October 24, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iQEVAwUBRx+8WPRFkHkM87XOAQIrOQf/USsBbfDmKZ4GCi8W2466mI+kZoEHoe/H
3l3p4/1cuFGoPHFfeDLbG+alXiHSAdXoX7Db34InEUKMs7kRUVPEdW9LggI9VaTJ
lKnZJxM3dXL+zPCWcDkNqrmmzyJuXwN5FmSXhlcnN4+FRzNrZYwDe1UcOk3q6m1s
VNPIBTrqfSuFRllNt+chV1vQ876LLweS+Xh1DIQ/VIyduqvTogoYZO4p2A0YJD57
4y0obNuk+IhgzyhZHtSsR0ql7rGrFr4S97XUQGbKOAZWcDzNGiXJ5FkrMTaP25OI
LazBVDofVz8ydUcEkb4belgv5REpfYUJc9hRbRZ+IpbAay2j42m8NQ==
=PgB9
-----END PGP SIGNATURE-----
 



-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

National Cyber Alert System
Cyber Security Alert SA07-297A

RealNetworks RealPlayer ActiveX Playlist Vulnerability

Original release date: October 24, 2007
Last revised: --
Source: US-CERT

Systems Affected

* RealPlayer 11 beta
* RealPlayer 10.5
* RealPlayer 10
* RealOne Player v2
* RealOne Player

Overview

RealNetworks RealPlayer for Microsoft Windows contains a vulnerability
that could allow an attacker to take control of your computer when you
visit a malicious web site.

Solution

Upgrade and install a patch

RealNetworks has released a patch to address this vulnerability.
Information about the vulnerability and the patch is available in
RealPlayer Security Vulnerability and Security Update for Real Player.
* RealPlayer 10.5 and RealPlayer 11 beta users should install the
patch.
* RealOne Player v2, and RealPlayer 10 users should upgrade to
RealPlayer 10.5 or RealPlayer 11 beta and then install the patch.

Windows versions of RealPlayer 8 and earlier are not affected.
Mactintosh and Linux versions of RealPlayer are not affected.

Disable ActiveX for untrusted web sites

Disabling ActiveX in the Internet Zone (or any zone used by an
attacker) reduces the chances of exploitation of this and other
vulnerabilities. Instructions for disabling ActiveX in the Internet
Zone can be found in the "Securing Your Web Browser" document.

There are public reports that this vulnerability is being actively
exploited.

Description

A buffer overflow in the way RealPlayer handles playlists received
from an ActiveX control on a web page could allow an attacker to
access your computer, install and run malicious software on your
computer, or cause it to crash.

More technical information is available in US-CERT Technical Cyber
Security Alert TA07-297A and Vulnerability Note VU#871673.

References

* RealNetworks RealPlayer Security Update -
<http://service.real.com/realplayer/security/191007_player/en/>

* Security Update for RealPlayer -
<http://docs.real.com/docs/security/SecurityUpdate101907Player.pdf>

* US-CERT Technical Cyber Security Alert TA07-297A -
<http://www.us-cert.gov/cas/techalerts/TA07-297A.html>

* US-CERT Vulnerability Note VU#871673 -
<http://www.kb.cert.org/vuls/id/871673>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/#Internet_Explorer>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/alerts/SA07-297A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "SA07-297A Feedback VU#871673" in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
_________________________________________________________________

Revision History

October 24, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRx+bRPRFkHkM87XOAQK5tQf/ZMQAEfnLtS3QTAtayioNbJ4hB3ccG73H
ew/1cw7H4jxOuNVyIeHcExKfddkR0+MXWnhreTfx1obN7dBc7CfaNqfsO9eJow1h
57Isp8dRzWnysdrLggZLq8EBqVo0X+Cw8AU7Db9CC/ciL43B45hkCXmfQrjK7pgB
L3V2CLROQapEXq08N0WG1h6ViW9eLqCEcnYPR+X3L+roI6C0/B6pHqf/xlVznKPL
67VM8v40kVEf2ARh/jfDe2TCqOWBqB/nqUz5RT8/bl7vqjqdZm/QwecxPqPTZIPM
YwJVB578Eqz+KqZISS7te3vSRp51Abg8mtSgBsSrSjiYSUISteEoAA==
=W+3F
-----END PGP SIGNATURE-----



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-290A

Oracle Updates for Multiple Vulnerabilities

Original release date: October 17, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Oracle Database 10g
* Oracle 9i Database
* Oracle Enterprise Manager 10g Database Control
* Oracle Application Server 10g
* Oracle Collaboration Suite 10g
* Oracle PeopleSoft Enterprise
* Oracle E-Business Suite
* Oracle PeopleSoft Enterprise Human Capital Management

For more information regarding affected product versions, please see
the Oracle Critical Patch Update - October 2007.

Overview

Oracle products and components are affected by multiple
vulnerabilities. The impacts of these vulnerabilities include remote
execution of arbitrary code, information disclosure, and denial of
service.

I. Description

Oracle has released Critical Patch Update - October 2007. This update
addresses more than forty vulnerabilities in different Oracle products
and components.

The Critical Patch Update provides information about affected
components, access and authorization required, and the impact from the
vulnerabilities on data confidentiality, integrity, and availability.
MetaLink customers should refer to MetaLink Note 394487.1 (login
required) for more information on terms used in the Critical Patch
Update.

According to Oracle, none of the vulnerabilities corrected in the
Oracle Critical Patch Update affect Oracle Database Client-only
installations.

In most cases, Oracle does not associate Vuln# identifiers (e.g.,
DB01) with other available information. If significant additional
details about vulnerabilities and remediation techniques become
available, we will update the Vulnerability Notes Database.

II. Impact

The impact of these vulnerabilities varies depending on the product,
component, and configuration of the system. Potential consequences
include the execution of arbitrary code or commands, information
disclosure, and denial of service. Vulnerable components may be
available to unauthenticated, remote attackers. An attacker who
compromises an Oracle database may be able to gain access to sensitive
information.

III. Solution

Apply a patch

Apply the appropriate patches or upgrade as specified in the Oracle
Critical Patch Update - October 2007. Note that this Critical Patch
Update only lists newly corrected issues. Updates to patches for
previously known issues are not listed.

As noted in the update, some patches are cumulative, others are not:

The Oracle Database, Oracle Application Server, Oracle Enterprise
Manager Grid Control, Oracle Collaboration Suite, JD Edwards
EnterpriseOne and OneWorld Tools, and PeopleSoft Enterprise Portal
Applications patches in the Updates are cumulative; each successive
Critical Patch Update contains the fixes from the previous Critical
Patch Updates.
Oracle E-Business Suite and Applications patches are not
cumulative, so E-Business Suite and Applications customers should
refer to previous Critical Patch Updates to identify previous fixes
they wish to apply.

Patches for some platforms and components were not available when the
Critical Patch Update was published on October 17, 2007. Please see
MetaLink Note 360465.1 (login required) for more information.

Known issues with Oracle patches are documented in the
pre-installation notes and patch readme files. Please consult these
documents specific to your system before applying patches.

Appendix A. Vendor Information

Oracle

Please see Oracle Critical Patch Update - October 2007 and Critical
Patch Updates and Security Alerts.

Appendix B. References

* Critical Patch Update - October 2007 -
<http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2007.html>

* Critical Patch Updates and Security Alerts -
<http://www.oracle.com/technology/deploy/security/alerts.htm>

* Map of Public Vulnerability to Advisory/Alert -
<http://www.oracle.com/technology/deploy/security/pdf/public_vuln_to_advisory_mapping.html>

* Oracle Database Security Checklist (PDF) -
<http://www.oracle.com/technology/deploy/security/pdf/twp_security_checklist_db_database.pdf>

* MetaLink Note 360465.1 (login required) -
<https://metalink.oracle.com/metalink/plsql/f?p=200:37:386501049664454700::::p_database_id,p_id,p_template:Not,360465.1,0>

* Details Oracle Critical Patch Update October 2007 -
<http://www.red-database-security.com/advisory/oracle_cpu_oct_2007.html>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-290A.html>
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

October 17, 2007: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRxZc1PRFkHkM87XOAQIyogf+PJ0RLVWBZMzR+Jn8pQ3398NbqIERMLPA
xqxrWbPAu0EChmguWg4eYUzfMMg6W0rbmVVgmilZsW8eL3UVeMjzX8hBVhyaQUXy
RXsKJIpTVhL3dgHr6z9mA+Y2VfQspYstAXtVAGjEvCvzuJJqoY/R5ZRitXuRgfGY
i1l1mt4rc/A2IoaanlJSJJtH6kxZ42dZWiGZCRdqemmBIUvL9kWY7jlgOh7Hifdc
U2zkCNioBLYFxk+cn9CKAvMlBOtbcsryRLPt5e32lCE7I4NSA87xM/4c8J86Weyw
y0prw11nwX3LXa7k96b5Kmb/bjDovgQ/O12SkRs9XS2+uHtvEbUXFw==
=1546
-----END PGP SIGNATURE-----



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-282A

Microsoft Updates for Multiple Vulnerabilities 

Original release date: October 9, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows
* Microsoft Internet Explorer
* Microsoft Outlook Express and Windows Mail
* Microsoft Office
* Microsoft Office for Mac
* Microsoft SharePoint

Overview

Microsoft has released updates that address critical vulnerabilities
in Microsoft Windows, Microsoft Internet Explorer, Microsoft Outlook
Express and Windows Mail, Microsoft Office, Microsoft Office for Mac,
and Microsoft SharePoint. Exploitation of these vulnerabilities could
allow a remote, unauthenticated attacker to execute arbitrary code or
cause a denial of service on a vulnerable system.

I. Description

Microsoft has released updates to address vulnerabilities that affect
Microsoft Windows, Microsoft Internet Explorer, Microsoft Outlook
Express and Windows Mail, Microsoft Office, Microsoft Office for Mac,
and Microsoft SharePoint as part of the Microsoft Security Bulletin
Summary for October 2007. The most severe vulnerabilities could allow
a remote, unauthenticated attacker to execute arbitrary code or cause
a denial of service on a vulnerable system.

Further information about the vulnerabilities addressed by these
updates is available in the Vulnerability Notes Database.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code on a
vulnerable system. An attacker may also be able to cause a denial of
service.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the
October 2007 security bulletins. The security bulletins describe any
known issues related to the updates. Administrators are encouraged to
note any known issues that are described in the bulletins and test for
any potentially adverse effects.

System administrators should consider using an automated patch
distribution system such as Windows Server Update Services (WSUS).

IV. References

* US-CERT Vulnerability Notes for Microsoft October 2007 updates -
<http://www.kb.cert.org/vuls/byid?searchview&query=ms07-oct>

* Microsoft Security Bulletin Summary for October 2007 -
<http://www.microsoft.com/technet/security/bulletin/ms07-oct.mspx>

* Microsoft Update - <https://update.microsoft.com/microsoftupdate/>

* Windows Server Update Services -
<http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>

* Securing Your Web Browser -
<http://www.cert.org/tech_tips/securing_browser/>

* Mactopia - <http://www.microsoft.com/mac/>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-282A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-282A Feedback VU#569041" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

October 9, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRwvTGvRFkHkM87XOAQL0ZQgAhIOH3izST8xU1Xm3NQ65FRJumacpXdOl
OtDoysTaQBZcQN+4OikFztqNZuJHVUVRLvRZKO6k6cOfYq8oaaDDzlGiJP3yfl/u
byveiGWdgCnr1RlQdM/GG7Wz2JGK/4WsXc1K1dvHclswyFSC9/sYV7Gmj/aPo6aW
T7fJBlQFE+ffy3/6sQ8fhtXP2dwJgQ2uT+UyaFvZiG65efH+qOXXmSBy2CkyV2zJ
rdTSUqhp5nVUChwl/jYjywUVAUUqEM69P0E4t5VtOdhNYIz5fZH4uuJ4M+HM451Z
T9kGF4wi94QM9xPZzcb0+mthBXa/zzQNT5mV5GcorKTzJpSIGmCZUQ==
=Xij6
-----END PGP SIGNATURE-----



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-254A

Microsoft Updates for Multiple Vulnerabilities 

Original release date: September 11, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows
* Microsoft Visual Studio
* Microsoft Windows Services for Unix
* Microsoft MSN Messenger

Overview

Microsoft has released updates that address critical vulnerabilities
in Microsoft Windows, Microsoft Visual Studio, Microsoft Windows
Services for Unix, and Microsoft MSN Messenger. Exploitation of these
vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary code or cause a denial of service on a vulnerable
system.

I. Description

Microsoft has released updates to address vulnerabilities that affect
Microsoft Windows, Microsoft Visual Studio, Microsoft Windows Services
for Unix and Microsoft MSN Messenger as part of the Microsoft Security
Bulletin Summary for September 2007. The most severe vulnerabilities
could allow a remote, unauthenticated attacker to execute arbitrary
code or cause a denial of service on a vulnerable system.

Further information about the vulnerabilities addressed by these
updates is available in the Vulnerability Notes Database.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code on a
vulnerable system. An attacker may also be able to cause a denial of
service.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the
September 2007 security bulletins. The security bulletins describe any
known issues related to the updates. Administrators are encouraged to
note any known issues that are described in the bulletins and test for
any potentially adverse effects.

System administrators should consider using an automated patch
distribution system such as Windows Server Update Services (WSUS).

IV. References

* US-CERT Vulnerability Notes for Microsoft September 2007 updates -
<http://www.kb.cert.org/vuls/byid?searchview&query=ms07-sep>

* Microsoft Security Bulletin Summary for September 2007 -
<http://www.microsoft.com/technet/security/bulletin/ms07-sep.mspx>

* Microsoft Update -
<https://update.microsoft.com/microsoftupdate/>

* Windows Server Update Services -
<http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-254A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-254A Feedback VU#716872" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

September 11, 2007: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRubwtPRFkHkM87XOAQK+wwf/RTjTr3ndtczDA1D4n3f+0o5Nz1pJ/2PV
VL0YpmJaA1M0MKfQU9QhNvzZhQcIVfrk0kvTqod5J6zZ9IHmYyXRcdk0OEGQafIF
EVmljAf4i2rOkGqh9MbsRjeKClZ+V96oORTew9Ub2mtS1EWvnpWSRAaEYfdO6ZQZ
ix90Uj+2hF5D4dIiLoCSM0oYi9IgkoW68xYUuNUFaS/sx6utueHZGsjJpm0wgVfJ
7TH9BlZ3khOhDZyyKkPEe2csojnDk/D+163l25m4Uu18PDu7/1o1lGgImDte5SgZ
5aVnSg2Mr47zrB5We3vuxPVzV1t/v8jjmPEf0ELT+je6WZ+Rllgw1A==
=/2qY
-----END PGP SIGNATURE-----



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-235A

Trend Micro ServerProtect Contains Multiple Vulnerabilities

Original release date: August 23, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Trend Micro ServerProtect for Windows/Novell Netware

Overview

A number of vulnerabilities exist in the Trend Micro ServerProtect
antivirus product. These vulnerabilities could allow a remote attacker
to completely compromise an affected system.

I. Description

Multiple buffer overflow vulnerabilities and an integer overflow
vulnerability have been discovered in the RPC interfaces used by
various components in Trend Micro's ServerProtect software package.
These vulnerabilities could be exploited by a remote attacker with the
ability to supply a specially crafted RPC request to the system
running the affected software.

Further information about the vulnerabilities is available in the
Vulnerability Notes Database.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code on a
vulnerable system. The attacker-supplied code would be executed with
system privileges, resulting in a complete compromise of the affected
system.

III. Solution

Apply updates from Trend Micro

Trend Micro has provided an update for these vulnerabilities in

ServerProtect 5.58 for Windows NT/2000/2003 Security Patch 4 -
Build 1185

Administrators are encouraged to review this notice and apply the
patch as soon as possible.

Restrict network access to the affected components

Until the patch can be applied, administrators may wish to block
access to the vulnerable software from outside their network
perimeters, specifically by blocking access to the ports used by the
ServerProtect service (5186/tcp) and the ServerProtect Agent service
(3628/tcp). This will limit exposure to attacks; however, attackers
within the network perimeter could still exploit the vulnerabilities.

IV. References

* US-CERT Vulnerability Notes for Trend Micro ServerProtect Security
Patch 4 -
<http://www.kb.cert.org/vuls/byid?searchview&query=spnt_558_win_en_securitypatch4>
* README for Trend Micro ServerProtect 5.58 for Windows NT/2000/2003
Security Patch 4 - Build 1185 -
<http://www.trendmicro.com/ftp/documentation/readme/spnt_558_win_en_securitypatch4_readme.txt>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-235A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-235A Feedback VU#959400" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

August 23, 2007: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRs3klPRFkHkM87XOAQL7zAf+PXpaSnXpigRzucYQBATk81xcjzQXhoQx
HSGK1rJfxF6rQfyP/KpoBxMLLVvFkPbixK/Q2Cc3h5SGRzLPk6KANXIW+dJ3lMVl
q0DHKdr8MLtczp+rQv8Dzhwoi+AT1DYmlqEnW0Rb1X5vSK26y1tUNbrIPmVocpIK
DcxFVuFS7NEBIgQEopnZn4cXq59uavjuNR9QMFfekZcM1dMvxkYEG46fY9oggSdD
DPHqg9fkfTZ8ARnzy44L6PMMkRtOTIdCOCfmTj/leC8Y+HggScZ2SziV3CxKvJVZ
2dCMGMkoPlPujqQxgR1L5DAT47KVYR5QbzbVqTFsUiNYH4pJ4W5G1g==
=v2XA
-----END PGP SIGNATURE-----



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-226A

Microsoft Updates for Multiple Vulnerabilities       

Original release date: August 14, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows
* Microsoft Internet Explorer
* Microsoft Windows Media Player
* Microsoft Office
* Microsoft Office for Mac
* Microsoft XML Core Services
* Microsoft Visual Basic
* Microsoft Virtual PC
* Microsoft Virtual Server

Overview

Microsoft has released updates that address critical vulnerabilities
in Microsoft Windows, Internet Explorer, Windows Media Player, Office,
Office for Mac, XML Core Services, Visual Basic, Virtual PC, and
Virtual Server. Exploitation of these vulnerabilities could allow a
remote, unauthenticated attacker to execute arbitrary code or cause a
denial of service on a vulnerable system.

I. Description

Microsoft has released updates to address vulnerabilities that affect
Microsoft Windows, Internet Explorer, Windows Media Player, Office,
Office for Mac, XML Core Services, Visual Basic,Virtual PC, and
Virtual Server as part of the Microsoft Security Bulletin Summary for
August 2007. The most severe vulnerabilities could allow a remote,
unauthenticated attacker to execute arbitrary code or cause a denial
of service on a vulnerable system.

Further information about the vulnerabilities addressed by these
updates is available in the Vulnerability Notes Database

II. Impact

A remote, unauthenticated attacker could execute arbitrary code on a
vulnerable system. An attacker may also be able to cause a denial of
service.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the August
2007 Security Bulletins. The Security Bulletins describe any known
issues related to the updates. Administrators are encouraged to note
any known issues that are described in the Bulletins and test for any
potentially adverse effects.

Updates for Microsoft Windows and Microsoft Office XP and later are
available on the Microsoft Update site. Microsoft Office 2000 updates
are available on the Microsoft Office Update site. Apple Mac OS X
users should obtain updates from the Mactopia web site.

System administrators may wish to consider using an automated patch
distribution system such as Windows Server Update Services (WSUS).

IV. References

* US-CERT Vulnerability Notes for Microsoft August 2007 updates -
<http://www.kb.cert.org/vuls/byid?searchview&query=ms07-aug>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>

* Microsoft Security Bulletin Summary for August 2007 -
<http://www.microsoft.com/technet/security/bulletin/ms07-aug.mspx>

* Microsoft Update - <https://update.microsoft.com/microsoftupdate/>

* Microsoft Office Update - <http://officeupdate.microsoft.com/>

* Windows Server Update Services -
<http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>

* Mactopia - <http://www.microsoft.com/mac/>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/alerts/TA07-226A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-226A Feedback VU#361968" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

August 14, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRsIPdvRFkHkM87XOAQI0pAgAqwe7XJni4X4VcqfNQIZU1XiXDE04/3W+
Tl4jOtH9nxmwmQtUSMrTjrmtxB97DbA9sd6F5kYwwHB3MnPEY4lVe/zifmjQRH1o
lvMYH/Zd6KnGU3FFX/w4gZ1x1A/QTpIvXLXTKdFd/vyQxTHqEvZxttpH7BHpt92O
MQem58NVIKLxpZ2a1KAh2kdkDRT8sP8vO8G6gKyY1PVHwHSJJW9JKeVzxzGV9kuL
+wCZOGGcq6DWxUt71XDK8MEvVoMpwwwxIHazG33a2ybepC3Bg4heILEj6urUaF2N
wlkFIzGGfzwVTzDi88VP9ZXHcffJfMOLUA5jeh84rAElYciQIysGvg==
=glfP
-----END PGP SIGNATURE-----


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-200A

Oracle Releases Patches for Multiple Vulnerabilities

Original release date: July 19, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Oracle Database
* Oracle Application Server
* Oracle Collaboration Suite
* Oracle E-Business Suite and Applications
* Oracle PeopleSoft Enterprise and JD EnterpriseOne

For more detailed information regarding affected product versions,
refer to the Oracle Critical Patch Update - July 2007.

Overview

Oracle has released patches to address numerous vulnerabilities in
different Oracle products. The impacts of these vulnerabilities
include remote execution of arbitrary code, information disclosure,
and denial of service.

I. Description

Oracle has released the Critical Patch Update - July 2007. According
to Oracle, this Critical Patch Update (CPU) includes the following new
security fixes:
* 17 for the Oracle Databases
* 1 for Oracle Internet Directory
* 1 for Oracle Application Express
* 4 for the Oracle Application Server
* 1 for Oracle Collaboration Suite
* 14 for the Oracle E-Business Suite
* 3 for Oracle PeopleSoft Enterprise PeopleTools
* 2 for PeopleSoft Enterprise Customer Relationship Management
* 2 for PeopleSoft Enterprise Human Capital Management

Many Oracle products include or share code with other vulnerable
Oracle products and components. Therefore, one vulnerability may
affect multiple Oracle products and components. Refer to the July 2007
CPU for details regarding which vulnerabilities affect specific Oracle
products and components.

For a list of publicly known vulnerabilities addressed in the July
2007 CPU, refer to the Map of Public Vulnerability to Advisory/Alert.
The July 2007 CPU does not associate Vuln# identifiers (e.g., DB01)
with other available information, even in the Map of Public
Vulnerability to Advisory/Alert document. As more details about
vulnerabilities and remediation strategies become available, we will
update the individual vulnerability notes.

II. Impact

The impact of these vulnerabilities varies depending on the product,
component, and configuration of the system. Potential consequences
include remote execution of arbitrary code or commands, sensitive
information disclosure, and denial of service. Vulnerable components
may be available to unauthenticated, remote attackers. An attacker who
compromises an Oracle database may be able to gain access to sensitive
information or take complete control of the host system.

III. Solution

Apply patches from Oracle

Apply the appropriate patches or upgrade as specified in the Critical
Patch Update - July 2007. Note that this Critical Patch Update only
lists newly corrected vulnerabilities.

As noted in the update, some patches are cumulative, others are not.
Oracle E-Business Suite and Applications patches are not cumulative,
so E-Business Suite and Applications customers should refer to
previous Critical Patch Updates to identify previous fixes they want
to apply.

Vulnerabilities described in the July 2007 CPU may affect Oracle
Database 10g Express Edition (XE). According to Oracle, Oracle
Database XE is based on the Oracle Database 10g Release 2 code.

Known issues with Oracle patches are documented in the
pre-installation notes and patch readme files. Please consult these
documents and test before making changes to production systems.

IV. References

* US-CERT Vulnerability Notes Related to Critical Patch Update - July 2007 - <http://www.kb.cert.org/vuls/byid?searchview&query=oracle_cpu_jul_2007>

* Critical Patch Update - July 2007 - <http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2007.html>

* Critical Patch Updates and Security Alerts - <http://www.oracle.com/technology/deploy/security/alerts.htm>

* Map of Public Vulnerability to Advisory/Alert - <http://www.oracle.com/technology/deploy/security/critical-patch-updates/public_vuln_to_advisory_mapping.html>

* Oracle Database Security Checklist (PDF) - <http://www.oracle.com/technology/deploy/security/pdf/twp_security_checklist_db_database.pdf>

* Critical Patch Update Implementation Best Practices (PDF) - <http://www.oracle.com/technology/deploy/security/pdf/cpu_whitepaper.pdf>

* Oracle Database 10g Express Edition - <http://www.oracle.com/technology/products/database/xe/index.html>

* Details Oracle Critical Patch Update July 2007 - <http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-200A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-200A Feedback VU#322460" in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
_________________________________________________________________

Revision History

July 19, 2007: Initial release


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRp/JpfRFkHkM87XOAQL+aAf+LT57XEEdJFo0/rEvLauhqOviaJlUvPez
5pPCcB8GA9BlzNlF4acoIR8QxMqtGg2MVG/uSk6XPTK2CVKDKcBPmsp6iQxMbPCF
Xz7iCuET++IcyUbIi7pMXaJIl6qCZKb8irhH11Z6IwAWjPkrsVv82wz4yCP+APEe
+ANt4e/byziJ7AySg6WR/Rzpi+nedjLicpjfUilkQhRiXs6k9x5dUON4pPNU7DUV
PeTZ3zccEVBvcr/t6YCzZ+yIzLZiAzVghH7SNbgDYv+NRboCjNOu95MniA8Oz2ED
xNOf/wbFj7LMUsmza7u8kTaywUHOyR7LQ9mANsuHJb3n4Ug9/SAVdQ==
=FFpC
-----END PGP SIGNATURE-----


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-199A

Mozilla Updates for Multiple Vulnerabilities  

Original release date: July 18, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Mozilla Firefox
* Mozilla Thunderbird

Other products based on Mozilla components may also be affected.

Overview

The Mozilla web browser and derived products contain several
vulnerabilities, the most severe of which could allow a remote
attacker to execute arbitrary code on an affected system.

I. Description

Mozilla has released new versions of Firefox and Thunderbird to
address several vulnerabilities. Further details about these
vulnerabilities are available from Mozilla and the Vulnerability Notes
Database. An attacker could exploit these vulnerabilities by
convincing a user to view a specially-crafted HTML document, such as a
web page or an HTML email message.

II. Impact

While the impacts of the individual vulnerabilities vary, the most
severe could allow a remote, unauthenticated attacker to execute
arbitrary code on a vulnerable system. An attacker may also be able to
cause a denial of service or obtain private information.

III. Solution

Upgrade

These vulnerabilities are addressed in Mozilla Firefox 2.0.0.5 and
Thunderbird 2.0.0.5.

Disable JavaScript

Some of these vulnerabilities can be mitigated by disabling JavaScript
or using the NoScript extension. For more information about
configuring Firefox, please see the Securing Your Web Browser
document. Thunderbird disables JavaScript and Java by default.

IV. References

* US-CERT Vulnerability Notes -
<http://www.kb.cert.org/vuls/byid?searchview&query=mozilla_20070717>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/browser_security.html#Mozilla_Firefox>

* Mozilla Foundation Security Advisories - <http://www.mozilla.org/security/announce/>

* Known Vulnerabilities in Mozilla Products -
<http://www.mozilla.org/projects/security/known-vulnerabilities.html>

* Mozilla Hall of Fame - <http://www.mozilla.org/university/HOF.html>

* NoScript Firefox Extension - <http://noscript.net/>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-199A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-199A Feedback VU#143297" in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>
_________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
_________________________________________________________________

Produced 2007 by US-CERT, a government organization. Terms of use

Revision History

July 18, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRp53HfRFkHkM87XOAQLeRwf/QqMX0I06N0r/bctdkce0RqUa9ZwpLSsM
42Ihq6NSQDOGM1cfqa8TxtYbITjV2cOQAmAYsi7HGdMF6zbZbkAZ5e/Lo06Be3mW
Rw9s+ci5mLOiFHQ1mBAYn5/1+iK9WJPrbL3tvE9ejAjdIzSieWz4wwYE/A4gIJxh
XnlwZT+EXafixy8qu/uLUjhwlfs+HiOtjaSP4q+N+LLfeSk+UeAXbT6nPt6d+B7Z
hd7RKOJR2eesWpc9L7/oq0tmJdXSkW9Qel3L9KssOiir/ZKqpyVISkBxTbce9Pq8
hqXne3HWJXBT19YBmRMSDD693J6siCPXuLSLJbTFN4d/NKM5MF7kTQ==
=jDnr
-----END PGP SIGNATURE-----


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Cyber Security Alert SA07-193A


Apple Releases Security Updates for QuickTime

Original release date: July 12, 2007
Last revised: --
Source: US-CERT

Systems Affected

Apple QuickTime for

* Apple Mac OS X
* Microsoft Windows

Overview

Apple has released Apple QuickTime 7.2 to correct several
vulnerabilities. These vulnerabilities could allow an attacker to
gain access to your computer.

Solution

Install an Update

OS X users should use the Mac OS X Software Update feature to
download and install Apple QuickTime 7.2. Consider scheduling
Software Update to check for updates automatically (this option is
enabled by default).

Microsoft Windows users should upgrade to Apple QuickTime 7.2.

Description

QuickTime prior to version 7.2 has multiple image and media file
handling vulnerabilities that could allow an attacker to run
malicious programs on your computer. This could happen by visiting
a malicious web site. Upgrading to Apple QuickTime version 7.2 will
correct these vulnerabilities.

Note that QuickTime ships with Apple iTunes.

For more technical information, see US-CERT Technical Alert
TA07-193A and the Apple QuickTime Security Update.

References

* US-CERT Technical Alert TA07-193A -
<http://www.us-cert.gov/cas/techalerts/TA07-193A.html>

* Vulnerability Notes for QuickTime 7.2 -
<http://www.kb.cert.org/vuls/byid?searchview&query=QuickTime_72>

* About the security content of the QuickTime 7.2 Update -
<http://docs.info.apple.com/article.html?artnum=305947>

* Apple QuickTime 7.2 for Windows -
<http://www.apple.com/support/downloads/quicktime72forwindows.html>

* Apple QuickTime 7.2 for Mac -
<http://www.apple.com/support/downloads/quicktime72formac.html>

* Standalone Apple QuickTime Player -
<http://www.apple.com/quicktime/download/standalone.html>

* Mac OS X: Updating your software -
<http://docs.info.apple.com/article.html?artnum=106704>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/alerts/SA07-193A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "SA07-193A Feedback VU#582681" in the subject.
________________________________________________________________

For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
________________________________________________________________

Produced 2007 by US-CERT, a government organization. Terms of use

Terms of use:

<http://www.us-cert.gov/legal.html>
_________________________________________________________________

Revision History

July 12, 2007: Initial release

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRpZkovRFkHkM87XOAQL2twf/ZV59ltYywVCkxZA6nw1LZlWwY+dSmhYW
OGviwmW+eyLyuzQqx5A4RcZ0TW5TcBUndODoGA5ILx62kyAqjng2HkIjeTXcvOzS
Fqf7Adwe/i0IAXT3sPCWaYCzGYwn76cWYFd9vgyRyvbFAM7Cmv1u/76GgNSb2R8p
Uc0HbdGy9XOucFgyvFSnNRVlim27pAv5jzkPIBK1817s/TYWIb/NpU4y3+bVtBLF
A3B/Lw+KcRvCSrKe955tMchrghybZ1HYDr7tGokKU1DjlJtvSaOujGSX7O0G/T5g
rCNE+KFqPJY+vIaMbLAxGGhyzyMjRyeocFlBHc37RgWJ1ChvDgNWxg==
=a8Ip
-----END PGP SIGNATURE-----


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-192A

Adobe Flash Player Updates for Multiple Vulnerabilities

Original release date: July 11, 2007
Last revised: --
Source: US-CERT

Systems Affected

Microsoft Windows, Apple Mac OS X, Linux, Solaris, or other operating
systems with any of the following Adobe products installed:
* Flash Player 9.0.45.0
* Flash Player 9.0.45.0 and earlier network distribution
* Flash Basic
* Flash CS3 Professional
* Flash Professional 8, Flash Basic
* Flex 2.0
* Flash Player 7.070.0 for Linux or Solaris

For more complete information, refer to Adobe Security Bulletin
APSB07-12.

Overview

There are critical vulnerabilities in Adobe Flash player and related
software. Exploitation of these vulnerabilities could allow a remote,
unauthenticated attacker to execute arbitrary code or cause a denial
of service on a vulnerable system.

I. Description

Adobe Security Bulletin APSB07-12 addresses vulnerabilities in Adobe
Flash Player and related software. Further information is available in
the US-CERT Vulnerability Notes database.

Several operating systems, including Microsoft Windows and Apple OS X,
have vulnerable versions of Flash installed by default. Systems with
Flash-enabled web browsers are vulnerable. To exploit these
vulnerabilities, an attacker could host a specially crafted Flash file
on a web site and convince a user to visit the site.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code with
the privileges of the user, steal credentials, or create a
denial-of-service condition. If the user is logged on with
administrative privileges, the attacker could take complete control of
an affected system.

III. Solution

Apply Updates

Check with your vendor for patches or updates. For information about a
specific vendor, please see the Systems Affected section in the
vulnerability notes or contact your vendor directly. If you get the
flash player from Adobe, see the Adobe Get Flash page for information
about updates.

Disable Flash

Users who are unable to apply the patch should disable Flash. Contact
your vendor or see the US-CERT Vulnerability Notes VU#110297,
VU#730785, or VU#138457 for more details.

Appendix A. References

* Adobe - APSB07-12: Flash Player update available to address
security vulnerabilities -
<http://www.adobe.com/support/security/bulletins/apsb07-12.html>
* US-CERT Vulnerability Notes Database -
<http://www.kb.cert.org/vuls/byid?searchview&query=VU%23138457,VU%2323110297,VU%23730785>

_________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-192A.html>
_________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-192A Feedback VU#730785" in the
subject.
_________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
_________________________________________________________________

Produced 2007 by US-CERT, a government organization. Terms of use

Terms of use:

<http://www.us-cert.gov/legal.html>
_________________________________________________________________

Revision History

July 11, 2007: Initial release
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRpU9ffRFkHkM87XOAQKltggAm5ZRfQ8tfM+0WGcNtMPCxjHyWfX3VNNt
8Q6rkAkft8LcP0ek7dRs4kxfvEz4RHWmT+6J/tUeG/X8DoBZKcjbe/c/Vh0gLQYN
xKlAUXGjThWuTeoUmKwZkDQTdlwR1Y3E/LpjUKxoErANuLsgsHQkyvM8lDw+qBY6
TzynZFOSR0ZNjS7IpP945dkaFEbxY5gYGYi19/0FbgRMfcMLEkSmOrWIc5n58U1U
IOQ/1gtZIWsNBR50Xrjs6avfSHNR7kTYXSMoSupZkuBGoapwwmYp/cVh1KPYJRjt
jc0IaQbcGA80o22TJ1yyYroF8x5oUVpzLqJBcZSJLHWUMSXxB4Bv3g==
=yQt6
-----END PGP SIGNATURE-----


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-191A

Microsoft Updates for Multiple Vulnerabilities

Original release date: July 10, 2007
Last revised: --
Source: US-CERT

Systems Affected

* Microsoft Windows
* Microsoft Excel
* Microsoft Publisher
* Microsoft .NET Framework
* Microsoft Internet Information Services (IIS)
* Microsoft Windows Vista Firewall

Overview

Microsoft has released updates that address critical vulnerabilities
in Microsoft Windows, Excel, Publisher, .NET Framework, Internet
Information Services, and Windows Vista Firewall. Exploitation of
these vulnerabilities could allow a remote, unauthenticated attacker
to execute arbitrary code or cause a denial of service on a vulnerable
system.

I. Description

Microsoft has released updates to address vulnerabilities that affect
Microsoft Windows, Excel, Publisher, .NET Framework, Internet
Information Services, and Windows Vista Firewall as part of the
Microsoft Security Bulletin Summary for July 2007. The most severe
vulnerabilities could allow a remote, unauthenticated attacker to
execute arbitrary code or cause a denial of service on a vulnerable
system.

Further information about the vulnerabilities addressed by these
updates is available in the Vulnerability Notes Database

II. Impact

A remote, unauthenticated attacker could execute arbitrary code on a
vulnerable system. An attacker may also be able to cause a denial of
service.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the July
2007 Security Bulletins. The Security Bulletins describe any known
issues related to the updates. Administrators are encouraged to note
any known issues that are described in the Bulletins and test for any
potentially adverse effects.

System administrators may wish to consider using an automated patch
distribution system such as Windows Server Update Services (WSUS).

IV. References

* US-CERT Vulnerability Notes for Microsoft July 2007 updates -
<http://www.kb.cert.org/vuls/byid?searchview&query=ms07-jul>

* Securing Your Web Browser -
<http://www.us-cert.gov/reading_room/securing_browser/>

* Microsoft Security Bulletin Summary for July 2007 -
<http://www.microsoft.com/technet/security/bulletin/ms07-jul.mspx>

* Microsoft Update - <https://update.microsoft.com/microsoftupdate/>

* Microsoft Office Update - <http://officeupdate.microsoft.com/>

* Windows Server Update Services -
<http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>

____________________________________________________________________

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA07-191A.html>
____________________________________________________________________

Feedback can be directed to US-CERT Technical Staff. Please send
email to <cert@cert.org> with "TA07-191A Feedback VU#487905" in the
subject.
____________________________________________________________________

For instructions on subscribing to or unsubscribing from this
mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
____________________________________________________________________

Produced 2007 by US-CERT, a government organization.

Terms of use:

<http://www.us-cert.gov/legal.html>
____________________________________________________________________

Revision History

July 10, 2007: Initial release




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBRpPwhvRFkHkM87XOAQKWiQf/XFpYurcCFZ1qG700NatqdY7wL6pO4qbv
hGzdzUJH+aRN7b6XaEE/ZLprWnyj2H8HbH+HAHOuKDOxBI7N6PQ4WPaeZ14tDsNP
pNFg81LjE5Hlj6h5N2p8XML3t/4X7a7wk5YB7nhiBdisxAJ7iNjQ1BawjTlA9/kl
dTaIRW2njHpupGLWuin60U/di12jI3JirgJHfiRK6Ruiqnv56rM7LS9IOT1HV5RR
0otIr1Dttdnmgveb0YOiz7A36nwMiCEUzcUu2rKzARpZ4gMBIrSbfkAJpyUE0w3K
WMh1tgEt3fooTgvBUhpDjfxbMNka85wGbpizcsKnw6VVzIQAlr0y3Q==
=FRhW
-----END PGP SIGNATURE-----


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

National Cyber Alert System

Technical Cyber Security Alert TA07-177A

MIT Kerberos Vulnerabilities

Original release date: June 26, 2007
Last revised: --
Source: US-CERT

Systems Affected

* MIT Kerberos

Other products that use the RPC library provided with MIT Kerberos or
other RPC libraries derived from SunRPC may also be affected.

Overview

The MIT Kerberos 5 implementation contains several vulnerabilities.
Exploitation of these vulnerabilities could allow a remote,
unauthenticated attacker to execute arbitrary code or cause a denial
of service on a vulnerable system.

I. Description

There are three vuln