Guest MEB Posted July 12, 2007 Posted July 12, 2007 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Cyber Security Alert SA07-191A Microsoft Updates for Multiple Vulnerabilities Original release date: July 12, 2007 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Office Overview Vulnerabilities in Microsoft Windows and Office could allow an attacker to gain control of your computer. Solution Install updates Microsoft has released updates to remedy vulnerabilities in Microsoft Windows and Office. To obtain these updates, visit the Microsoft Update web site. We also recommend enabling Automatic Updates. Description Vulnerabilities in Microsoft Windows and Office may allow an attacker to access your computer, install and run malicious software on your computer, or cause it to crash. More technical information is available in US-CERT Technical Cyber Security Alert TA07-191A. References * US-CERT Technical Cyber Security Alert TA07-191A - <http://www.us-cert.gov/cas/techalerts/TA07-191A.html> * Vulnerability Notes for Microsoft July 2007 updates - <http://www.kb.cert.org/vuls/byid?searchview&query=ms07-Jul> * Microsoft security updates for July 2007 - <http://www.microsoft.com/protect/computer/updates/bulletins/200707.mspx> * Microsoft Security at Home - <http://www.microsoft.com/protect/> * Microsoft Update - <https://update.microsoft.com/microsoftupdate/> * Microsoft Automatic Updates - <http://www.microsoft.com/athome/security/update/msupdate_keep_current.mspx# EZB> * Microsoft Security at Home - <http://www.microsoft.com/protect/> * Microsoft Update - <https://update.microsoft.com/microsoftupdate/> * Microsoft Automatic Updates - <http://www.microsoft.com/athome/security/update/msupdate_keep_current.mspx# EZB> _________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/alerts/SA07-191A.html> _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "SA07-191A Feedback VU#487905" in the subject. ________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use Terms of use: <http://www.us-cert.gov/legal.html> _________________________________________________________________ Revision History July 10, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRpPqPvRFkHkM87XOAQIR7Qf/dB6eCYQn5pxrAHCEXP5edkpi3ZZiqdC0 omCvDyVgmDVfrs/ZE1yk0qLgQxR8TU9J4hnBdbIRNhsP+cRmr//fj8qvvU4IlI/X S/tY/o0pP8GEsJrFfpcSXuh0TMme4Vyw+V6mOwBzHiHS1LEmclQ954dgrmbsJEER 35rtshZCSlKj98X0QXUT5Ev31F9ELcn1qcg5rv8a3tfefzzF5iRshmhd8d06W2GL c7okyBZapeOYhjlaGjkVlex8kF75e+F3CcLplj551awCwRM0WjiHWKIuePcYEES1 BIpAaVmsVWEdvvq7ybBq2MMXDFNxNPKSaMrQcVjCqQ1zCR3lmkXMcw== =Fg+7 -----END PGP SIGNATURE----- ******* -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-191A Microsoft Updates for Multiple Vulnerabilities Original release date: July 10, 2007 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Excel * Microsoft Publisher * Microsoft .NET Framework * Microsoft Internet Information Services (IIS) * Microsoft Windows Vista Firewall Overview Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Excel, Publisher, .NET Framework, Internet Information Services, and Windows Vista Firewall. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Excel, Publisher, .NET Framework, Internet Information Services, and Windows Vista Firewall as part of the Microsoft Security Bulletin Summary for July 2007. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Further information about the vulnerabilities addressed by these updates is available in the Vulnerability Notes Database II. Impact A remote, unauthenticated attacker could execute arbitrary code on a vulnerable system. An attacker may also be able to cause a denial of service. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the July 2007 Security Bulletins. The Security Bulletins describe any known issues related to the updates. Administrators are encouraged to note any known issues that are described in the Bulletins and test for any potentially adverse effects. System administrators may wish to consider using an automated patch distribution system such as Windows Server Update Services (WSUS). IV. References * US-CERT Vulnerability Notes for Microsoft July 2007 updates - <http://www.kb.cert.org/vuls/byid?searchview&query=ms07-jul> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> * Microsoft Security Bulletin Summary for July 2007 - <http://www.microsoft.com/technet/security/bulletin/ms07-jul.mspx> * Microsoft Update - <https://update.microsoft.com/microsoftupdate/> * Microsoft Office Update - <http://officeupdate.microsoft.com/> * Windows Server Update Services - <http://www.microsoft.com/windowsserversystem/updateservices/default.mspx> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-191A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-191A Feedback VU#487905" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History July 10, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRpPwhvRFkHkM87XOAQKWiQf/XFpYurcCFZ1qG700NatqdY7wL6pO4qbv hGzdzUJH+aRN7b6XaEE/ZLprWnyj2H8HbH+HAHOuKDOxBI7N6PQ4WPaeZ14tDsNP pNFg81LjE5Hlj6h5N2p8XML3t/4X7a7wk5YB7nhiBdisxAJ7iNjQ1BawjTlA9/kl dTaIRW2njHpupGLWuin60U/di12jI3JirgJHfiRK6Ruiqnv56rM7LS9IOT1HV5RR 0otIr1Dttdnmgveb0YOiz7A36nwMiCEUzcUu2rKzARpZ4gMBIrSbfkAJpyUE0w3K WMh1tgEt3fooTgvBUhpDjfxbMNka85wGbpizcsKnw6VVzIQAlr0y3Q== =FRhW -----END PGP SIGNATURE----- ***** -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-192A Adobe Flash Player Updates for Multiple Vulnerabilities Original release date: July 11, 2007 Last revised: -- Source: US-CERT Systems Affected Microsoft Windows, Apple Mac OS X, Linux, Solaris, or other operating systems with any of the following Adobe products installed: * Flash Player 9.0.45.0 * Flash Player 9.0.45.0 and earlier network distribution * Flash Basic * Flash CS3 Professional * Flash Professional 8, Flash Basic * Flex 2.0 * Flash Player 7.070.0 for Linux or Solaris For more complete information, refer to Adobe Security Bulletin APSB07-12. Overview There are critical vulnerabilities in Adobe Flash player and related software. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. I. Description Adobe Security Bulletin APSB07-12 addresses vulnerabilities in Adobe Flash Player and related software. Further information is available in the US-CERT Vulnerability Notes database. Several operating systems, including Microsoft Windows and Apple OS X, have vulnerable versions of Flash installed by default. Systems with Flash-enabled web browsers are vulnerable. To exploit these vulnerabilities, an attacker could host a specially crafted Flash file on a web site and convince a user to visit the site. II. Impact A remote, unauthenticated attacker could execute arbitrary code with the privileges of the user, steal credentials, or create a denial-of-service condition. If the user is logged on with administrative privileges, the attacker could take complete control of an affected system. III. Solution Apply Updates Check with your vendor for patches or updates. For information about a specific vendor, please see the Systems Affected section in the vulnerability notes or contact your vendor directly. If you get the flash player from Adobe, see the Adobe Get Flash page for information about updates. Disable Flash Users who are unable to apply the patch should disable Flash. Contact your vendor or see the US-CERT Vulnerability Notes VU#110297, VU#730785, or VU#138457 for more details. Appendix A. References * Adobe - APSB07-12: Flash Player update available to address security vulnerabilities - <http://www.adobe.com/support/security/bulletins/apsb07-12.html> * US-CERT Vulnerability Notes Database - <http://www.kb.cert.org/vuls/byid?searchview&query=VU%23138457,VU%2323110297 ,VU%23730785> _________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-192A.html> _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-192A Feedback VU#730785" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. _________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use Terms of use: <http://www.us-cert.gov/legal.html> _________________________________________________________________ Revision History July 11, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRpU9ffRFkHkM87XOAQKltggAm5ZRfQ8tfM+0WGcNtMPCxjHyWfX3VNNt 8Q6rkAkft8LcP0ek7dRs4kxfvEz4RHWmT+6J/tUeG/X8DoBZKcjbe/c/Vh0gLQYN xKlAUXGjThWuTeoUmKwZkDQTdlwR1Y3E/LpjUKxoErANuLsgsHQkyvM8lDw+qBY6 TzynZFOSR0ZNjS7IpP945dkaFEbxY5gYGYi19/0FbgRMfcMLEkSmOrWIc5n58U1U IOQ/1gtZIWsNBR50Xrjs6avfSHNR7kTYXSMoSupZkuBGoapwwmYp/cVh1KPYJRjt jc0IaQbcGA80o22TJ1yyYroF8x5oUVpzLqJBcZSJLHWUMSXxB4Bv3g== =yQt6 -----END PGP SIGNATURE-----
Guest Michael Yardley Posted July 12, 2007 Posted July 12, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined Another cut and paste poster, Why you not say something original in your own words troll?
Guest 98 Guy Posted July 12, 2007 Posted July 12, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities -US-Cert-combined Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities -US-Cert-combined Michael Yardley wrote: > Another cut and paste poster, Why you not say something original > in your own words troll? LOL (I could say more, but I won't...)
Guest MEB Posted July 13, 2007 Posted July 13, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined Well, apparently some new blood roles through... From 98 Guy? Well we expect some really stupid stuff from him, you on the other hand, Mike, apparently don't realize what that was put here for... do try to take your blinders off and keep up.... This related, in part, to Flash 9 and 10... and VISTA for the dual booters, and several other aspects... which include 9X, do try to keep up... Now do you have anything relevant to post in here? "98 Guy" <98@Guy.com> wrote in message news:4696BD53.5F5F440E@Guy.com... | Michael Yardley wrote: | | > Another cut and paste poster, Why you not say something original | > in your own words troll? | | LOL | | (I could say more, but I won't...) -- MEB http://peoplescounsel.orgfree.com ________
Guest MEB Posted July 13, 2007 Posted July 13, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined Oh and for those who can't figure this one out, it deals with Quicktime, and I-Tunes.... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-193A Apple Releases Security Updates for QuickTime Original release date: July 12, 2007 Last revised: -- Source: US-CERT Systems Affected Apple QuickTime on systems running * Apple Mac OS X * Microsoft Windows Overview Apple QuickTime contains multiple vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary code or cause a denial-of-service condition. I. Description Apple QuickTime 7.2 resolves multiple vulnerabilities in the way Java applets and various types of media files are handled. An attacker could exploit these vulnerabilities by convincing a user to access a specially crafted Java applet or media file with a vulnerable version of QuickTime. Since QuickTime configures most web browsers to handle QuickTime media files, an attacker could exploit these vulnerabilities using a web page. Note that QuickTime ships with Apple iTunes. For more information, please refer to the Vulnerability Notes Database. II. Impact These vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or commands and cause a denial-of-service condition. For further information, please see the Vulnerability Notes Database. III. Solution Upgrade QuickTime Upgrade to QuickTime 7.2. This and other updates for Mac OS X are available via Apple Update. On Microsoft Windows, QuickTime users can install the update by using the built-in auto-update mechanism, Apple Software Update, or by installing the update manually. Disable QuickTime in your web browser An attacker may be able to exploit some of these vulnerabilities by persuading a user to access a specially crafted media file with a web browser. Disabling QuickTime in your web browser may defend against this attack vector. For more information, refer to the Securing Your Web Browser document. Disable Java in your web browser An attacker may be able to exploit some of these vulnerabilities by persuading a user to access a specially crafted Java applet with a web browser. Disabling Java in your web browser may defend against this attack vector. Instructions for disabling Java can be found in the Securing Your Web Browser document. References * Vulnerability Notes for QuickTime 7.2 - <http://www.kb.cert.org/vuls/byid?searchview&query=QuickTime_72> * About the security content of the QuickTime 7.2 Update - <http://docs.info.apple.com/article.html?artnum=305947> * How to tell if Software Update for Windows is working correctly when no updates are available - <http://docs.info.apple.com/article.html?artnum=304263> * Apple QuickTime 7.2 for Windows - <http://www.apple.com/support/downloads/quicktime72forwindows.html> * Apple QuickTime 7.2 for Mac - <http://www.apple.com/support/downloads/quicktime72formac.html> * Standalone Apple QuickTime Player - <http://www.apple.com/quicktime/download/standalone.html> * Mac OS X: Updating your software - <http://docs.info.apple.com/article.html?artnum=106704> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-193A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-193A Feedback VU#582681" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History Thursday July 12, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRpZsJ/RFkHkM87XOAQKLMgf9GpK/pbKTrSe0yKCRMt8Z4lMKl8VE+Rqr 4i8GfVXYUcBKbTlA8TTyf5ucbmCVAnjGJIq0W6X5gLBeA0QxCZ6qto/iPqviuvoV 8tu92/DuerYOkZMvJcn4RjAlMhM9CWCqJh1QG6R2Csn8AyeKEOFDiKYqoDzT+LoQ zojxmlNJIbUvIIGv8Z12Xkr1LLDmD4rs1nfDEBZm7yLTWRItmXpvSidftdUGETDZ +ok1SIhkZEbPNT7gAox9RZaKyIRHV7V4wZwqDd3weo6T7UPlhsgRqe88h1R5Yfq8 a7ePH0WSbTCqdGmuoM+nir4iDldoxB8OpbMUQH1nmWcDmc9xv++MHQ== =EV1X -----END PGP SIGNATURE----- Oh and for those who can't figure this one out, it deals with Quicktime, and I-Tunes....
Guest Greg Carr Posted July 14, 2007 Posted July 14, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined On Jul 12, 4:34 pm, Michael Yardley <yardle...@yahoo.ca> wrote: > Another cut and paste poster, Why you not say something original in > your own words troll? You are the troll and a very stupid one. No wonder your neighbours want you evicted. Yardley is a drunken welfare prostitute.
Guest MEB Posted August 2, 2007 Posted August 2, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Cyber Security Tip ST04-015 Understanding Denial-of-Service Attacks You may have heard of denial-of-service attacks launched against web sites, but you can also be a victim of these attacks. Denial-of-service attacks can be difficult to distinguish from common network activity, but there are some indications that an attack is in progress. What is a denial-of-service (DoS) attack? In a denial-of-service (DoS) attack, an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, web sites, online accounts (banking, etc.), or other services that rely on the affected computer. The most common and obvious type of DoS attack occurs when an attacker "floods" a network with information. When you type a URL for a particular web site into your browser, you are sending a request to that site's computer server to view the page. The server can only process a certain number of requests at once, so if an attacker overloads the server with requests, it can't process your request. This is a "denial of service" because you can't access that site. An attacker can use spam email messages to launch a similar attack on your email account. Whether you have an email account supplied by your employer or one available through a free service such as Yahoo! or Hotmail, you are assigned a specific quota, which limits the amount of data you can have in your account at any given time. By sending many, or large, email messages to the account, an attacker can consume your quota, preventing you from receiving legitimate messages. What is a distributed denial-of-service (DDoS) attack? In a distributed denial-of-service (DDoS) attack, an attacker may use your computer to attack another computer. By taking advantage of security vulnerabilities or weaknesses, an attacker could take control of your computer. He or she could then force your computer to send huge amounts of data to a web site or send spam to particular email addresses. The attack is "distributed" because the attacker is using multiple computers, including yours, to launch the denial-of-service attack. How do you avoid being part of the problem? Unfortunately, there are no effective ways to prevent being the victim of a DoS or DDoS attack, but there are steps you can take to reduce the likelihood that an attacker will use your computer to attack other computers: * Install and maintain anti-virus software (see Understanding Anti-Virus Software for more information). * Install a firewall, and configure it to restrict traffic coming into and leaving your computer (see Understanding Firewalls for more information). * Follow good security practices for distributing your email address (see Reducing Spam for more information). Applying email filters may help you manage unwanted traffic. How do you know if an attack is happening? Not all disruptions to service are the result of a denial-of-service attack. There may be technical problems with a particular network, or system administrators may be performing maintenance. However, the following symptoms could indicate a DoS or DDoS attack: * unusually slow network performance (opening files or accessing web sites) * unavailability of a particular web site * inability to access any web site * dramatic increase in the amount of spam you receive in your account What do you do if you think you are experiencing an attack? Even if you do correctly identify a DoS or DDoS attack, it is unlikely that you will be able to determine the actual target or source of the attack. Contact the appropriate technical professionals for assistance. * If you notice that you cannot access your own files or reach any external web sites from your work computer, contact your network administrators. This may indicate that your computer or your organization's network is being attacked. * If you are having a similar experience on your home computer, consider contacting your Internet service provider (ISP). If there is a problem, the ISP might be able to advise you of an appropriate course of action. _________________________________________________________________ Author: Mindi McDowell _________________________________________________________________ Produced 2004 by US-CERT, a government organization. Note: This tip was previously published and is being re-distributed to increase awareness. Terms of use <http://www.us-cert.gov/legal.html> This document can also be found at <http://www.us-cert.gov/cas/tips/ST04-015.html> For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRrC42/RFkHkM87XOAQJZWgf7B4MC3vd7pH1M7tKyhaqduKuVk4lshrXg E1hbBWfbjF3NXdSZea76ioNXkgaxLiaBxEOKswypmElspqmxOenVxp1gStfUubaj QnIhhRE7VxnJBULdl6Ja6kZRpaDSAYplDJkkrLTPIfJ5QQbaSnaZEGqieKm6zj2B EOnJNGjMJI1z4nK0CUPiImZBBqsZwQY5uIEsX9mnMrQZPGmptcZgxa41ggbsZDvS C5VI9Q22cmIG9dc+Q0fNVoCD0pLiOfaG90QVmdwY0eCaTrHKLXW/oYyXNa4g6IQ8 oHpPniPLrf5/Go0Z+m129fpK4Dbr1vSLkOV7EJ5hrXnGR6bAtWRl1w== =PXKO -----END PGP SIGNATURE-----
Guest MEB Posted August 15, 2007 Posted August 15, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined This Cyber alert is more for dual booters and VPC users, though Office 2000 also has vulnerabilities. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-226A Microsoft Updates for Multiple Vulnerabilities Original release date: August 14, 2007 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Internet Explorer * Microsoft Windows Media Player * Microsoft Office * Microsoft Office for Mac * Microsoft XML Core Services * Microsoft Visual Basic * Microsoft Virtual PC * Microsoft Virtual Server Overview Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Internet Explorer, Windows Media Player, Office, Office for Mac, XML Core Services, Visual Basic, Virtual PC, and Virtual Server. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, Windows Media Player, Office, Office for Mac, XML Core Services, Visual Basic,Virtual PC, and Virtual Server as part of the Microsoft Security Bulletin Summary for August 2007. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Further information about the vulnerabilities addressed by these updates is available in the Vulnerability Notes Database II. Impact A remote, unauthenticated attacker could execute arbitrary code on a vulnerable system. An attacker may also be able to cause a denial of service. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the August 2007 Security Bulletins. The Security Bulletins describe any known issues related to the updates. Administrators are encouraged to note any known issues that are described in the Bulletins and test for any potentially adverse effects. Updates for Microsoft Windows and Microsoft Office XP and later are available on the Microsoft Update site. Microsoft Office 2000 updates are available on the Microsoft Office Update site. Apple Mac OS X users should obtain updates from the Mactopia web site. System administrators may wish to consider using an automated patch distribution system such as Windows Server Update Services (WSUS). IV. References * US-CERT Vulnerability Notes for Microsoft August 2007 updates - <http://www.kb.cert.org/vuls/byid?searchview&query=ms07-aug> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> * Microsoft Security Bulletin Summary for August 2007 - <http://www.microsoft.com/technet/security/bulletin/ms07-aug.mspx> * Microsoft Update - <https://update.microsoft.com/microsoftupdate/> * Microsoft Office Update - <http://officeupdate.microsoft.com/> * Windows Server Update Services - <http://www.microsoft.com/windowsserversystem/updateservices/default.mspx> * Mactopia - <http://www.microsoft.com/mac/> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/alerts/TA07-226A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-226A Feedback VU#361968" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History August 14, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRsIPdvRFkHkM87XOAQI0pAgAqwe7XJni4X4VcqfNQIZU1XiXDE04/3W+ Tl4jOtH9nxmwmQtUSMrTjrmtxB97DbA9sd6F5kYwwHB3MnPEY4lVe/zifmjQRH1o lvMYH/Zd6KnGU3FFX/w4gZ1x1A/QTpIvXLXTKdFd/vyQxTHqEvZxttpH7BHpt92O MQem58NVIKLxpZ2a1KAh2kdkDRT8sP8vO8G6gKyY1PVHwHSJJW9JKeVzxzGV9kuL +wCZOGGcq6DWxUt71XDK8MEvVoMpwwwxIHazG33a2ybepC3Bg4heILEj6urUaF2N wlkFIzGGfzwVTzDi88VP9ZXHcffJfMOLUA5jeh84rAElYciQIysGvg== =glfP -----END PGP SIGNATURE----- -- MEB http://peoplescounsel.orgfree.com ________
Guest MEB Posted October 10, 2007 Posted October 10, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined Please note the potential issues as described within. Take due notice of the linked materials. Relates to IE (5 & 6), OE (5 & 6), Word (2000, 2002), and Office, which may be used by readers/9X users of this group. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-282A Microsoft Updates for Multiple Vulnerabilities Original release date: October 9, 2007 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Internet Explorer * Microsoft Outlook Express and Windows Mail * Microsoft Office * Microsoft Office for Mac * Microsoft SharePoint Overview Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, Microsoft Internet Explorer, Microsoft Outlook Express and Windows Mail, Microsoft Office, Microsoft Office for Mac, and Microsoft SharePoint. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Microsoft Internet Explorer, Microsoft Outlook Express and Windows Mail, Microsoft Office, Microsoft Office for Mac, and Microsoft SharePoint as part of the Microsoft Security Bulletin Summary for October 2007. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system. Further information about the vulnerabilities addressed by these updates is available in the Vulnerability Notes Database. II. Impact A remote, unauthenticated attacker could execute arbitrary code on a vulnerable system. An attacker may also be able to cause a denial of service. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the October 2007 security bulletins. The security bulletins describe any known issues related to the updates. Administrators are encouraged to note any known issues that are described in the bulletins and test for any potentially adverse effects. System administrators should consider using an automated patch distribution system such as Windows Server Update Services (WSUS). IV. References * US-CERT Vulnerability Notes for Microsoft October 2007 updates - <http://www.kb.cert.org/vuls/byid?searchview&query=ms07-oct> * Microsoft Security Bulletin Summary for October 2007 - <http://www.microsoft.com/technet/security/bulletin/ms07-oct.mspx> * Microsoft Update - <https://update.microsoft.com/microsoftupdate/> * Windows Server Update Services - <http://www.microsoft.com/windowsserversystem/updateservices/default.mspx> * Securing Your Web Browser - <http://www.cert.org/tech_tips/securing_browser/> * Mactopia - <http://www.microsoft.com/mac/> ____________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-282A.html> ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-282A Feedback VU#569041" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. ____________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ____________________________________________________________________ Revision History October 9, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRwvTGvRFkHkM87XOAQL0ZQgAhIOH3izST8xU1Xm3NQ65FRJumacpXdOl OtDoysTaQBZcQN+4OikFztqNZuJHVUVRLvRZKO6k6cOfYq8oaaDDzlGiJP3yfl/u byveiGWdgCnr1RlQdM/GG7Wz2JGK/4WsXc1K1dvHclswyFSC9/sYV7Gmj/aPo6aW T7fJBlQFE+ffy3/6sQ8fhtXP2dwJgQ2uT+UyaFvZiG65efH+qOXXmSBy2CkyV2zJ rdTSUqhp5nVUChwl/jYjywUVAUUqEM69P0E4t5VtOdhNYIz5fZH4uuJ4M+HM451Z T9kGF4wi94QM9xPZzcb0+mthBXa/zzQNT5mV5GcorKTzJpSIGmCZUQ== =Xij6 -----END PGP SIGNATURE-----
Guest MEB Posted October 31, 2007 Posted October 31, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Cyber Security Alert SA07-303A Federal Trade Commission Reports Spoofed Email Original release date: October 30, 2007 Last revised: -- Source: US-CERT Systems Affected * Any computer system can be affected when a person is a victim of social engineering, such as what can occur when malicious code is inadvertently downloaded from an attachment in a spoofed email. Overview The Federal Trade Commission (FTC) is reporting that spoofed email messages that appear to come from the FTC contain malicious attachments. If you open one of these attachments you may infect your computer with a keystroke logger or other malicious code. Solution Be suspicious Exercise caution when opening email messages and attachments. In this case, the FTC describes the spoofed email as follows: The spoof email includes a phony sender's address, making it appear the email is from "frauddep@ftc.gov" and also spoofs the return-path and reply-to fields to hide the email's true origin. While the email includes the FTC seal, it has grammatical errors, misspellings, and incorrect syntax. Attackers often construct email messages and web sites to imitate legitimate organizations in order to more effectively convince you to open and execute malicious attachments or click on malicious links. See the Avoiding Social Engineering and Phishing Cyber Security Tip in the references section for more information. Install and update anti-virus software Updated anti-virus software can protect you from malicious code. For more information, please see Cyber Security Tip ST04-005 and ST05-006. Description This spoofed email activity relies on social engineering techniques to convince you to open and run a malicious attachment. There is no software vulnerability involved and there is no software update to protect against this type of activity. For more information please see the FTC report. References * Cyber Security Tip ST04-014 - Avoiding Social Engineering and Phishing Attacks http://www.us-cert.gov/cas/tips/ST04-014.html * Cyber Security Tip ST04-010 - Using Caution with Email Attachments http://www.us-cert.gov/cas/tips/ST04-010.html * Cyber Security Tip ST04-005 - Understanding Anti-Virus Software http://www.us-cert.gov/cas/tips/ST04-005.html * Cyber Security Tip ST05-006 - Recovering from Viruses, Worms, and Trojan Horses http://www.us-cert.gov/cas/tips/ST04-006.html * Trends in Badware 2007 http://www.stopbadware.org/home/consumerreport * Don't Open Bogus Email that Comes from the FTC http://www.ftc.gov/opa/2007/10/bogus.shtm _________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/alerts/SA07-303A.html> _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "SA07-303A Feedback INFO#23" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. _________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> _________________________________________________________________ Revision History October 30, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBRye7OfRFkHkM87XOAQIJ/wf/adM6xCzd0GBmHl0xCAUss2TbnEUX80dF EwWhybpzNvqZNScriRaVRg7nAOzhNKIDWaURhwE0cbEO3FVBCRIYeEcOpzRq0B1h vNxQQp5zxZzEBtkatNkpdnErVA7gP2vwszcBlGYoQIaOguOQ7KCcApXENF0Xbj7u l6N0cjgCHpewRfFTXeWktbKBmEL39928lz7qDe5LW2oYLBAW6envxmqzMQRgZFvm EarsjHot5fVMvgTW0PKDW5isMzS1hFxo9Y7iBbUzYHOwyEXmf2wAl+alsPy+eqAv IGIaK4fZ1GWNkgIzY6r8bNwxnTepn7yk/381aKuSX2Q0XUBgintmoQ== =nSFE -----END PGP SIGNATURE-----
Guest MEB Posted December 1, 2007 Posted December 1, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined Another warning concerning Apple Quick Time. Note it says ALL versions are effected AND provides registry hacks to potentially correct the issues. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-334A Apple QuickTime RTSP Buffer Overflow Original release date: November 30, 2007 Last revised: -- Source: US-CERT Systems Affected A buffer overflow in Apple QuickTime affects: * Apple QuickTime for Windows * Apple QuickTime for Apple Mac OS X Overview Apple QuickTime contains a buffer overflow vulnerability in the way QuickTime processes Real Time Streaming Protocol (RTSP) streams. Exploitation of this vulnerability could allow an attacker to execute arbitrary code. I. Description Apple QuickTime contains a stack buffer overflow vulnerability in the way QuickTime handles the RTSP Content-Type header. Most versions of QuickTime prior to and including 7.3 running on all supported Apple Mac OS X and Microsoft Windows platforms are vulnerable. Since QuickTime is a component of Apple iTunes, iTunes installations are also affected by this vulnerability. An attacker could exploit this vulnerability by convincing a user to access a specially crafted HTML document such as a web page or email message. The HTML document could use a variety of techniques to cause QuickTime to load a specially crafted RTSP stream. Common web browsers, including Microsoft Internet Explorer, Mozilla Firefox, and Apple Safari can be used to pass RTSP streams to QuickTime, exploit the vulnerability, and execute arbitrary code. Exploit code for this vulnerability was first posted publicly on November 25, 2007. II. Impact This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code or commands and cause a denial-of-service condition. III. Solution As of November 30, 2007, a QuickTime update for this vulnerability is not available. To block attack vectors, consider the following workarounds. Block the rtsp:// protocol Using a proxy or firewall capable of recognizing and blocking RTSP traffic can mitigate this vulnerability. Known public exploit code for this vulnerability uses the default RTSP port 554/tcp, however RTSP can use a variety of ports. Disable file association for QuickTime files Disable the file association for QuickTime file types. This can be accomplished by deleting the following registry keys: HKEY_CLASSES_ROOT\QuickTime.* This will remove the association for approximately 32 file types that are configured to open with QuickTime Player. Disable the QuickTime ActiveX controls in Internet Explorer The QuickTime ActiveX controls can be disabled in Internet Explorer by setting the kill bit for the following CLSIDs: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} {4063BE15-3B08-470D-A0D5-B37161CFFD69} More information about how to set the kill bit is available in Microsoft Knolwedgebase Article 240797. Alternatively, the following text can be saved as a .REG file and imported to set the kill bit for these controls: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}] "Compatibility Flags"=dword:00000400 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4063BE15-3B08-470D-A0D5-B37161CFFD69}] "Compatibility Flags"=dword:00000400 Disable the QuickTime plug-in for Mozilla-based browsers Users of Mozilla-based browsers, such as Firefox can disable the QuickTime plugin, as specified in the PluginDoc article Uninstalling Plugins. Disable JavaScript For instructions on how to disable JavaScript, please refer to the Securing Your Web Browser document. This can help prevent some attack techniques that use the QuickTime plug-in or ActiveX control. Secure your web browser To help mitigate these and other vulnerabilities that can be exploited via a web browser, refer to Securing Your Web Browser. Do not access QuickTime files from untrusted sources Do not open QuickTime files from any untrusted sources, including unsolicited files or links received in email, instant messages, web forums, or internet relay chat (IRC) channels. References * US-CERT Vulnerability Note VU#659761 - <http://www.kb.cert.org/vuls/id/659761> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> * Mozilla Uninstalling Plugins - <http://plugindoc.mozdev.org/faqs/uninstall.html> * How to stop an ActiveX control from running in Internet Explorer - <http://support.microsoft.com/kb/240797> * IETF RFC 2326 Real Time Streaming Protocol - <http://tools.ietf.org/html/rfc2326> _________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-334A.html> _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-334A Feedback VU#659761" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. _________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> _________________________________________________________________ Revision History November 30, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR1ArKvRFkHkM87XOAQJg7wf/X4wAipFWO2ZJ5MdPzTwzE+x1OUIJxenP cFuLApajAMZ33yAyTTjA0sYhKveYhxSwqQTetEPiAWp5r/KPkJL5ugkeSvtzbAgf U6rsCICcRpjPJ7IjqsW/u6Hk2PBVqWwgip+FhZG5J5mjRPUdRr3JbmKlsEm/XDxi +ENxwrAgcoQHkLn76xn/9+1vTbI3zxi0GoyAR+GIFzs+Fsn+LazMCCrDI4ltPMnS c+Qpa3/qkOC+svz63yyHBjhq6eT2HQBP/X/50syweUOf4SrpDOdexX+mRPr03i6+ 9byGzjid5sObMAbpH1AzCtiDB56ai3zf+G5qV0uK2ziXihvNEn7JKA== =Jc+L -----END PGP SIGNATURE----- -- MEB http://peoplescounsel.orgfree.com ________
Guest 98 Guy Posted December 6, 2007 Posted December 6, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities -US-Cert-combined Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities -US-Cert-combined MEB wrote: > Another warning concerning Apple Quick Time. Note it says ALL > versions are effected AND provides registry hacks to potentially > correct the issues. > Apple QuickTime contains a stack buffer overflow vulnerability > in the way QuickTime handles the RTSP Content-Type header. > Most versions of QuickTime prior to and including 7.3 running > on all supported Apple Mac OS X and Microsoft Windows platforms > are vulnerable. I apparently have version 6.5 installed. > An attacker could exploit this vulnerability by convincing a > user to access a specially crafted HTML document such as a web > page or email message. Ok. > The HTML document could use a variety of techniques to cause > QuickTime to load a specially crafted RTSP stream. Ok, but how can that happen according to this: "QuickTime does not appear to register itself as the handler for the RTSP protocol on Windows systems" Unless because of this: "Disable the file association for QuickTime file types to help prevent windows applications from using Apple QuickTime to open QuickTime files. This can be accomplished by deleting the following registry keys: HKEY_CLASSES_ROOT\QuickTime.* This will remove the association for approximately 32 file types that are configured to open with the QuickTime Player software. I suppose the easiest solution is to rename the file "qtplugin.ocx". Any idea if quicktime alternative is vulnerable? http://en.wikipedia.org/wiki/QuickTime_Alternative
Guest MEB Posted December 6, 2007 Posted December 6, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined "98 Guy" <98@Guy.com> wrote in message news:475805B7.3D333231@Guy.com... | MEB wrote: | | > Another warning concerning Apple Quick Time. Note it says ALL | > versions are effected AND provides registry hacks to potentially | > correct the issues. | | > Apple QuickTime contains a stack buffer overflow vulnerability | > in the way QuickTime handles the RTSP Content-Type header. | > Most versions of QuickTime prior to and including 7.3 running | > on all supported Apple Mac OS X and Microsoft Windows platforms | > are vulnerable. | | I apparently have version 6.5 installed. | | > An attacker could exploit this vulnerability by convincing a | > user to access a specially crafted HTML document such as a web | > page or email message. | | Ok. | | > The HTML document could use a variety of techniques to cause | > QuickTime to load a specially crafted RTSP stream. | | Ok, but how can that happen according to this: | | "QuickTime does not appear to register itself as the handler | for the RTSP protocol on Windows systems" Yeah, a somewhat misleading comment there... so its just MAC or ... But when taken with the Apple warning of a month or so ago, Windows seems to be one to be concerned about as well. | | Unless because of this: | | "Disable the file association for QuickTime file types to help | prevent windows applications from using Apple QuickTime to open | QuickTime files. This can be accomplished by deleting the | following registry keys: | | HKEY_CLASSES_ROOT\QuickTime.* | This will remove the association for approximately 32 file types | that are configured to open with the QuickTime Player software. | | I suppose the easiest solution is to rename the file "qtplugin.ocx". From what appears, that may be an additional fix. I really haven't used QuickTime for almost a couple years now, so I have no way to test or review what would or wouldn't work.. though without the OCX at least it wouldn't apparently load when called via a web page or other. | | Any idea if quicktime alternative is vulnerable? | | http://en.wikipedia.org/wiki/QuickTime_Alternative Oh wow, thanks for the link [will look sometime soon]. Perhaps that might be the next issue to test before I stop doing so [okay, so now the target end date is January maybe]... never even bothered to look for a replacement .... Have you tried it yet, e.g. anything to report? -- MEB http://peoplescounsel.orgfree.com ________
Guest MEB Posted December 13, 2007 Posted December 13, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined This post combines two bulletins from CERT, note discussion: 98 Guy post on Thu, 13 Dec 2007 10:34:29 -0500 - *Re: IE gets security makeover in Patch Tuesday batch* in this discussion group. Xref: TK2MSFTNGP01.phx.gbl microsoft.public.win98.gen_discussion:835296 Note other segments of that discussion generally... The second bulletin relates to general advise related to on-line shopping and other related use [banking, etc.]. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-345A Microsoft Updates for Multiple Vulnerabilities Original release date: December 11, 2007 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Internet Explorer Overview Microsoft has released updates that address critical vulnerabilities in Microsoft Windows and Internet Explorer. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary commands. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Windows and Internet Explorer as part of the Microsoft Security Bulletin Summary for December 2007. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary commands. For more information, see the US-CERT Vulnerability Notes Database. II. Impact A remote, unauthenticated attacker could execute arbitrary commands on a vulnerable system. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the December 2007 security bulletins. The security bulletins describe any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * US-CERT Vulnerability Notes for Microsoft December 2007 updates - <http://www.kb.cert.org/vuls/byid?searchview&query=ms07-dec> * Microsoft Security Bulletin Summary for December 2007 - <http://www.microsoft.com/technet/security/bulletin/ms07-dec.mspx> * Microsoft Update - <https://www.update.microsoft.com/microsoftupdate/> * Windows Server Update Services - <http://www.microsoft.com/windowsserversystem/updateservices/default.mspx> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> _________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-345A.html> _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-345A Feedback VU#437393" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. _________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> ______________________________________________________________ Revision History December 11, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR18Qd/RFkHkM87XOAQKmPggAizWEwWaIVeYlbdXw6zGMS/zhqNuynvo5 D5gHuhs0UL+V96A8Aa/2c5oLaLDnR6Udk3yC8dSN1tLhwavwlQfXW33kAWWHOHpA xLzI/szcP/XRS6UgQeWC1caH6SAjdT6wbTBLh4QSa6jODGPpHFyRLbQV2x23XKC7 4ehLACrh+NRpGKSJRffZEkUHDSoFSmSpgQHpOIHHS+mHzJcqtAm8C/v7Y0i5qeRU uWSqUBLYIhpcOaYGOjbVBOyemRGAUzrNZYbfYhHyP7mF5rYu2jMDF7LwaTwvnKG8 3Ljv6ChkQ+7OzbyFDIDmX1B2ZC/gRUphdZrPkAGqPTChAAv/JbmxkQ== =lx4/ -----END PGP SIGNATURE----- ----------- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cyber Security Tip ST07-001 Shopping Safely Online Online shopping has become a popular way to purchase items without the hassles of traffic and crowds. However, the Internet has unique risks, so it is important to take steps to protect yourself when shopping online. Why do online shoppers have to take special precautions? The Internet offers a convenience that is not available from any other shopping outlet. From the comfort of your home, you can search for items from countless vendors, compare prices with a few simple mouse clicks, and make purchases without waiting in line. However, the Internet is also convenient for attackers, giving them multiple ways to access the personal and financial information of unsuspecting shoppers. Attackers who are able to obtain this information may use it for their own financial gain, either by making purchases themselves or by selling the information to someone else. How do attackers target online shoppers? There are three common ways that attackers can take advantage of online shoppers: * Targeting vulnerable computers - If you do not take steps to protect your computer from viruses or other malicious code, an attacker may be able to gain access to your computer and all of the information on it. It is also important for vendors to protect their computers to prevent attackers from accessing customer databases. * Creating fraudulent sites and email messages - Unlike traditional shopping, where you know that a store is actually the store it claims to be, attackers can create malicious web sites that mimic legitimate ones or create email messages that appear to have been sent from a legitimate source. Charities may also be misrepresented in this way, especially after natural disasters or during holiday seasons. Attackers create these malicious sites and email messages to try to convince you to supply personal and financial information. * Intercepting insecure transactions - If a vendor does not use encryption, an attacker may be able to intercept your information as it is being transmitted. How can you protect yourself? * Use and maintain anti-virus software, a firewall, and anti-spyware software - Protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer and leave you vulnerable by using anti-virus software and a firewall (see Understanding Anti-Virus Software and Understanding Firewalls for more information). Make sure to keep your virus definitions up to date. Spyware or adware hidden in software programs may also give attackers access to your data, so use a legitimate anti-spyware program to scan your computer and remove any of these files (see Recognizing and Avoiding Spyware for more information). * Keep software, particularly your web browser, up to date - Install software patches so that attackers cannot take advantage of known problems or vulnerabilities (see Understanding Patches for more information). Many operating systems offer automatic updates. If this option is available, you should enable it. * Evaluate your software's settings - The default settings of most software enable all available functionality. However, attackers may be able to take advantage of this functionality to access your computer (see Evaluating Your Web Browser's Security Settings for more information). It is especially important to check the settings for software that connects to the Internet (browsers, email clients, etc.). Apply the highest level of security available that still gives you the functionality you need. * Do business with reputable vendors - Before providing any personal or financial information, make sure that you are interacting with a reputable, established vendor. Some attackers may try to trick you by creating malicious web sites that appear to be legitimate, so you should verify the legitimacy before supplying any information (see Avoiding Social Engineering and Phishing Attacks and Understanding Web Site Certificates for more information). Locate and note phone numbers and physical addresses of vendors in case there is a problem with your transaction or your bill. * Take advantage of security features - Passwords and other security features add layers of protection if used appropriately (see Choosing and Protecting Passwords and Supplementing Passwords for more information). * Be wary of emails requesting information - Attackers may attempt to gather information by sending emails requesting that you confirm purchase or account information (see Avoiding Social Engineering and Phishing Attacks for more information). Legitimate businesses will not solicit this type of information through email. * Check privacy policies - Before providing personal or financial information, check the web site's privacy policy. Make sure you understand how your information will be stored and used (see Protecting Your Privacy for more information). * Make sure your information is being encrypted - Many sites use SSL, or secure sockets layer, to encrypt information. Indications that your information will be encrypted include a URL that begins with "https:" instead of "http:" and a lock icon in the bottom right corner of the window. * Use a credit card - Unlike debit cards, credit cards may have a limit on the monetary amount you will be responsible for paying if your information is stolen and used by someone else. You can further minimize damage by using a single credit card with a low credit line for all of your online purchases. * Check your statements - Keep a record of your purchases and copies of confirmation pages, and compare them to your bank statements. If there is a discrepancy, report it immediately (see Preventing and Responding to Identity Theft for more information). _________________________________________________________________ Authors: Mindi McDowell, Monica Maher _________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use <http://www.us-cert.gov/legal.html> This document can also be found at <http://www.us-cert.gov/cas/tips/ST07-001.html> For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR2BW6fRFkHkM87XOAQJOhAf+MeyvEabVEoG9z7Dbn6r+7VXlCUuP0lls w0pzyyBMyJfh/p4d56FIOa+U4AnksgE4DpkvM4/HMjNTg/JUYtXhPQm7u3uYcQKH 8C1ybNXHaph23hoYlrPrxaU0che7wPsWFoFm3PYI+cZ17Dxk8oFvz9SehcY80xbX PqGf3bBXnFm0gTKHp8f54/N3ErJ3DrQEyxGI4NR1zXrSJ45tsf76cCMLSi/T0r8G YBEk186THHnRxhoDvTUrUPCMocTmIcMcOZc3XM+Gr5c85x4hBXYXF3UIlvl1cpMN RCDRGD/canpB/HbI+ZEgj16MPlgqskmlU8ILC41WSq40QwqePmRWdw== =X05Z -----END PGP SIGNATURE-----
Guest MEB Posted December 23, 2007 Posted December 23, 2007 Re: Office-VISTA firewall-Adobe Flash-other vulnerabilities - US-Cert-combined Watch out for this one, FLASH issues... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA07-355A Adobe Updates for Multiple Vulnerabilities Original release date: December 21, 2007 Last revised: -- Source: US-CERT Systems Affected * Adobe Flash Player 9.0.48.0 and earlier * Adobe Flash Player 8.0.35.0 and earlier * Adobe Flash Player 7.0.70.0 and earlier Overview Adobe has released Security bulletin APSB07-20 to address multiple vulnerabilities affecting Adobe Flash Player. Attackers could exploit these vulnerabilities to execute arbitrary code, perform DNS rebinding and cross-site scripting attacks, conduct port scans, or cause a denial of service. I. Description Adobe Security Update APSB07-20 addresses a number of vulnerabilities affecting Adobe Flash 9.0.48.0 and earlier, 8.0.35.0 and earlier and 7.0.70 and earlier. Further details are available in the related vulnerability notes. An attacker could exploit these vulnerabilities by convincing a user to load a specially crafted Flash file. Flash content is widely deployed on the internet. An attacker could distribute Flash files using web sites that allow user-supplied content, like popular social networking sites. II. Impact The impacts of these vulnerabilities vary. An attacker may be able to execute arbitrary code, perform DNS rebinding or cross-site scripting attacks, conduct port scans, or cause a denial of service. III. Solution Upgrade Flash Player Upgrade Flash Player according to the information in Adobe Security bulletin APSB97-20. For the port scanning issue (CVE-2007-4324), consider ActionScript network socket functionality per TechNote kb402956. Adobe provides a way to determine which version of Flash Player is installed and a way to configure notifications of updates. IV. References * Vulnerability notes for Adobe Security Update APSB07-20 - <http://www.kb.cert.org/vuls/byid?searchview&query=APSB07-20> * Adobe Security Bulletin APSB07-20 - <http://www.adobe.com/support/security/bulletins/apsb07-20.html> * Securing Your Web Browser - <http://www.us-cert.gov/reading_room/securing_browser/> _________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA07-355A.html> _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA07-355A Feedback VU#758769" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. _________________________________________________________________ Produced 2007 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> _________________________________________________________________ Revision History December 21, 2007: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR2vXdfRFkHkM87XOAQIkugf+OFoNkAsI7vI15fuTGWKzXTTRazJ/0XjP 8Ao9dQqNJwIBwiyLr/rpuFkV5KuJoU5wr7pj9nG74Nm6VNsTTov52kLa2z4Htx6d zbDfFADHNpGQvWcXeR+OUsE/yXgMGSfesgooSbLdn9iRLSBZSDDz4WaTdhK4JVkO snIveVADwWA2vVtGgwclPx0DhxAb57t2nBKQ+pNzsiIedTBiINbWyOG/A8Sst/B9 WuN2GXA1ARmQSTSBy2nuYNeF2g9z3FVRzAcBoMJ0ss0K2RBrcshJcgoZzIatCSlc z8eQMxldtCaFuyRJTQ2vdwviBWUUlveYANTJJ6sh/rF3/EuwOyS0pg== =gxJQ -----END PGP SIGNATURE----- -- MEB http://peoplescounsel.orgfree.com ________
Recommended Posts