Loading ...US-CERT is aware of public reports of malicious code circulating via spam email messages impersonating the Department of Homeland Security (DHS). The attacks arrive via unsolicited email messages that may contain subject lines related to DHS or other government activity. These messages may contain a link or attachment. If users click on this link or [...]
Filed under: Security | No Comments »
Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for February 2010. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with elevated privileges.
US-CERT encourages users and administrators to review the bulletins and follow best-practice security [...]
Filed under: Security | No Comments »
Microsoft has released security advisory 954157 to notify users of an update that increases the security of the Indeo codec on Microsoft Windows 2000, XP, and Server 2003. The advisory states that the Indeo codec running on these systems may allow remote code execution when opening specially crafted media content. Microsoft indicates that this update [...]
Filed under: Security | No Comments »
Mozilla has released Firefox 3.0.15 and Firefox 3.5.4 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, execute arbitrary JavaScript with chrome privileges, or cause a denial-of-service condition. As described in the Mozilla Foundation Security Advisories, some of these vulnerabilities may also affect SeaMonkey.
US-CERT encourages users to review [...]
Filed under: Security | No Comments »
The Federal Bureau of Investigation (FBI) has released information warning the public about fraudulent email messages purporting to come from the FBI or the Department of Homeland Security. These email messages contain a malicious attachment that claims to provide an intelligence report or bulletin, but in reality attempts to launch malware on the user’s system.
More [...]
Filed under: Security | No Comments »
Microsoft has released Security Advisory 973472 to alert users about a vulnerability in Microsoft Office Web Components. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code. The advisory indicates that Microsoft is aware of attacks attempting to exploit the vulnerability.
US-CERT encourages users and administrators to review Microsoft Security Advisory 973472 and [...]
Filed under: Security | No Comments »
Microsoft has issued a Security Bulletin Advance Notification indicating that the July release cycle will contain six bulletins, three of which will have a severity rating of critical. The notification states that these critical bulletins are for Microsoft Windows. There will also be three important bulletins for Microsoft Office, Virtual PC and Virtual Server, and [...]
Filed under: Security | No Comments »
Microsoft has released security advisory 971778 indicating that it is investigating public reports of a vulnerability in DirectX. This vulnerability exists in the way Microsoft DirectShow handles QuickTime files and does not require Apple QuickTime to be installed on the system. By convincing a user to open a specially crafted QuickTime media file, a remote [...]
Filed under: Security | No Comments »
Microsoft has released an update to address a vulnerability in Microsoft Office as part of the Microsoft Security Bulletin Summary for May 2009. By convincing a user to open a specially crafted PowerPoint file, an attacker may be able to execute arbitrary code.
US-CERT encourages users and administrators to review the bulletin and follow best-practice security [...]
Filed under: Security | No Comments »
