Feed aggregator

TA12-346A: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: December 11, 2012 | Last revised: -- Systems Affected Microsoft Windows Microsoft Office Microsoft Server Software Internet Explorer Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for December 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for December 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for December 2012 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History December 11, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-318A: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: November 13, 2012 | Last revised: -- Systems Affected Microsoft Windows Microsoft Office Microsoft .NET Framework Internet Explorer Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for November 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for November 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for November 2012 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History November 13, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-283A: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/25/2013 - 15:09
Original release date: October 09, 2012 | Last revised: -- Systems Affected Microsoft Windows Microsoft Office Microsoft Server Software Microsoft Lync Microsoft SQL Server Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for October 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply Updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for October 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for October 2012 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History October 09, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-265A: Microsoft Releases Patch for Internet Explorer Exploit

US Cert latest breaches - Mon, 02/11/2013 - 14:01
Original release date: September 21, 2012 | Last revised: -- Systems Affected Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Overview Microsoft has released Security Bulletin MS12-063 to address the use-after-free vulnerability that has been actively exploited this past week. Description Microsoft Internet Explorer versions 6, 7, 8, and 9 are susceptible to a use-after-free vulnerability. This vulnerability is being actively exploited in the wild. Microsoft has released Security Bulletin MS12-063 to patch this vulnerability and four others. This vulnerability was previously mentioned in US-CERT Alert TA12-262A. Additional information is available in US-CERT Vulnerability Note VU#480095. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution US-CERT recommends that Internet Explorer users run Windows Update as soon as possible to apply the MS12-063 patch. References Microsoft Security Bulletin MS12-063 US-CERT Alert: Microsoft Security Advisory for Internet Explorer Exploit Microsoft Windows Update US-CERT Vulnerability Note VU#480095 Revision History September 21, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-262A: Microsoft Security Advisory for Internet Explorer Exploit

US Cert latest breaches - Mon, 02/11/2013 - 14:01
Original release date: September 18, 2012 | Last revised: -- Systems Affected Microsoft Internet Explorer 7 Microsoft Internet Explorer 8 Microsoft Internet Explorer 9 Overview An unpatched use-after-free vulnerability in Microsoft Internet Explorer versions 7, 8, and 9 is being exploited in the wild. Microsoft has released Security Advisory 2757760 with mitigation techniques. Description Microsoft Internet Explorer versions 7, 8, and 9 are susceptible to a use-after-free vulnerability. This vulnerability is being actively exploited in the wild. At this time, there is no patch available for this vulnerability. End-users can mitigate the vulnerability by using Microsoft's Enhanced Mitigation Experience Toolkit. Additional mitigation advice is available in the MSRC blog post: "Microsoft Releases Security Advisory 2757760" and US-CERT Vulnerability Note VU#480095. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution US-CERT recommends Internet Explorer users read Microsoft Security Advisory 2757760 and apply mitigation techniques such as using the Microsoft Enhanced Mitigation Experience Toolkit. References Microsoft Security Advisory (2757760) MSRC Blog: Microsoft Releases Security Advisory 2757760 Download Microsoft EMET 3.0 US-CERT Vulnerability Note VU#480095 Revision History September 18, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-255A: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 02/11/2013 - 14:01
Original release date: September 11, 2012 | Last revised: -- Systems Affected Microsoft Developer Tools Microsoft Server Software Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for September 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for September 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for September 2012 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History September 11, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-251A: Microsoft Update For Minimum Certificate Key Length

US Cert latest breaches - Mon, 01/28/2013 - 13:10
Original release date: September 07, 2012 | Last revised: -- Systems Affected Windows XP Service Pack 3 Windows XP Professional x64 Edition Service Pack 2 Windows Server 2003 Service Pack 2 Windows Server 2003 x64 Edition Service Pack 2 Windows Server 2003 with SP2 for Itanium-based Systems Windows Vista Service Pack 2 Windows Vista x64 Edition Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for Itanium-based Systems Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Overview Microsoft has announced the availability of an update to Windows that restricts the use of certificates with RSA keys that are less than 1024 bits in length. Microsoft is planning to release this update through Microsoft Update in October 2012. System administrators of Microsoft Windows platforms should assess the impact of this update on their environment before any wide-scale deployment. Description Microsoft's KB2661254 article states in part: "The strength of public-key-based cryptographic algorithms is determined by the time that it takes to derive the private key by using brute-force methods. The algorithm is considered to be strong enough when the time that it takes to derive private key is prohibitive enough by using the computing power at disposal. The threat landscape continues to evolve. Therefore, Microsoft is further hardening the criteria for the RSA algorithm with key lengths that are less than 1024 bits long. After the update is applied, only certificate chains that are built by using the CertGetCertificateChain function are affected. The CryptoAPI builds a certificate trust chain and validates that chain by using time validity, certificate revocation, and certificate policies (such as intended purposes). The update implements an additional check to make sure that no certificate in the chain has an RSA key length of less than 1024 bits." Impact The private keys used in certificates with RSA keys that are less than 1024 bits in length can be derived and could allow an attacker to duplicate the certificates and use them fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. Solution US-CERT recommends that system administrators of Microsoft Windows platforms read Microsoft's KB2661254 article and perform an extensive test of the update before doing any wide-scale deployment in their environment. The update will be sent to Microsoft Update for the October 2012 patch cycle. System administrators can obtain the update now from Microsoft's Download Center. References Microsoft Security Advisory: Update for minimum certificate key length Microsoft Security Advisory (2661254) Update For Minimum Certificate Key Length Windows PKI Blog: RSA keys under 1024 bits are blocked Windows PKI Blog: Blocking RSA Keys less than 1024 bits (part 2) Microsoft Download Center: Search results for KB2661254 Revision History September 07, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-240A: Oracle Java 7 Security Manager Bypass Vulnerability

US Cert latest breaches - Mon, 01/14/2013 - 10:56
Original release date: August 27, 2012 | Last revised: -- Systems Affected Any system using Oracle Java 7 (1.7, 1.7.0) including: Java Platform Standard Edition 7 (Java SE 7) Java SE Development Kit (JDK 7) Java SE Runtime Environment (JRE 7) Web browsers using the Java 7 Plug-in are at high risk. Overview A vulnerability in the way Java 7 restricts the permissions of Java applets could allow an attacker to execute arbitrary commands on a vulnerable system. Description A vulnerability in the Java Security Manager allows a Java applet to grant itself permission to execute arbitrary operating system commands. An attacker could use social engineering techniques to entice a user to visit a link to a web site hosting a malicious applet. Any web browser using the Java 7 Plug-in is affected. Reports indicate this vulnerability is being actively exploited, and exploit code is publicly available. Impact By convincing a user to load a malicious Java applet, an attacker could execute arbitrary operating system commands on a vulnerable system with the privileges of the Java Plug-in process. Solution Disable the Java Plug-in Disabling the Java web browser plug-in will prevent Java applets from from running. Here are instructions for several common web browsers: Apple Safari: How to disable the Java web plug-in in Safari Mozilla Firefox: How to turn off Java applets Google Chrome: See the "Disable specific plug-ins" section of the Chrome Plug-ins documentation. Microsoft Internet Explorer: Change the value of the UseJava2IExplorer registry key to 0. Depending on the versions of Windows and the Java plug-in, the key can be found in these locations: HKLM\Software\JavaSoft\Java Plug-in\{version}\UseJava2IExplorer HKLM\Software\Wow6432Node\JavaSoft\Java Plug-in\{version}\UseJava2IExplorer The Java Control Panel (javacpl.exe) does not reliably configure the Java plug-in for Internet Explorer. Instead of editing the registry, it is possible to run javacpl.exe as Administrator, navigate to the Advanced tab, Default Java for browsers, and use the space bar to de-select the Microsoft Internet Explorer option. Use NoScript NoScript is a browser extension for Mozilla Firefox browsers that provides options to block Java applets. References Vulnerability Note VU#636312 Zero-Day Season is Not Over Yet Let's start the week with a new Java 0-day in Metasploit http://pastie.org/4594319 The Security Manager Java 7 0-Day vulnerability information and mitigation. How to disable the Java web plug-in in Safari How to turn off Java applets NoScript Revision History August 27, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-227A: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 12/17/2012 - 04:00
Original release date: August 14, 2012 | Last revised: -- Systems Affected Microsoft Windows Microsoft Internet Explorer Microsoft Office Microsoft Developer Tools Microsoft Server Software Microsoft SQL Server Microsoft Exchange Overview Select Microsoft software products contain multiple vulnerabilities.  Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for August 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for August 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for August 2012 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History August 14, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-192A: Microsoft Updates for Multiple Vulnerabilities

US Cert latest breaches - Mon, 12/17/2012 - 04:00
Original release date: July 10, 2012 | Last revised: -- Systems Affected Microsoft Windows Microsoft Internet Explorer Microsoft Office Microsoft Developer Tools Microsoft Server Software Overview Select Microsoft software products contain multiple vulnerabilities.  Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for July 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for July 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for July 2012 Microsoft Windows Server Update Services Microsoft Update Microsoft Update Overview Turn Automatic Updating On or Off Revision History July 10, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.

TA12-174A: Microsoft XML Core Services Attack Activity

US Cert latest breaches - Sun, 11/18/2012 - 23:10
Original release date: June 22, 2012 | Last revised: -- Systems Affected Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 are affected. Microsoft Internet Explorer, Microsoft Office 2003, and Microsoft Office 2007 are affected due to their use of XML Core Services. Overview Microsoft Security Advisory (2719615) warns of active attacks using a vulnerability in Microsoft XML Core Services. Microsoft Internet Explorer and Microsoft Office can be used as attack vectors. Description Microsoft Security Advisory (2719615), a Google Online Security blog post, Sophos, and other sources report active attacks exploiting a vulnerability in Microsoft XML Core Services (CVE-2012-1889). Attack scenarios involve exploits served by compromised web sites and delivered in Office documents. Reliable public exploit code is available, and attacks may become more widespread. Impact By convincing a victim to view a specially crafted web page or Office document, an attacker could execute arbitrary code and take any action as the victim. Solution As of June 22, 2012, a comprehensive update is not available. Consider the following workarounds. Apply Fix it Apply the Fix it solution described in Microsoft Knowledge Base Article 2719615. This solution uses the Application Compatibility Database feature to make runtime modifications to XML Core Services to patch the vulnerability. Disable scripting Configure Internet Explorer to disable Active Scripting in the Internet  and Local intranet zones as described in Microsoft Security Advisory (2719615). See also Securing Your Web Browser. Use the Enhanced Mitigation Experience Toolkit (EMET) EMET is a utility to configure Windows runtime mitigation features such as Data Execution Prevention (DEP), Address Space Layout Randomization (ASLR), and Structured Exception Handler Overwrite Protection (SEHOP). These features, particularly the combination of system-wide DEP and ASLR, make it more difficult for an attacker to successfully exploit a vulnerability. Configure EMET for Internet Explorer as described in Microsoft Security Advisory (2719615). References Microsoft Security Advisory (2719615) Microsoft Security Advisory: Vulnerability in Microsoft XML Core Services could allow remote code execution NVD Vulnerability Summary for CVE-2012-1889 Microsoft XML vulnerability under active exploitation European aeronautical supplier's website infected with "state-sponsored" zero-day exploit Securing Your Web Browser Application Compatibility Database Revision History June 22, 2012: Initial release This product is provided subject to this Notification and this Privacy & Use policy.
Syndicate content