US CERT Current Activity

Adobe has released a security advisory to alert users of vulnerabilities affecting the following software:

• Adobe Flash Player 11.1.102.55 and earlier versions for Windows, Macintosh, Linux, and Solaris operating systems
• Adobe Flash Player 11.1.112.61 and earlier versions for Android 4.x
• Adobe Flash Player 11.1.111.5 and earlier versions for Android 3.x and 2.x

Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition, take control of the affected system, or perform a cross-site scripting attack.

US-CERT encourages users and administrators to review the Adobe Security Bulletin APSB12-03 and apply any necessary updates to help mitigate the risk.

Google has released Chrome 17.0.963.56 for Linux, Macintosh, Windows, and Google Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update to Chrome 17.0.963.56.

Cisco has released a security advisory to address a vulnerability in the following Cisco NX-OS Software Series:

• Cisco Nexus 1000v Series Switches
  
• Cisco Nexus 5000 Series Switches
• Cisco Nexus 7000 Series Switches

 Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition.

US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20120215 and apply any necessary updates or workarounds to help mitigate the risk.

Oracle released its February Critical Patch Update (CPU) containing 14 security fixes for the following products:

• JDK and JRE 7 Update 2 and earlier
• JDK and JRE 5 Update 30 and earlier
• JDK and JRE 5.0 Update 33 and earlier
• SDK and JRE 1.4.2_35 and earlier
• JavaFX 2.0.2 and earlier

US-CERT encourages users and administrators to review the Oracle Java SE Critical Patch Update Advisory for February 2012 and apply any necessary updates to help mitigate the risk.

Adobe has released a security bulletins for Adobe Shockwave Player and RoboHelp to address multiple vulnerabilities affecting the following software versions:

• Adobe Shockwave Player 11.6.3.633 and earlier versions for Windows and Macintosh
• Adobe RoboHelp 9 or 8 for Word on Windows

Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or perform a cross-site scripting attack. 

US-CERT encourages users and administrators to review Adobe Security Bulletins APSB12-02 and APSB12-04 and apply any necessary updates to help mitigate the risks.

The Mozilla Foundation has released Firefox 10.0.1 to address a vulnerability. This vulnerability may cause a denial-of-service condition or potentially allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the Mozilla Foundation Advisory for Firefox 10.0.1 and apply any necessary updates to help mitigate the risk.

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .Net Framework, Silverlight, Office, and Server Software as part of the Microsoft Security Bulletin Summary for February 2012. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges.

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.

Google has released Chrome 17.0.963.46 for Linux, Mac, Windows, and Google Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code and cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update to Chrome 17.0.963.46.

In the past, US-CERT has received reports of an increased number of phishing scams and malware campaigns that take advantage of the United States tax season. Due to the upcoming tax deadline, US-CERT reminds users to remain cautious when receiving unsolicited email that could be part of a potential phishing scam or malware campaign.

These phishing scams and malware campaigns may include, but are not limited to, the following:

• information that refers to a tax refund,
• warnings about unreported or under-reported income,
• offers to assist in filing for a refund, and
• details about fake e-file websites.

These messages, which may appear to be from the IRS, may ask users to submit personal information via email or may instruct the user to follow a link to a website that requests personal information or contains malicious code.

US-CERT encourages users and administrators to take the following measures to protect themselves from these types of phishing scams and malware campaigns:

• Do not follow unsolicited web links in email messages.
• Maintain up-to-date antivirus software.
• Refer to the IRS website related to phishing, email, and bogus website scams for scam samples and reporting information.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.
• Forward suspected phishing emails to phishing@irs.gov.
  

Apple has released security updates for Apple OS X Lion 10.7 to 10.7.2, OS X Lion Server 10.7 to 10.7.2, Mac OS 10.6.8, and Mac OS X Server v 10.6.8 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, and bypass security restrictions.

US-CERT encourages users and administrators to review Apple Support Article HT5130 and apply any necessary updates to help mitigate the risks.

Additional information regarding CVE-2011-3449 can be found in US-CERT Vulnerability Note VU#410281.

Additional information regarding CVE-2011-3446 can be found in US-CERT Vulnerability Note VU#403593.

The Mozilla Foundation has released Firefox 10 and Firefox 3.6.26 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or perform a cross-site scripting attack.

US-CERT encourages users and administrators to review the Mozilla Foundation Advisories for Firefox 10 and Firefox 3.6.26 and apply any necessary updates to help mitigate the risk.