Technical Cyber Security Alert TA09-132A - Microsoft has released updates that address vulnerabilities in Microsoft PowerPoint.
ddbbbb4322a8aa4e21d5e568808b1ec8619cbac1da27e82a41784bfeb0acd724
Technical Cyber Security Alert TA09-105A - Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
94105afd3b535cdfbefb6dcced0c507848f22cf6a98ab82edfcc63bac48889b8
Technical Cyber Security Alert TA09-104A - Microsoft has released updates that address vulnerabilities in Microsoft Windows, Office, Windows Server, and ISA Server.
9b04e5e2a87dfc9f3da504bcc671faffbfb29a475348c6d8ffbd50699cc618ed
Technical Cyber Security Alert TA09-088A - US-CERT is aware of public reports indicating a widespread infection of the Conficker worm, which can infect a Microsoft Windows system from a thumb drive, a network share, or directly across a network if the host is not patched with MS08-067.
889abea95838642c06f272a52a5487dbaad89f603f848630737ddad4c4d9c103
Technical Cyber Security Alert TA09-069A - Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.
9ff852dd830e814efb4f93f15ca7c66fe392ee0d93aec87740c0b7c7d8f4c056
Technical Cyber Security Alert TA09-051A - Adobe has released Security Bulletin APSB09-01, which describes a vulnerability that affects Adobe Reader and Acrobat. This vulnerability could allow a remote attacker to execute arbitrary code.
d1b030978b5d5908c77fd45b7fc27bc22a2d7415ace32d36207e56d61b376b8b
Technical Cyber Security Alert TA09-041A - Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.
aa7ea04c44048b12cdc677cd86ce0008c2d001ebaac81fc7c47470892af4495f
Technical Cyber Security Alert TA09-022A - Apple has released QuickTime 7.6 to correct multiple vulnerabilities affecting QuickTime for Mac OS X and Windows. Attackers may be able to exploit these vulnerabilities to execute arbitrary code or cause a denial of service.
500fb41903e843e7705b6fa66a58d47cecf01285e9ee54072b5d4e5fb5f2889f
Technical Cyber Security Alert TA09-020A - Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft's guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability.
c47068e2df37a3ca1b19e9cdc0bb96b416950b41a92133a2740111ec322a9d3e
Technical Cyber Security Alert TA09-015A - Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service.
ea0007a5a4b7485bd1e8b3bec43af08c2934d79b21d21420850441e3a0d04b6f
Technical Cyber Security Alert TA09-013A - Microsoft has released updates that address vulnerabilities in Microsoft Windows and Windows Server.
e75326eac91ff0879a316cad42c59c87ad8221678d44f6c8d8efb5e387f6d5e0
Technical Cyber Security Alert TA08-352A - Microsoft Internet Explorer contains an invalid pointer vulnerability in its data binding code, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Exploit code for this vulnerability is publicly available and is being actively exploited.
798971c716d5bc2a9e91aeb23fe8da46be7c1dcc53d2a9830b2e1b718e3ecdd6
Technical Cyber Security Alert TA08-350A - Apple has released Security Update 2008-008 and Mac OS X version 10.5.6 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.
2e1b018b8e5aece591b477e771c696103cf6c6d9807aed4db453be91f66e8861
Technical Cyber Security Alert TA08-344A - Microsoft has released updates that address vulnerabilities in Microsoft Windows, Internet Explorer, Word, Excel, SharePoint Server, Visual Basic 6 and related components.
8883648b6f3e2c04e5be8f8603bfa8bc5bbdb6d8312fc76f60ab0b137ed930d2
Technical Cyber Security Alert TA08-340A - Sun has released alerts to address multiple vulnerabilities affecting the Sun Java Runtime Environment. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code.
50207ce9fa6dd5f34f06451dddf1035eb6c767f28c0d03b8e6d319a1e1aa4261
Technical Cyber Security Alert TA08-319A - New versions of Firefox, Thunderbird, and SeaMonkey address several vulnerabilities, the most severe of which could allow a remote attacker to execute arbitrary code on an affected system.
eff64d781642086ba6a55ca8ce9f01d3a040e4133cd4f93bc24caa0f86fe7823
Technical Cyber Security Alert TA08-316A - As part of the Microsoft Security Bulletin Summary for November 2008, Microsoft released updates to address vulnerabilities that affect Microsoft Windows, Microsoft Office, and Microsoft XML Core Services. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.
68de18fa2fc86f735abfbc4abd55463596c956e3f806957c6aa08d2e940aff75
Technical Cyber Security Alert TA08-309A - Adobe has released Security Bulletin APSB08-19 to address multiple vulnerabilities affecting Adobe Reader and Acrobat. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code.
5d187e404c6eb580ac5fe714ada2885622b0715a7b233818855807c67d87c5da
Technical Cyber Security Alert TA08-297A - A vulnerability in the way the Microsoft Windows server service handles RPC requests could allow an unauthenticated, remote attacker to execute arbitrary code with SYSTEM privileges.
7d9236a9b2db7f8dfc9ab0ebdc3b8a9dcc2523ab41f728fe85a2d709e1e574cd
Technical Cyber Security Alert TA08-288A - Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Internet Explorer, and Microsoft Office as part of the Microsoft Security Bulletin Summary for October 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.
c8b73e33ba25736f307e55bdb8f6e01b3fb903043ab1b0819f71282c39ae40c4
Technical Cyber Security Alert TA08-260A - Apple has released Security Update 2008-006 and Mac OS X version 10.5.5 to correct multiple vulnerabilities affecting Apple Mac OS X and Mac OS X Server. Attackers could exploit these vulnerabilities to execute arbitrary code, gain access to sensitive information, or cause a denial of service.
6981f18fc007237448cbbcff01311de8cb7f02161d2087f761e73d95e3fb661c
Technical Cyber Security Alert TA08-253A - Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Windows Media Encoder, and Microsoft Office as part of the Microsoft Security Bulletin Summary for September 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.
ffa7789e5c4aeaa39cba1d5325352e0bc9df4affd18477245a27b53a27c4dac4
Technical Cyber Security Alert TA08-225A - Microsoft has released updates to address vulnerabilities that affect Microsoft Windows, Office, Internet Explorer, and other related components as part of the Microsoft Security Bulletin Summary for August 2008. The most severe vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code.
dd5350024ae5483089c3928d95b00cc47c668f8b4003102c6ef508a41ac464bc
Technical Cyber Security Alert TA08-193A - Sun has released alerts to address multiple vulnerabilities affecting the Sun Java Runtime Environment. The most severe of these vulnerabilities could allow a remote attacker to execute arbitrary code.
fb35626ace7c09f0ff340228304c64438892373be175c5fc6d7cd020ab44b343
Technical Cyber Security Alert TA08-190B - DNS cache poisoning (sometimes referred to as cache pollution) is an attack technique that allows an attacker to introduce forged DNS information into the cache of a caching nameserver. The general concept has been known for some time, and a number of inherent deficiencies in the DNS protocol and defects in common DNS implementations that facilitate DNS cache poisoning have previously been identified and described in public literature. Examples of these vulnerabilities can be found in Vulnerability Note VU#800113. Recent research into these and other related vulnerabilities has produced extremely effective exploitation methods to achieve cache poisoning. Tools and techniques have been developed that can reliably poison a domain of the attacker's choosing on most current implementations. As a result, the consensus of DNS software implementers is to implement source port randomization in their resolvers as a mitigation.
10c537ddc2efba49c0fba600c2294c0a31948e3fc94cf0ccfe2f52a55cb128d3