About

Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for March 2010. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which […]

US-CERT is aware of a backdoor in the software for the Energizer DUO USB battery charger. This backdoor may allow a remote attacker to list directories, send and receive files, and execute programs on an affected system. The software, which has been discontinued, was available for both Windows and Apple Mac OS X versions. Only the Windows version is affected […]

Cisco has released three security advisories to address vulnerabilities.Security advisory cisco-sa-20100303-cucm, addresses multiple vulnerabilities in the Cisco Unified Communications Manager which affect the Session Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP), and the Computer Telephony Integration (CTI) Manager services. Successful ex […]

Microsoft has issued a Security Bulletin Advance Notification, indicating that its March release cycle will contain two bulletins. These bulletins will have a severity rating of Important and will be for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, March 9, 2010.US-CERT will provide additional information as it […]

US-CERT asks users to be vigilant during the U.S. Census Bureau's 2010 Census campaign and to watch for potential census scams.According to the U.S. Census 2010 website, they began delivery of the printed census forms to every resident in the United States on March 1, 2010. The only way to complete the census is by filling in the form using pen and ink; […]

Microsoft has re-released the security update described in Microsoft Security Bulletin MS10-015.  This release contains an updated installation package that does not allow the security update to be installed on computers infected with malicious code. Microsoft has also released a Fix-It Tool to determine if systems are compatible with the update.US-CERT enco […]

Microsoft has released a security advisory to address a vulnerability in VBScript. The advisory indicates that this vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. By convincing a user to view a specially crafted HTML document (web page, HTML email, or email attachment) with Internet Explorer and […]

Adobe has released a security bulletin to address a vulnerability in the Adobe Download Manager. This vulnerability could allow an attacker to download and install unauthorized software.US-CERT encourages users and administrators to review security bulletin APSB10-08 and review the steps to mitigate the issue. […]

The Mozilla Foundation has released multiple security advisories to address vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or bypass security restrictions.US-CERT encourages users and administrators to review the Mozilla Foundation se […]

Cisco has released three security advisories to address vulnerabilities.Security advisory, cisco-sa-20100217-fwsm, addresses a vulnerability in the Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers. Successful and repeated exploitation of this vulnerability could result in a denial-of-service cond […]