Further Information

AU-2007.0012 -- AusCERT Update - [Win] - Microsoft announce out of band patch for animated cursor vulnerability - Microsoft have announced that they will be releasing an out of band security update correcting the animated cursor vulnerability (CVE-2007-0038). (03/04/2007)

AU-2007.0011 -- AusCERT Update - [Win] - New worms exploiting the Animated Cursor vulnerability - Reports have been published regarding new worms exploiting the Windows Animated Cursor vulnerability. (02/04/2007)

AU-2007.0009 -- AusCERT Update - [Win] - Exploit code publicly released for Microsoft ADODB.Connection ActiveX Control vulnerability - US-CERT has released a current activity report regarding publicly available exploit code for a recent vulnerability in the Microsoft ADODB.Connection ActiveX Control (MS07-009). (27/03/2007)

AU-2007.0008 -- AusCERT Update - [Win][UNIX/Linux] - Firefox 2.0.0.1 and 1.5.0.9 additional vulnerability allows remote compromise - This most recently disclosed vulnerability can not be mitigated by turning off JavaScript. (08/03/2007)

AU-2007.0007 -- AusCERT Update - [Win] - Additional Symantec Norton products affected by ActiveX control vulnerability - (26/02/2007)

AU-2007.0006 -- AusCERT Update - [Win] - Variations on the "Prime Minister heart attack" trojan run - AusCERT has observed additional variations of yesterday's "Prime Minister heart attack" trojan. (19/02/2007)

AU-2007.0005 -- AusCERT Update - [Win] - CA Personal Firewall privilege escalation vulnerabilities now fixed - This CA advisory addresses the vulnerability previously reported in AA-2006.0094. (12/02/2007)

AU-2007.0004 -- AusCERT Update - [Cisco] - SIP DoS vulnerability also affects IOS devices fully configured for SIP - New information has become available, and IOS devices which are properly configured for SIP processing are also vulnerable to this issue, previously reported in ESB-2007.0070. (11/02/2007)

AU-2007.0003 -- AusCERT Update - [Win] - Exploit code released for CA BrightStor ARCserve Backup - Exploit code has been released for recent CA BrightStor ARCserve Backup vulnerabiities (02/02/2007)

AU-2007.0002 -- AusCERT Update - [Win] - ColdFusion vulnerability allows reading of file contents - (11/01/2007)

AU-2007.0001 -- AusCERT Update - [Win][Linux] - Server-side workarounds to prevent cross-site scripting due to Adobe Reader and Acrobat - The mitigations in this bulletin help guard against the possibility that some customers or users of an authenticated website may still have the vulnerable versions of Adobe Reader installed. (10/01/2007)

AU-2006.0041 -- AusCERT Update - [Win] - Fixes released for vulnerabilities in Adobe Reader and Acrobat - (07/12/2006)

AU-2006.0038 -- AusCERT Update - [Win][UNIX/Linux] - Analysis of the Oracle October 2006 Critical Patch Update - (25/10/2006)

AU-2006.0040 -- AusCERT Update - [Win] - CA BrightStor ARCserve Backup and CA Protection Suites - previous update did not fix remote vulnerability - CA's previous software update failed to properly fix one of the serious remote vulnerabilities reported in AL-2006.0094. Additional software updates must be applied. (24/10/2006)

AU-2006.0039 -- AusCERT Update - [Win] - Re-release of software update for MS06-061 - (20/10/2006)

AU-2006.0036 -- AusCERT Update - [Win][UNIX/Linux][OSX] - Reported Mozilla JavaScript engine vulnerabilities still unconfirmed - The unconfirmed Mozilla Javascript engine vulnerabilities reported in AU-2006.0035 are still under investigation, according to a statement from Mozilla (05/10/2006)

AU-2006.0035 -- AusCERT Update - [Win][UNIX/Linux][OSX] - Unconfirmed vulnerabilities in Mozilla JavaScript engine may allow remote execution of arbitrary code - There have been unconfirmed reports of unpatched vulnerabilities in the JavaScript engine for Mozilla products, including Firefox. (03/10/2006)

AU-2006.0034 -- AusCERT Update - [Win] - Patch released for Microsoft Internet Explorer VML buffer overflow vulnerability - Microsoft has released a patch for the recently reported Internet Explorer VML vulnerability. (27/09/2006)

AU-2006.0030 -- AusCERT Update - [Win] - Recently reported PowerPoint vulnerability has existing patch - Patches have been available since March for the PowerPoint vulnerabilities mentioned in AusCERT Alert AL-2006.0070 (23/08/2006)

AU-2006.0029 -- AusCERT Update - [Win] - New MocBot variants exploiting recent Microsoft vulnerability - New variants of the MocBot worm are currently exploiting vulnerabilities from MS06-040. (14/08/2006)

AU-2006.0028 -- AusCERT Update - [OSX] - Security Update 2006-004 for Mac Pro - (10/08/2006)

AU-2006.0027 -- AusCERT Update - [Win] - Public exploit code released for Microsoft DHCP and IIS Vulnerabilities MS06-034 and MS06-036 - AusCERT has become aware of a publicly available exploit of the recent Microsoft Windows DHCP Client vulnerability described in MS06-036. (24/07/2006)

AU-2006.0026 -- AusCERT Update - [Win] - Microsoft PowerPoint vulnerability allows execution of arbitrary code - Microsoft has recently released a bulletin regarding the recently reported PowerPoint vulnerability. AusCERT Advisory AA-2006.0046 has been updated to reflect this. (18/07/2006)

AU-2006.0025 -- AusCERT Update - [Debian] - Revised Debian OpenOffice.org update fixes arbitrary code execution - (07/07/2006)

AU-2006.0024 -- AusCERT Update - [Win][UNIX/Linux] - Lotus Domino SMTP Based Denial of Service - This advisory provides further details on one of the vulnerabilities reported previously in AA-2006.0001. An external attacker can potentially stop Domino email delivery within the organisation by sending a malformed message from outside. (28/06/2006)

AU-2006.0023 -- AusCERT Update - [Win] - Re-release of software update for MS06-025 - (28/06/2006)

AU-2006.0022 -- AusCERT Update - [Win] - New domain names used by "NAB Bankrupt" trojan - The recent "National Bank bankrupt?!" trojan spam has been re-released, this time with a subject of "National Bank Closing and Blocking Accounts without a notice!". (22/06/2006)

AU-2006.0021 -- AusCERT Update - [Win][Mac][OSX] - Second unpatched buffer overflow found in Excel - Another unpatched vulnerability has been discovered in Microsoft Excel. (21/06/2006)

AU-2006.0019 -- AusCERT Update - [Win] - Trojan authors target Australian web forums - The 'National Bank bankrupt?!' email from AL-2006.0049 was widely posted in Australian web forums on 12 June 2006. Users following links contained may have been infected with malcious code. (16/06/2006)

AU-2006.0018 -- AusCERT Update - [Win] - MS06-011 - Microsoft Security Bulletin Re-Release - (15/06/2006)

AU-2006.0017 -- AusCERT Update - [Win] - Microsoft releases bulletin regarding unpatched Word buffer overflow vulnerability - Microsoft have released a bulletin regarding the recent Word buffer overflow vulnerability. (23/05/2006)

AU-2006.0016 -- AusCERT Update - [Win][UNIX/Linux] - Active exploiting of RealVNC 4.1.1 vulnerability - The RealVNC vulnerability reported in AA-2006.0030 is being actively exploited. (19/05/2006)

AU-2006.0015 -- AusCERT Update - [Win][UNIX/Linux] - MySQL 4.0.27 now available fixing recent vulnerabilities - (15/05/2006)

AU-2006.0012 -- AusCERT Update - [Win] - Microsoft Security Bulletin MS06-015 Re-Release - (27/04/2006)

AU-2006.0010 -- AusCERT Update - [Win] - 'Falling Dollar' trojan email exploiting Internet Explorer createTextRange vulnerability - Internet Explorer createTextRange vulnerability is being actively exploited (30/03/2006)


Previous  1, 2, 3, 4, 5  Next denotes AusCERT member only content.