copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Training
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login

  Home » Publications » AusCERT Web Log » Major Vulnerabilities, patches and a Storm of Love
 

Major Vulnerabilities, patches and a Storm of Love
Date: 17 January 2008

Click here for printable version
AusCERT Week in Review
18 January 2008

Greetings,

Another week of serious vulnerabilities and serious patches. We started off
with yet another Quicktime remote code execution vulnerability, followed by
equally serious vulnerabilities in SAP MaxDB and yaSSL. Oracle released
their critical patches for January which addressed 26 vulnerabilities across
their product range, and Adobe released their January Bulletins.

Two more noteworthy vulnerabilities that were brought to light this week
are the Microsoft Excel vulnerability and that of the UPnP vulnerability,
both of which are currently being exploited in the wild. Please make sure
you are aware of these issues and take precautions to protect against them.

It also seems we didn't have to wait until Easter to see a new Storm
variation. Being a male I overlooked Valentines Day which is coming up soon,
or so my girlfriend tells me. Emails expressing words of love and devotion
have been flooding in this week in an attempt to convince the sentimental
to visit different URL's and become infected. Be sure to keep your virus
definition files up to date and as always have a safe and enjoyable weekend.

Regards,

Paul


Comments? Click here http://www.auscert.org.au/render.html?cid=7066&it=8666