From security em unicamp.br Mon Jan 25 16:51:55 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 25 Jan 2010 16:51:55 -0200 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA10-021A -- Microsoft Internet Explorer Vulnerabilities Message-ID: <20100125185154.GA24592@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA10-021A -- Microsoft Internet Explorer Vulnerabilities To: technical-alerts em us-cert.gov Date: Thu, 21 Jan 2010 15:55:10 -0500 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-021A Microsoft Internet Explorer Vulnerabilities Original release date: Last revised: -- Source: US-CERT Systems Affected * Microsoft Internet Explorer Overview Microsoft has released out-of-band updates to address critical vulnerabilities in Internet Explorer. I. Description Microsoft has released updates for multiple vulnerabilities in Internet Explorer, including the vulnerability detailed in Microsoft Security Advisory 979352 and US-CERT Vulnerability Note VU#49251. II. Impact By convincing a user to view a specially crafted HTML document or Microsoft Office document, an attacker may be able to execute arbitrary code with the privileges of the user. III. Solution Apply updates Microsoft has released updates to address these vulnerabilities. Please see Microsoft Security Bulletin MS10-002 for more information. Apply workarounds Microsoft has provided workarounds for some of the vulnerabilities in MS10-002. IV. References * Microsoft Security Bulletin MS10-002 - * Microsoft Security Advisory 979352 - * US-CERT Vulnerability Note VU#49251 - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA10-021A Feedback VU#49251" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History January 21, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBS1i9/C/E9ke+6HGsAQJdMQgA0HJlKy01j6rUpcpU9VHnGgPv56akxzac YQIWL0n3ggsc6EKcDM6Nnes6+VXFuZyNuzw16S2sTSh13PLjRiAdEtM3a5k/TDrX LdUEzipjYnXm0jn7EwGpoxNOHFI1fIaQhnQuWhM9S3Ri4lClROl0NZSAJnjIy7sU UiTuIkN2x/nTmYwgVXX4bczRFStgcqkcv16BHIChXqHO/zOGK0ACO/b8oG0zIHPg rEsvPy86M7v5LCNGGf6+H3bkcwjoWEOcPuXhpQkJT7BDWsz8F+kUCvCdMbbmTFzZ d0cdSCKyS7Wo9iBGBmD8R84GIALwnTyRdr9QtiFlA4UWOScV/7JFQQ== =L4w6 -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Tue Jan 26 10:11:48 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 26 Jan 2010 10:11:48 -0200 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA10-012A -- Oracle Updates for Multiple Vulnerabilities Message-ID: <20100126121147.GA30364@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA10-012A -- Oracle Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Tue, 12 Jan 2010 17:05:06 -0500 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-012A Oracle Updates for Multiple Vulnerabilities Original release date: Last revised: -- Source: US-CERT Systems Affected * Oracle Database 11g, version 11.1.0.7 * Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4 * Oracle Database 10g, version 10.1.0.5 * Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV * Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.4.0, 10.1.3.5, 10.1.3.5.1 * Oracle Application Server 10g Release 2 (10.1.2), version 10.1.2.3.0 * Oracle Access Manager versions 7.0.4.3, 10.1.4.2 * Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1 and 12.1.2 * Oracle E-Business Suite Release 11i, version 11.5.10.2 * PeopleSoft Enterprise HCM (TAM), versions 8.9 and 9.0 * Oracle WebLogic Server 10.0 through MP2, 10.3.0 and 10.3.1 * Oracle WebLogic Server 9.0 GA, 9.1 GA and 9.2 through 9.2 MP3 * Oracle WebLogic Server 8.1 through 8.1 SP6 * Oracle WebLogic Server 7.0 through 7.0 SP7 * Oracle JRockit R27.6.5 and earlier (JDK/JRE 6, 5, 1.4.2) * Primavera P6 Enterprise Project Portfolio Management 6.1, 6.2.1 and 7.0 * Primavera P6 Web Services 6.2.1, 7.0 and 7.0SP1 Overview Oracle products and components are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service. I. Description The Oracle Critical Patch Update Advisory - January 2010 addresses 24 vulnerabilities in various Oracle products and components. The document provides information about affected components, access and authorization required for successful exploitation, and the impact from the vulnerabilities on data confidentiality, integrity, and availability. Oracle has associated CVE identifiers with the vulnerabilities addressed in this Critical Patch Update. If significant additional details about vulnerabilities and remediation techniques become available, we will update the Vulnerability Notes Database. II. Impact The impact of these vulnerabilities varies depending on the product, component, and configuration of the system. Potential consequences include the execution of arbitrary code or commands, information disclosure, and denial of service. Vulnerable components may be available to unauthenticated, remote attackers. An attacker who compromises an Oracle database may be able to access sensitive information. III. Solution Apply the appropriate patches or upgrade as specified in the Oracle Critical Patch Update Advisory - January 2010. Note that this document only lists newly corrected issues. Updates to patches for previously known issues are not listed. IV. References * Oracle Patch Update Advisory - January 2010 - * Critical Patch Updates and Security Alerts - * Map of Public Vulnerability to Advisory/Alert - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA10-012A Feedback VU#148385" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History January 12, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBS0zxEducaIvSvh1ZAQLpPgf/VVrk5FTcPFRdv3map88eLhgVIDpKdQmk 1yWuAcyx1vOjEgOeDrl/DYMoNXI0jjvZ+V2r3KA9J2jO0V77J1g5vwxz9uScaU7v A4IW/Vv31T55IQmYrCsF6rtu/yhPIair2uiOFjc5xRqnoTsufhZ8wm8EBjnOElsV 8D+SjICgaOwh76WQGGJQK0kW2XkdSmGbu8a/Wwm4WvvZ1ngYeURCW32ZCiqdb+tu gCaqHCELGBCfwx0CUaWsNIwqIWBkD61JN18rnM8XNkVQ61gkbvBMlMGM/WP5CaGh epIa3qZafEbzd6iogajxUSxy37iFokKZl/2+5o8DE21QdEAE6iI8qA== =TaF2 -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Tue Jan 26 10:12:18 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 26 Jan 2010 10:12:18 -0200 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA10-012B -- Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities Message-ID: <20100126121217.GB30364@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA10-012B -- Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities To: technical-alerts em us-cert.gov Date: Tue, 12 Jan 2010 18:27:42 -0500 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-012B Microsoft Windows EOT Font and Adobe Flash Player 6 Vulnerabilities Original release date: Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows and Internet Explorer * Adobe (Macromedia) Flash Player 6 Overview Microsoft has released updates to address a vulnerability in the Windows Embedded Open Type (EOT) font engine. Microsoft has also published an Advisory about multiple vulnerabilities in Adobe (Macromedia) Flash Player 6 that is included with Windows XP. I. Description Microsoft Security Bulletin MS10-001 describes a vulnerability in the Embedded Open Type (EOT) font engine in Windows. Microsoft Security Advisory (979267) recommends that Windows XP users remove or upgrade Adobe Flash Player 6 (formerly Macromedia Flash Player) that is included with Windows XP. Vulnerability Note VU#204889 discusses one vulnerability in Flash Player 6 and provides several workarounds. These vulnerabilities could be exploited by loading specially crafted fonts or Flash content via Internet Explorer. Microsoft assigns the EOT font vulnerability a "low" severity rating in most current versions of Windows and notes that reliable code execution is unlikely. The severity rating for Windows 2000, however, is "critical." II. Impact A remote, unauthenticated attacker could execute arbitrary code, gain elevated privileges, or cause a vulnerable application to crash. III. Solution Apply updates from Microsoft Microsoft Security Bulletin MS10-001 provides updates for the EOT font vulnerability. The security bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Upgrade, Remove, or Disable Adobe Flash Player 6 Adobe Flash Player 6 is included with Windows XP. Adobe has addresssed these vulnerabilities in newer versions of Flash Player. Upgrade to a more recent version of Flash Player (such as Flash Player 10). Alternatively, uninstall Flash Player or set the kill bit for the Flash Player ActiveX control as described in Microsoft Security Advisory (979267) and Vulnerability Note VU#204889. IV. References * Microsoft Security Bulletin Summary for January 2010 - * Microsoft Security Bulletin MS10-001 - * MS10-001: Font file decompression vulnerability - * CVE-2010-0018 - * Vulnerabilities in Adobe Flash Player 6 Provided in Windows XP Could Allow Remote Code Execution - * Vulnerability Note VU#204889 - * Adobe Flash Player - * How to uninstall the Adobe Flash Player plug-in and ActiveX control - * Windows Server Update Services (WSUS) - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA10-012B Feedback VU#552113" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History January 12, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBS00EXNucaIvSvh1ZAQI6GwgAmQUsj5i0MCcOgCQvCDU49taISpIMNYfq oLzRGO7H5+/hsHBcHEHnans7msAFTrRsEa3nk3ioWRE3PY+JetvPS69M1+oNCbDN qjJ8ZxjfHWHChfSvi0MH4FHDp0QgpCGMwQ5K2fusiZYZxaooDEIPyL9T6AYlmmrH OtpAOfMYhsB8XkSbVHqKmJ95Zj3C26OWA3MHtMoBKTuda5BVVCcA/IWP3AC94WpO UiW2Xk9CVmoAa62+Cv2vSaOmN5nMgO1TncBJDgIFfVuQNR+xALBzGxPnkibgQ2xB M2cSV51649wsmmiQn4OFsQWYL3piWIgwXH9iCLU8XXirkApoQDefxg== =dQlq -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Tue Jan 26 10:13:19 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 26 Jan 2010 10:13:19 -0200 Subject: [SECURITY-L] CAIS-Alerta: Resumo dos Boletins de Segurana Microsoft - Janeiro 2010 Message-ID: <20100126121318.GC30364@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Resumo dos Boletins de Segurança Microsoft - Janeiro 2010 To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Wed, 13 Jan 2010 17:02:59 -0200 (BRST) -----BEGIN PGP SIGNED MESSAGE----- Prezados, A Microsoft publicou 1 boletim de segurança em 12 de Janeiro, que aborda 1 vulnerabilidade em produtos da empresa. A exploração desta vulnerabilidade permite a execução remota de código. No momento da publicação deste resumo não há informações sobre a códigos maliciosos (exploits) disponíveis publicamente que explorem as vulnerabilidades relacionadas nestes boletins. SEVERIDADE . Crítica - MS10-001: Vulnerabilidade no Embedded OpenType Font Engine Vulnerabilidades que permitem a execução remota de código . Importante - Nenhum boletim . Moderada - Nenhum boletim . Baixa - Nenhum boletim O sistema de classificação de severidade das vulnerabilidades adotado pelo CAIS neste resumo é o da própria Microsoft. O CAIS recomenda que se aplique, minimamente, as correções para vulnerabilidades classificadas como crítica e importante. No caso de correções para vulnerabilidades classificadas como moderadas o CAIS recomenda que ao menos as recomendações de mitigação sejam seguidas. . Crítica - Vulnerabilidades cuja exploração possa permitir a propagação de um worm sem a necessidade de interação com o usuário. . Importante - Vulnerabilidades cuja exploração possa resultar no comprometimento de confidencialidade, integridade ou disponibilidade de dados de usuários ou a integridade ou disponibilidade de recursos de processamento. . Moderada - exploração é mitigada significativamente por fatores como configuração padrão, auditoria ou dificuldade de exploração. . Baixa - uma vulnerabilidade cuja exploração seja extremamente difícil ou cujo impacto seja mínimo. CORREÇÕES DISPONÍVEIS Recomenda-se atualizar os sistemas para as versões disponíveis em: . Microsoft Update https://www.update.microsoft.com/microsoftupdate/ . Windows Server Update Services http://www.microsoft.com/windowsserversystem/updateservices/default.mspx MAIS INFORMAÇÕES . Microsoft Security Bulletin Summary for January 2010 https://www.microsoft.com/technet/security/bulletin/ms10-jan.mspx . SANS ISC Handler's Diary 2009-12-08 - Microsoft Security Bulletin: January 2010 http://isc.sans.org/diary.html?storyid=7954 . MS10-001: Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (972270) http://www.microsoft.com/technet/security/bulletin/MS10-001.mspx . Microsoft TechCenter de Segurança http://technet.microsoft.com/pt-br/security/ . Microsoft Security Response Center - MSRC http://www.microsoft.com/security/msrc/ . Microsoft Security Research & Defense - MSRD http://blogs.technet.com/srd/ . Segurança Microsoft http://www.microsoft.com/brasil/security/ Identificador CVE (http://cve.mitre.org): CVE-2010-0018 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as últimas versões e correções oferecidas pelos fabricantes. Os Alertas do CAIS também são oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBS04Y8ukli63F4U8VAQEmwAP+LKXGm0JItl896Lmc33VD9967xq6yQPq2 jzoZsRfa0wI+L3ryo4aNnfFc00aqDCS/2M5fvrdmE8Eq2dTbg5bKFqulu76kBbHD adMf+YMiHSBKHh5isV/EhngYP8fgPFod5MQU2usGPvOzRSy24qvLXqVPAXBao4iL /p1zww0V3P0= =aw8T -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Tue Jan 26 10:55:24 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Tue, 26 Jan 2010 10:55:24 -0200 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA10-013A -- Adobe Reader and Acrobat Vulnerabilities Message-ID: <20100126125523.GD30364@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA10-013A -- Adobe Reader and Acrobat Vulnerabilities To: technical-alerts em us-cert.gov Date: Wed, 13 Jan 2010 16:10:37 -0500 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-013A Adobe Reader and Acrobat Vulnerabilities Original release date: Last revised: -- Source: US-CERT Systems Affected * Adobe Reader and Acrobat 9.2 and earlier 9.x versions * Adobe Reader and Acrobat 8.1.7 and earlier 8.x versions Overview Adobe has released Security bulletin APSB10-02, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. I. Description Adobe Security Advisory APSB10-02 describes a number of vulnerabilities affecting Adobe Reader and Acrobat. These vulnerabilities affect Reader 9.2 and earlier 9.x versions and 8.1.7 and earlier 8.x versions. Further details are available in the US-CERT Vulnerability Notes Database. An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in is available for multiple web browsers and operating systems, which can automatically open PDF documents hosted on a website. Some of these vulnerabilities are being actively exploited. II. Impact These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF document. III. Solution Update Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB10-02 and update vulnerable versions of Adobe Reader and Acrobat. Disable JavaScript in Adobe Reader and Acrobat Disabling JavaScript may prevent some exploits from resulting in code execution. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; un-check Enable Acrobat JavaScript). Prevent Internet Explorer from automatically opening PDF documents The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00 Disable the display of PDF documents in the web browser Preventing PDF documents from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied it may also mitigate future vulnerabilities. To prevent PDF documents from automatically being opened in a web browser, do the following: 1. Open Adobe Acrobat Reader. 2. Open the Edit menu. 3. Choose the preferences option. 4. Choose the Internet section. 5. Un-check the "Display PDF in browser" check box. Do not access PDF documents from untrusted sources Do not open unfamiliar or unexpected PDF documents, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010. IV. References * Adobe Security Bulletin APSB10-02 - * Vulnerability Note VU#508357 - * Vulnerability Note VU#773545 - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA10-013A Feedback VU#508357" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History January 13, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBS0402NucaIvSvh1ZAQJ3NQf+IbEop63x4l0P2ns/qPIVL3XaBd6xx11n +8eqQk0+ZtpmrPb03UjWaeh1tkNu98R4sMWZQENOWVbbeYLzAKLHPNf48ewqvzbl UvmW/kLxdu88Ux1BPNpJahX3zZgGqIswYSlGyIhlkpiLhUVrzfssykwyYbGZvGVn so9Euz4/1ZThOgAFoGY8xsqXVZ45lcS6YY2ACkl84r6BBcayzVtIsvfxKDfNMvfP bxjrXNqoLB/9n6x150uo2iF1dtB6uj/V+GVRFZa/X6lySTp/R+InBK8mpsxWMPB4 /la9+twnIB5cPHpNq1WVPhxbElsM3JCAndKEiLLTencMYPLc4i1cLQ== =KC5F -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Thu Jan 28 14:44:54 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Thu, 28 Jan 2010 14:44:54 -0200 Subject: [SECURITY-L] CAIS-Alerta: Atualizacao de seguranca critica para Microsoft Internet Explorer (MS10-002) Message-ID: <20100128164453.GA44627@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Atualização de segurança crítica para Microsoft Internet Explorer (MS10-002) To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Thu, 28 Jan 2010 11:55:42 -0200 (BRST) -----BEGIN PGP SIGNED MESSAGE----- Prezados, O CAIS está repassando o alerta da Microsoft, intitulado "MS10-002 - Cumulative Security Update for Internet Explorer (978207)", que trata de sete vulnerabilidades em diversas versões do Internet Explorer. Esta atualização corrige a vulnerabilidade crítica do Internet Explorer (CVE-2010-0249) relacionada ao que convencionou chamar de "Operação Aurora", que teve diversas organizações como alvo, entre elas Google Inc. e Adobe Systems. Este boletim de segurança foi publicado fora do ciclo mensal em razão desta vulnerabilidade. No momento da publicação deste resumo há informações sobre códigos maliciosos (exploits) disponíveis publicamente que exploram as vulnerabilidades em questão. Por esta razão recomendamos a atualização imediata. CORREÇÕES DISPONÍVEIS Recomenda-se atualizar os sistemas para as versões disponíveis em: . Microsoft Update https://www.update.microsoft.com/microsoftupdate/ . Windows Server Update Services http://www.microsoft.com/windowsserversystem/updateservices/default.mspx MAIS INFORMACOES . MS10-002: Cumulative Security Update for Internet Explorer (978207) http://www.microsoft.com/technet/security/bulletin/MS10-002.mspx . Vulnerability in Internet Explorer Could Allow Remote Code Execution (979352) http://www.microsoft.com/technet/security/advisory/979352.mspx . SANS ISC Handler's Diary 2010-01-21: Microsoft January Out of Band Patch http://isc.sans.org/diary.html?storyid=8062 . McAfee - Operation Aurora http://www.mcafee.com/us/threat_center/operation_aurora.html . Microsoft TechCenter de Segurança http://technet.microsoft.com/pt-br/security/ . Microsoft Security Response Center - MSRC http://www.microsoft.com/security/msrc/ . Microsoft Security Research & Defense - MSRD http://blogs.technet.com/srd/ . Segurança Microsoft http://www.microsoft.com/brasil/security/ Identificador CVE (http://cve.mitre.org): CVE-2009-4074, CVE-2010-0027, CVE-2010-0244, CVE-2010-0245, CVE-2010-0246, CVE-2010-0247, CVE-2010-0248, CVE-2010-0249 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as últimas versões e correções oferecidas pelos fabricantes. Os Alertas do CAIS também são oferecidos no formato RSS/RDF: http://www.rnp.br/cais/alertas/rss.xml Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBS2GXbekli63F4U8VAQFLygP/Y/0HJnPNYMdpKms1VDMUA93hMU8EQwr/ if0MdmPxxZgxLW3hh16n+n6tbrnbDDtn/MSaHqQgsRMmp4lzWTb+UdWzdqIY9le5 CbozsMwGx9llZgamTmO4F3nrL4SK8rlUtQKzo60ww5h1F3/pmwsh4tfPW2Szp9D5 7KDRdCAHgHk= =8TLs -----END PGP SIGNATURE----- ----- End forwarded message -----