From security em unicamp.br Thu Oct 7 11:44:29 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Thu, 7 Oct 2010 11:44:29 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA10-279A -- Adobe Reader and Acrobat Affected by Multiple Vulnerabilities Message-ID: <20101007144429.GC36826@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA10-279A -- Adobe Reader and Acrobat Affected by Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Wed, 6 Oct 2010 09:35:26 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-279A Adobe Reader and Acrobat Affected by Multiple Vulnerabilities Original release date: October 06, 2010 Last revised: -- Source: US-CERT Systems Affected * Adobe Reader 9.3.4 and earlier versions for Windows, Macintosh, and UNIX * Adobe Acrobat 9.3.4 and earlier versions for Windows and Macintosh * Adobe Reader 8.2.4 and earlier versions for Windows, Macintosh, and UNIX * Adobe Acrobat 8.2.4 and earlier versions for Windows and Macintosh Overview Adobe has released Security Bulletin APSB10-21, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. I. Description Adobe Security Bulletin APSB10-21 describes a number of vulnerabilities affecting Adobe Reader and Acrobat. These vulnerabilities affect Reader and Acrobat 9.3.4, earlier 9.x versions, 8.2.4, and earlier 8.x versions. An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems. Additional information is available in US-CERT Vulnerability Note VU#491991. II. Impact These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file. III. Solution Update Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB10-21 and update vulnerable versions of Adobe Reader and Acrobat. Disable JavaScript in Adobe Reader and Acrobat Disabling JavaScript may prevent some exploits from resulting in code execution. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript). Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this feature may be useful when specific APIs are known to be vulnerable or used in attacks. Prevent Internet Explorer from automatically opening PDF files The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00 Disable the display of PDF files in the web browser Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities. To prevent PDF files from automatically being opened in a web browser, do the following: 1. Open Adobe Acrobat Reader. 2. Open the Edit menu. 3. Choose the Preferences option. 4. Choose the Internet section. 5. Uncheck the "Display PDF in browser" checkbox. Do not access PDF files from untrusted sources Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010. IV. References * Security update available for Adobe Reader and Acrobat - * US-CERT Vulnerability Note VU#491991 - * Adobe Reader and Acrobat JavaScript Blacklist Framework - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA10-279A Feedback VU#491991" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History October 06, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTKxxvD6pPKYJORa3AQIL3wgAp2tynQw73VA+B70fuEl+os17BeVaP8zn 5aoWS6QBRx+Q8Ijw1wnKT1sF4IWaDWTWqPo0yt6MLx8WwO2ei8WaB+aMOwy9ZBo3 BbCOPSM63/3jBrJuCDs4x2PhZDzg2GJf4Zw8NN2oCSOXMxYGhx16QQzo2lY35CBJ cvCSiLtNQuqpnvNMi2DJhArwxStK9Un2fli7IqwXzC6+RIgrk1l/EAM/6CO2+AwJ Se0bDWBjwR5YverLEXoLuBbF0lHvQ0+V/vT5Q/zBDYUwcWkBL2n7NwdbKI9pYZxL 8Te7YapqAnMNgI1/PnYI/W369Vq3U6QoQVVR9ZoyLGw8x0A57cpU2g== =Rc0h -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Thu Oct 7 11:46:16 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Thu, 7 Oct 2010 11:46:16 -0300 Subject: [SECURITY-L] CAIS-Alerta: Inicio do Horario de Verao 2010/2011 Message-ID: <20101007144615.GD36826@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Errata - Início do Horário de Verão 2010/2011 To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Wed, 6 Oct 2010 11:30:43 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados O CAIS gostaria de informar que o Horário de Verão 2010/2011 terá início à zero hora (00:00) de 17 de outubro de 2010 e término à zero hora (00:00) de 20 de fevereiro de 2011. O decreto no. 6.558 de 8 de setembro de 2008 determinou datas fixas de início e encerramento do período de Horário de Verão. O início sempre será à zero hora do terceiro domingo de outubro e o encerramento sempre à zero hora do terceiro domingo de fevereiro do ano seguinte. Se o terceiro domingo de fevereiro for um domingo de Carnaval então o encerramento é automaticamente transferido para zero hora do domingo seguinte. No domingo de 17 de outubro, será preciso adiantar os relógios em 1 hora nos estados da região Sul, Sudeste e Centro-Oeste que participam do Horário de Verão. . Rio Grande do Sul . Santa Catarina . Paraná . São Paulo . Rio de Janeiro . Espírito Santo . Minas Gerais . Goiás . Mato Grosso . Mato Grosso do Sul . Distrito Federal Lembramos a todos que, tratando-se de incidentes de segurança, a precisão dos relógios dos sistemas é fundamental para manter a consistência dos logs, além de ser imprescindível nas investigações e identificação de responsáveis. Lembramos ainda que os logs reportados durante a vigência do Horário de Verão estarão no timezone UTC-0200 (GMT-2). Mais informações: . Decreto no. 6.558 de 8 de setembro de 2008 - Institui a hora de verão em parte do território nacional http://www.planalto.gov.br/ccivil_03/_ato2007-2010/2008/decreto/d6558.htm . ANEEL - Informacoes Técnicas - Horário de Verão http://www.aneel.gov.br/65.htm . Hora Legal Brasileira http://www.horalegalbrasil.mct.on.br ALTERAÇÕES DE CONFIGURAÇÃO NECESSÁRIAS PARA O HORÁRIO DE VERÃO 2010/2011 O horário de verão tem relação com o timezone (fuso horário) configurado no sistema. Ao alterar o timezone altera-se o parâmetro do sistema que determina a diferença em horas entre o horário absoluto (UTC / GMT 0) e o horário local. Se o relógio do sistema (horário absoluto) marca 16:00:00 UTC, ajustado por NTP, temos: . Para o timezone do Brasília (UTC-3), o horário mostrado ao usuário será 13:00h ou UTC-3 (hora local) . Para o timezone de Paris (França - UTC+1) o horário mostrado ao usuário será 17:00h ou UTC+1 (hora local) . No período de vigência do horário de verão, o timezone de Brasília será alterado para UTC-2, desta forma o horário mostrado ao usuário será 14:00:00 ou UTC-2 (hora local) Lembramos que o sincronismo de hora através de servidores NTP não sofre modificações devido ao início ou fim do horário de verão. Quaisquer mudanças de horário nos sistemas no período do horário de verão se devem às configurações do fuso horário local no sistema. O horário de referência oferecido pelos servidores NTP não sofre alterações. O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as últimas versões e correções oferecidas pelos fabricantes. Os Alertas do CAIS também são oferecidos no formato RSS/RDF e no Twitter: http://www.rnp.br/cais/alertas/rss.xml Siga @cais_rnp Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel: http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBTKyIO+kli63F4U8VAQGDJgP/ZNezYIIfIpohqN3Hum+BvU072+rNqUiv mIVNOxmF6aSRUrIucHcyO4vZ9HIu00fhPFKpubuEgxTH3zDYYDUAr0bH982c3HmR a4cXAvDjFmoiL4NZlyeAIsVYgOEO+bkppizWXh2YOYMoQH8FAGGj0Wd4COufEH65 naM23YIG1pI= =vV6v -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Oct 13 12:29:41 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 13 Oct 2010 12:29:41 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA10-285A -- Microsoft Updates for Multiple Vulnerabilities Message-ID: <20101013152940.GA11056@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA10-285A -- Microsoft Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Tue, 12 Oct 2010 14:00:01 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-285A Microsoft Updates for Multiple Vulnerabilities Original release date: October 12, 2010 Last revised: -- Source: US-CERT Systems Affected * Microsoft Windows * Microsoft Office * Internet Explorer Overview There are multiple vulnerabilities in Microsoft Windows, Microsoft Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for October 2010 describes multiple vulnerabilities in Microsoft Windows, Microsoft Office, and Internet Explorer. Microsoft has released updates to address the vulnerabilities. II. Impact A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable system or application to crash. III. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for October 2010. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * Microsoft Security Bulletin Summary for October 2010 - * Microsoft Windows Server Update Services - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA10-285A Feedback VU#220143" in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History October 12, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTLSbkT6pPKYJORa3AQL48ggAsGtbVyaWwbvCrIgTuKMSS40ScAJ63H/Z JmwDhgnkvfiT/n/AVv9jx3ApE8Q3y1l20bvd2AcfIQ5MqU8Ep68WC4CLGkVTnwH2 eyMuyegQg8fMXVB4qzcF9CYfcbRsBqW1H0PuZTdDCJZcETR8V9VFXHKKSes7B5gr qM0/dSkZ+k/kaQWvNyGifV8OaK0z58YCrY8iOdHFVtoWiNUMm/BO4z/MkZykS/a8 6BOmRwT8JpVlN9mbcH6JfSwT0jhBA3agOlaw6yF4sA5piVxbcfMAPgw59sq4yt50 GNbWWbWMoc/Xv10t/4JFlKf2DorKp9Vniqlmnti6xQ4iyv7fIDfDEQ== =IXMY -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Fri Oct 15 09:07:21 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Fri, 15 Oct 2010 09:07:21 -0300 Subject: [SECURITY-L] US-CERT Technical Cyber Security Alert TA10-287A -- Oracle Updates for Multiple Vulnerabilities Message-ID: <20101015120720.GA17597@unicamp.br> ----- Forwarded message from US-CERT Technical Alerts ----- From: US-CERT Technical Alerts Subject: US-CERT Technical Cyber Security Alert TA10-287A -- Oracle Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Thu, 14 Oct 2010 16:05:54 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA10-287A Oracle Updates for Multiple Vulnerabilities Original release date: October 14, 2010 Last revised: -- Source: US-CERT Systems Affected * Oracle Database 11g Release 2, version 11.2.0.1 * Oracle Database 11g Release 1, version 11.1.0.7 * Oracle Database 10g Release 2, versions 10.2.0.3 and 10.2.0.4 * Oracle Database 10g, Release 1, version 10.1.0.5 * Oracle Fusion Middleware, 11gR1, versions 11.1.1.1.0 and 11.1.1.2.0 * Oracle Application Server, 10gR3, version 10.1.3.5.0 * Oracle Application Server, 10gR2, version 10.1.2.3.0 * Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0, and 10.1.3.4.1 * Oracle Identity Management 10g, versions 10.1.4.0.1 and 10.1.4.3 * Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1, and 12.1.2 * Oracle E-Business Suite Release 11i, versions 11.5.10 and 11.5.10.2 * Agile PLM, version 9.3.0.0 * Oracle Transportation Management, versions 5.5, 6.0, and 6.1 * PeopleSoft Enterprise CRM, FMS, HCM, and SCM (Supply Chain), versions 8.9, 9.0, and 9.1 * PeopleSoft Enterprise EPM, Campus Solutions, versions 8.9, 9.0, and 9.1 * PeopleSoft Enterprise PeopleTools, versions 8.49 and 8.50 * Siebel Core, versions 7.7, 7.8, 8.0, and 8.1 * Primavera P6 Enterprise Project Portfolio Management, versions 6.21.3.0 and 7.0.1.0 * Oracle Sun Product Suite * Oracle VM, version 2.2.1 Overview The Oracle products and components listed above are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure, and denial of service. I. Description The Oracle Critical Patch Update Advisory - October 2010 addresses 85 vulnerabilities in various Oracle products and components, including 31 vulnerabilities in Sun products. The Advisory provides information about affected components, access and authorization required for successful exploitation, and the impact from the vulnerabilities on data confidentiality, integrity, and availability. Oracle has associated CVE identifiers with the vulnerabilities addressed in this Critical Patch Update. More detail about one of the vulnerabilities is available in US-CERT Vulnerability Note VU#174089. The Oracle Siebel Suite Executive Summary section of the Oracle Advisory notes, "None of these vulnerabilities may be remotely exploitable without authentication, i.e., none may be exploited over a network without the need for a username and password." A system with the Siebel Option Pack for IE ActiveX control installed on it can be attacked remotely by an unauthenticated attacker by enticing the user to access a specially crafted HTML file (most likely a web site controlled by the attacker). II. Impact The impact of these vulnerabilities varies depending on the product, component, and configuration of the system. Potential consequences include the execution of arbitrary code or commands, information disclosure, and denial of service. Vulnerable components may be available to unauthenticated, remote attackers. An attacker who compromises an Oracle database may be able to access sensitive information. III. Solution Apply the appropriate patches or upgrade as specified in the Oracle Critical Patch Update Advisory - October 2010. Note that this document only lists newly corrected issues. Updates to patches for previously known issues are not listed. IV. References * Oracle Critical Patch Update Advisory - October 2010 - * Oracle Siebel Option Pack for IE ActiveX control memory initialization vulnerability - ____________________________________________________________________ The most recent version of this document can be found at: ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA10-287A Feedback " in the subject. ____________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit . ____________________________________________________________________ Produced 2010 by US-CERT, a government organization. Terms of use: ____________________________________________________________________ Revision History October 14, 2010: Initial release -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBTLdg2j6pPKYJORa3AQJJMAgAklN9lGMBDGubMs4PH828mXxV4bUUJcy1 BjF9m0/NOiM5ZUGbHxRBove/bvRNaEpzMjXECvolUadPxoN5I6p0KUfyzF1y74dL UtP4DfttaRXd5teNKjgsQ5Q1gWUHx2/HEA7TmMmGu5Jt804tO60mmahu/rRjZ0+C SfZ/4Lij4C+1fayb+tQ00RRl8jHABAmt24hhL00/gAOHwtFCvtF/VHVbjhdRN77t VeEmQpN9Gwonpg8osu2ne5vmzdlUezAHY2xkDsHiP/Nglcee1knYYw9C3bLPLWYS giewtv+TfdQU0oY3lht3c91oNGMYc+6xIwHYZ1ILsffF7x+Y58tczg== =jqNG -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Mon Oct 18 10:16:38 2010 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 18 Oct 2010 10:16:38 -0200 Subject: [SECURITY-L] CAIS-Alerta: Resumo dos Boletins de Segurana Microsoft - Outubro/2010 Message-ID: <20101018121638.GA72981@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Resumo dos Boletins de Segurança Microsoft - Outubro/2010 To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br Date: Fri, 15 Oct 2010 17:03:37 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, A Microsoft publicou 16 boletins de segurança em 12 de Outubro que abordam ao todo 47 vulnerabilidades em produtos da empresa. A exploração destas vulnerabilidades permitem execução remota de código e escalação de privilégios de usuários locais conectados. No momento da publicação deste resumo há exploração ativa de uma das vulnerabilidades do boletim: MS10-073 (CVE-2010-2743). SEVERIDADE . Crítica - MS10-071: Atualização de segurança cumulativa para o Internet Explorer Vulnerabilidade que permite a execução remota de código - MS10-075: Vulnerabilidade no Media Player Network Sharing Service Vulnerabilidade que permite a execução remota de código - MS10-076: Vulnerabilidade no Embedded OpenType (EOT) Font Engine Vulnerabilidade que permite a execução remota de código - MS10-077: Vulnerabilidade no Microsoft .NET Framework Vulnerabilidade que permite a execução remota de código . Importante - MS10-072: Vulnerabilidades no SafeHTML do Microsoft SharePoint e Windows SharePoint Services Vulnerabilidade que permite a divulgação de informações - MS10-073: Vulnerabilidade nos drivers kernel-mode do Windows Vulnerabilidade que permite escalação de privilégios de usuários locais conectados - MS10-078: Vulnerabilidade no driver Windows OpenType Font (OTF) Vulnerabilidade que permite escalação de privilégios de usuários locais conectados - MS10-079: Vulnerabilidade no Microsoft Office Word Vulnerabilidade que permite a execução remota de código - MS10-080: Vulnerabilidade no Microsoft Office Excel Vulnerabilidade que permite a execução remota de código - MS10-081: Vulnerabilidade no Windows Common Control Library Vulnerabilidade que permite a execução remota de código - MS10-082: Vulnerabilidade no Windows Media Player Vulnerabilidade que permite a execução remota de código - MS10-083: Vulnerabilidade na validação COM do Windows Shell e Wordpad Vulnerabilidade que permite a execução remota de código - MS10-084: Vulnerabilidade no Windows Local Procedure Call (LPC) Vulnerabilidade que permite escalação de privilégios de usuários locais conectados - MS10-085: Vulnerabilidade no Secure Channel (SChannel) Vulnerabilidade que permite a negação de serviço . Moderada - MS10-074: Vulnerabilidade no Microsoft Foundation Classes (MFC) Vulnerabilidade que permite a execução remota de código - MS10-086: Vulnerabilidade no Windows Shared Cluster Disks Vulnerabilidade que permite a manipulação de dados no sistema . Baixa - Nenhum boletim O sistema de classificação de severidade das vulnerabilidades adotado pelo CAIS neste resumo é o da própria Microsoft. O CAIS recomenda que se aplique, minimamente, as correções para vulnerabilidades classificadas como crítica e importante. No caso de correções para vulnerabilidades classificadas como moderadas o CAIS recomenda que ao menos as recomendações de mitigação sejam seguidas. . Crítica - Vulnerabilidades cuja exploração possa permitir a propagação de um worm sem a necessidade de interação com o usuário. . Importante - Vulnerabilidades cuja exploração possa resultar no comprometimento de confidencialidade, integridade ou disponibilidade de dados de usuários ou a integridade ou disponibilidade de recursos de processamento. . Moderada - exploração é mitigada significativamente por fatores como configuração padrão, auditoria ou dificuldade de exploração. . Baixa - uma vulnerabilidade cuja exploração seja extremamente difícil ou cujo impacto seja mínimo. CORREÇÕES DISPONÍVEIS Recomenda-se atualizar os sistemas para as versões disponíveis em: . Microsoft Update https://www.update.microsoft.com/microsoftupdate/ . Windows Server Update Services http://www.microsoft.com/windowsserversystem/updateservices/default.mspx MAIS INFORMAÇÕES . Microsoft Security Bulletin Summary for October 2010 http://www.microsoft.com/technet/security/Bulletin/MS10-oct.mspx . SANS ISC Handler's Diary 2010-10-12 - October 2010 Microsoft Black Tuesday Summary http://isc.sans.edu/diary.html?storyid=9736 . MS10-071 - Cumulative Security Update for Internet Explorer (2360131) http://www.microsoft.com/technet/security/bulletin/ms10-071.mspx . MS10-072 - Vulnerabilities in SafeHTML Could Allow Information Disclosure (2412048) http://www.microsoft.com/technet/security/bulletin/ms10-072.mspx . MS10-073 - Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957) http://www.microsoft.com/technet/security/bulletin/MS10-073.mspx . MS10-074 - Vulnerability in Microsoft Foundation Classes Could Allow Remote Code Execution (2387149) http://www.microsoft.com/technet/security/bulletin/MS10-074.mspx . MS10-075 - Vulnerability in Media Player Network Sharing Service Could Allow Remote Code Execution (2281679) http://www.microsoft.com/technet/security/bulletin/MS10-075.mspx . MS10-076 - Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (982132) http://www.microsoft.com/technet/security/bulletin/MS10-076.mspx . MS10-077 - Vulnerability in .NET Framework Could Allow Remote Code Execution (2160841) http://www.microsoft.com/technet/security/bulletin/MS10-077.mspx . MS10-078 - Vulnerabilities in the OpenType Font (OTF) Format Driver Could Allow Elevation of Privilege (2279986) http://www.microsoft.com/technet/security/bulletin/MS10-078.mspx . MS10-079 - Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2293194) http://www.microsoft.com/technet/security/bulletin/MS10-079.mspx . MS10-080 - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2293211) http://www.microsoft.com/technet/security/bulletin/ms10-080.mspx . MS10-081 - Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011) http://www.microsoft.com/technet/security/bulletin/MS10-081.mspx . MS10-082 - Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111) http://www.microsoft.com/technet/security/bulletin/MS10-082.mspx . MS10-083 - Vulnerability in COM Validation in Windows Shell and WordPad Could Allow Remote Code Execution (2405882) http://www.microsoft.com/technet/security/bulletin/ms10-083.mspx . MS10-084 - Vulnerability in Windows Local Procedure Call Could Cause Elevation of Privilege (2360937) http://www.microsoft.com/technet/security/bulletin/MS10-084.mspx . MS10-085 - Vulnerability in SChannel Could Allow Denial of Service (2207566) http://www.microsoft.com/technet/security/bulletin/MS10-085.mspx . MS10-086 - Vulnerability in Windows Shared Cluster Disks Could Allow Tampering (2294255) http://www.microsoft.com/technet/security/bulletin/MS10-086.mspx . Microsoft TechCenter de Segurança http://technet.microsoft.com/pt-br/security/ . Microsoft Security Response Center - MSRC http://www.microsoft.com/security/msrc/ . Microsoft Security Research & Defense - MSRD http://blogs.technet.com/srd/ . Segurança Microsoft http://www.microsoft.com/brasil/security/ Identificador CVE (http://cve.mitre.org): CVE-2010-1263, CVE-2010-1883, CVE-2010-2740, CVE-2010-2741, CVE-2010-2743, CVE-2010-2744, CVE-2010-2745, CVE-2010-2746, CVE-2010-3214, CVE-2010-3216, CVE-2010-3222, CVE-2010-3225, CVE-2010-3228, CVE-2010-3232, CVE-2010-3234, CVE-2010-3235, CVE-2010-3236, CVE-2010-3238, CVE-2010-3239, CVE-2010-3326, CVE-2010-3328, CVE-2010-3329, CVE-2010-3331, CVE-2010-2747, CVE-2010-2748, CVE-2010-2750, CVE-2010-3215, CVE-2010-3217, CVE-2010-3218, CVE-2010-3219, CVE-2010-3220, CVE-2010-3221, CVE-2010-3230, CVE-2010-3231, CVE-2010-3233, CVE-2010-3237, CVE-2010-3240, CVE-2010-3241, CVE-2010-3242, CVE-2010-2549, CVE-2010-3229, CVE-2010-3243, CVE-2010-3324, CVE-2010-3325, CVE-2010-3330 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as últimas versões e correções oferecidas pelos fabricantes. Os Alertas do CAIS também são oferecidos no formato RSS/RDF e no Twitter: http://www.rnp.br/cais/alertas/rss.xml Siga @cais_rnp Atenciosamente, ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBTLizoukli63F4U8VAQHfMQQAwoeKw+RbH2M8eGokuczSoh+xyACS1kVa +9WLOreBhOP8GNc0a5X/AwPDHAM/7lF+fEE4zzR0tiEb0o7zvDvdoc95rbKLuTCW 3a5pgTs4ZGXfzbRA59E/ft4OA5TT5Va3bCQEmRoVR8sJ6I0DfW1qHtNXDMEoCFM/ pnEGMoTTPXQ= =rfEU -----END PGP SIGNATURE----- ----- End forwarded message -----