From security em unicamp.br Mon Sep 10 09:47:46 2012 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 10 Sep 2012 12:47:46 +0000 Subject: [SECURITY-L] US-CERT Alert TA12-251A - Microsoft Update For Minimum Certificate Key Length Message-ID: <20120910124746.GB71395@unicamp.br> ----- Forwarded message from US-CERT Alerts ----- From: US-CERT Alerts Subject: US-CERT Alert TA12-251A - Microsoft Update For Minimum Certificate Key Length To: technical-alerts em us-cert.gov Date: Fri, 7 Sep 2012 12:07:27 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System US-CERT Alert TA12-251A Microsoft Update For Minimum Certificate Key Length Original release date: September 07, 2012 Last revised: -- Systems Affected * Windows XP Service Pack 3 * Windows XP Professional x64 Edition Service Pack 2 * Windows Server 2003 Service Pack 2 * Windows Server 2003 x64 Edition Service Pack 2 * Windows Server 2003 with SP2 for Itanium-based Systems * Windows Vista Service Pack 2 * Windows Vista x64 Edition Service Pack 2 * Windows Server 2008 for 32-bit Systems Service Pack 2 * Windows Server 2008 for x64-based Systems Service Pack 2 * Windows Server 2008 for Itanium-based Systems Service Pack 2 * Windows 7 for 32-bit Systems and Windows 7 for 32-bit Systems Service Pack 1 * Windows 7 for x64-based Systems and Windows 7 for x64-based Systems Service Pack 1 * Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1 * Windows Server 2008 R2 for Itanium-based Systems * Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 * Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) * Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) * Windows Server 2008 R2 for x64-based Systems and Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Overview Microsoft has announced the availability of an update to Windows that restricts the use of certificates with RSA keys that are less than 1024 bits in length. Microsoft is planning to release this update through Microsoft Update in October 2012. System administrators of Microsoft Windows platforms should assess the impact of this update on their environment before any wide-scale deployment. Description Microsoft's KB2661254 article states in part: "The strength of public-key-based cryptographic algorithms is determined by the time that it takes to derive the private key by using brute-force methods. The algorithm is considered to be strong enough when the time that it takes to derive private key is prohibitive enough by using the computing power at disposal. The threat landscape continues to evolve. Therefore, Microsoft is further hardening the criteria for the RSA algorithm with key lengths that are less than 1024 bits long. After the update is applied, only certificate chains that are built by using the CertGetCertificateChain function are affected. The CryptoAPI builds a certificate trust chain and validates that chain by using time validity, certificate revocation, and certificate policies (such as intended purposes). The update implements an additional check to make sure that no certificate in the chain has an RSA key length of less than 1024 bits." Impact The private keys used in certificates with RSA keys that are less than 1024 bits in length can be derived and could allow an attacker to duplicate the certificates and use them fraudulently to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. Solution US-CERT recommends that system administrators of Microsoft Windows platforms read Microsoft's KB2661254 article and perform an extensive test of the update before doing any wide-scale deployment in their environment. The update will be sent to Microsoft Update for the October 2012 patch cycle. System administrators can obtain the update now from Microsoft's Download Center. References * Microsoft Security Advisory: Update for minimum certificate key length * Microsoft Security Advisory (2661254) Update For Minimum Certificate Key Length * Windows PKI Blog: RSA keys under 1024 bits are blocked * Windows PKI Blog: Blocking RSA Keys less than 1024 bits (part 2) * Microsoft Download Center: Search results for KB2661254 Revision History September 07, 2012: Initial release ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA12-251A Feedback VU#221532" in the subject. ____________________________________________________________________ Produced by US-CERT, a government organization. ____________________________________________________________________ This product is provided subject to this Notification: http://www.us-cert.gov/privacy/notification.html Privacy & Use policy: http://www.us-cert.gov/privacy/ This document can also be found at http://www.us-cert.gov/cas/techalerts/TA12-251A.html For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBUEoR6HdnhE8Qi3ZhAQKMoggAn6DlhiX9DOd7ek2Q0WyqN8ZuRUjdclPy 5vPw+TUDzNSVdUrXGTxM1w/gVcNw7s58qpwv1dnJ/a7APgMV3NBZIfOJLjpepi1n ArQfhxQ31H00PqYzpNwLbVcsazDqys4xLSsEHgRhqpdAkacX9I8saRy6X3FERuhR KQiBNhr+0LuKGxLdMEbCDlfncF+RVWxjHkw08QczZPIHEDog8OM06OXQxLOwqbgy sqJU2mKkOfDTNzVktLFDstoXtZNqcL8vQnVatQpzR/1X9dcsfgUdEwTGkLLzlB/T xjuKTaMADbbWyKEycc9QV9eqF+LxPi3oMZcSZPehIIWe9VoVB9OgvA== =9JKA -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Sep 12 09:16:36 2012 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 12 Sep 2012 12:16:36 +0000 Subject: [SECURITY-L] US-CERT Alert TA12-255A - Microsoft Updates for Multiple Vulnerabilities Message-ID: <20120912121635.GA90906@unicamp.br> ----- Forwarded message from US-CERT Alerts ----- From: US-CERT Alerts Subject: US-CERT Alert TA12-255A - Microsoft Updates for Multiple Vulnerabilities To: technical-alerts em us-cert.gov Date: Tue, 11 Sep 2012 15:56:17 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System US-CERT Alert TA12-255A Microsoft Updates for Multiple Vulnerabilities Original release date: September 11, 2012 Last revised: -- Systems Affected * Microsoft Developer Tools * Microsoft Server Software Overview Select Microsoft software products contain multiple vulnerabilities. Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for September 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for September 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References * Microsoft Security Bulletin Summary for September 2012 * Microsoft Windows Server Update Services * Microsoft Update * Microsoft Update Overview * Turn Automatic Updating On or Off Revision History September 11, 2012: Initial release ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA12-255A Feedback VU#842655" in the subject. ____________________________________________________________________ Produced by US-CERT, a government organization. ____________________________________________________________________ This product is provided subject to this Notification: http://www.us-cert.gov/privacy/notification.html Privacy & Use policy: http://www.us-cert.gov/privacy/ This document can also be found at http://www.us-cert.gov/cas/techalerts/TA12-255A.html For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBUE+HzndnhE8Qi3ZhAQLQ5QgAkfoBMeCJohInh+x+Tfd4yYYfxNPKMJvH 67cDQfMgw79HxdIabPxiq2492aV17w9ggbujFkvc1p36yOmesC6UBumjeBxgzrZO qxTLAeXTJidLdwHfsz15qn3hBYUd6QR2kBUHEFPBwIMK80JD++uzEM/GQN3cQYBj NM7PBNieUOtZL9t6rsnhXdMfkYtAEoV5e94g8WAqKsXdKCNtexulwq/m+FRgNKjX cNu+yYIN64kDmpdNRW+rkwL0MxeX6srdqSvfPxsOeB0ORYwCoa6M9JsLImnzyoxA vZXGUclYv1pAuhdW4U+tHOpRh5JfkgWWULI14FXP4ErGRqYMWNsCMw== =tUXF -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Thu Sep 13 10:13:26 2012 From: security em unicamp.br (CSIRT - UNICAMP) Date: Thu, 13 Sep 2012 13:13:26 +0000 Subject: [SECURITY-L] CAIS-Alerta: Resumo dos Boletins de Segurana Microsoft - Setembro/12 Message-ID: <20120913131326.GA363@unicamp.br> ----- Forwarded message from Centro de Atendimento a Incidentes de Seguranca ----- From: Centro de Atendimento a Incidentes de Seguranca Subject: CAIS-Alerta: Resumo dos Boletins de Segurança Microsoft - Setembro/12 To: pop-seg em cais.rnp.br, rnp-alerta em cais.rnp.br, rnp-seg em cais.rnp.br cc: Centro de Atendimento a Incidentes de Seguranca Date: Wed, 12 Sep 2012 17:16:12 -0300 (BRT) -----BEGIN PGP SIGNED MESSAGE----- Prezados, A Microsoft publicou 2 boletins de segurança em 11 de setembro que abordam ao todo 2 vulnerabilidades em produtos da empresa. A exploração destas vulnerabilidades permitem elevação de privilégio. Até o momento da publicação deste alerta não há exploração ativa de nenhuma das vulnerabilidades. SEVERIDADE . Crítica - Nenhum boletim . Importante - MS12-061 - Vulnerabilidade no Visual Studio Team Foundation Server pode permitir elevação de privilégio - MS12-062 - Vulnerabilidade no Microsoft System Center Configuration Manager pode permitir elevação de privilégio . Moderada - Nenhum boletim . Baixa - Nenhum boletim O sistema de classificação de severidade das vulnerabilidades adotado pelo CAIS neste resumo é o da própria Microsoft. O CAIS recomenda que se aplique, minimamente, as correções para vulnerabilidades classificadas como crítica e importante. No caso de correções para vulnerabilidades classificadas como moderadas o CAIS recomenda que ao menos as recomendações de mitigação sejam seguidas. . Crítica - Vulnerabilidades cuja exploração possa permitir a propagação de um worm sem a necessidade de interação com o usuário. . Importante - Vulnerabilidades cuja exploração possa resultar no comprometimento de confidencialidade, integridade ou disponibilidade de dados de usuários ou a integridade ou disponibilidade de recursos de processamento. . Moderada - exploração é mitigada significativamente por fatores como configuração padrão, auditoria ou dificuldade de exploração. . Baixa - uma vulnerabilidade cuja exploração seja extremamente difícil ou cujo impacto seja mínimo. CORREÇÕES DISPONÍVEIS Recomenda-se atualizar os sistemas para as versões disponíveis em: . Microsoft Update https://www.update.microsoft.com/microsoftupdate/ . Windows Server Update Services http://www.microsoft.com/windowsserversystem/updateservices/default.mspx MAIS INFORMAÇÕES . Resumo do Boletim de Segurança da Microsoft de setembro 2012 http://technet.microsoft.com/en-us/security/bulletin/ms12-sep . Microsoft TechCenter de Segurança http://technet.microsoft.com/pt-br/security/ . Microsoft Security Response Center - MSRC http://www.microsoft.com/security/msrc/ . Microsoft Security Research&Defense - MSRD http://blogs.technet.com/srd/ . Segurança Microsoft http://www.microsoft.com/brasil/security/ . MS12-061 - Vulnerabilidade no Visual Studio Team Foundation Server pode permitir elevação de privilégio http://technet.microsoft.com/en-us/security/bulletin/ms12-061 . MS12-062 - Vulnerabilidade no Microsoft System Center Configuration Manager pode permitir elevação de privilégio http://technet.microsoft.com/en-us/security/bulletin/ms12-062 Identificador CVE (http://cve.mitre.org): CVE-2012-1892, CVE-2012-2536 O CAIS recomenda que os administradores mantenham seus sistemas e aplicativos sempre atualizados, de acordo com as últimas versões e correções oferecidas pelos fabricantes. Os Alertas do CAIS também são oferecidos no formato RSS/RDF e no Twitter: http://www.rnp.br/cais/alertas/rss.xml Siga @caisrnp Atenciosamente, Equipe do CAIS/RNP ################################################################ # CENTRO DE ATENDIMENTO A INCIDENTES DE SEGURANCA (CAIS) # # Rede Nacional de Ensino e Pesquisa (RNP) # # # # cais em cais.rnp.br http://www.cais.rnp.br # # Tel. 019-37873300 Fax. 019-37873301 # # Chave PGP disponivel http://www.rnp.br/cais/cais-pgp.key # ################################################################ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Made with pgp4pine 1.76 iQCVAwUBUFDuyukli63F4U8VAQFUvgP/UPgnv5XeZGt5lkTtoe2nFw/JB8yWcyBp n8gECr6Gcoys4ifuFrC7ynMC8QT+SVpHbO9OO418bRxGdhcTnWTVSYG1sVq0IWyb YwJEYAKMS5OePdp3OlhN7Z1szKrKxYVS2IG2PB39wdANxY8J2MkRvancQ1tS1mDB E7BodSM2eck= =lsNv -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Sep 19 12:36:40 2012 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 19 Sep 2012 15:36:40 +0000 Subject: [SECURITY-L] [technical-alerts@us-cert.gov: US-CERT Alert TA12-262A - Microsoft Security Advisory for Internet Explorer Exploit] Message-ID: <20120919153640.GB57721@unicamp.br> ----- Forwarded message from US-CERT Alerts ----- Return-Path: Received: from bolonha.unicamp.br (bolonha.unicamp.br [143.106.10.29]) by hermes.unicamp.br (Cyrus v2.3.14) with LMTPA; Wed, 19 Sep 2012 01:05:02 -0300 X-Sieve: CMU Sieve 2.3 Received: from localhost (localhost [127.0.0.1]) by bolonha.unicamp.br (Postfix) with ESMTP id 2763A9F170; Wed, 19 Sep 2012 01:05:02 -0300 (BRT) X-DSPAM-Result: Innocent X-DSPAM-Class: Innocent X-DSPAM-Confidence: 0.99 X-DSPAM-Probability: 0.0000 X-DSPAM-Signature: N/A X-Virus-Scanned: amavisd-new at unicamp.br X-Spam-Flag: NO X-Spam-Score: -0.838 X-Spam-Level: X-Spam-Status: No, score=-0.838 required=6.9 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_SOFTFAIL=0.972, UEC_HAS_MAILING_LIST=-0.01, DSPAM:Innocent=-1.000] autolearn=disabled Received: from bolonha.unicamp.br ([127.0.0.1]) by localhost (bolonha.unicamp.br [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y-+lPaeJU1BA; Wed, 19 Sep 2012 01:05:00 -0300 (BRT) Received: from florenca.unicamp.br (florenca.unicamp.br [143.106.10.159]) by bolonha.unicamp.br (Postfix) with ESMTP id 5D63F9F137; Wed, 19 Sep 2012 01:05:00 -0300 (BRT) Received: from johnson.nickel.us-cert.gov (unknown [147.72.252.47]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by florenca.unicamp.br (Postfix) with ESMTPS id 6C688FF758; Wed, 19 Sep 2012 01:04:58 -0300 (BRT) Received: from johnson.nickel.us-cert.gov (localhost [127.0.0.1]) by johnson.nickel.us-cert.gov (8.14.4/8.14.4/1.10) with ESMTP id q8IKrHBw028054; Tue, 18 Sep 2012 16:56:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=us-cert.gov; s=ye2ramdjwkxu; t=1348001800; bh=28+3z72ZIeyYfPYcHVcQx8al/lsMLc+YMrHmlN0mmKg=; h=Date:Message-Id:From:To:Subject:Sender:Reply-To:Cc:In-Reply-To: References; b=FwtnTJVt50Dchfi+wq1o01NZLLR7ccnwScuwwzT9oHBuNlXVLAZ7KWTNSosMXLBRs Nqkirfhpr4sK8WNzeKtv0iAhz2df2UFX9C5GfhnhwrqABvrGlxqLbU06mUdb17UlxN qOpcHMQibgtjtb1NpsJiarMXVcupqFYHLzZsr2Aw= Received: (from lnchuser em localhost) by johnson.nickel.us-cert.gov (8.14.4/8.14.4/1.2) id q8IKnJrR009815; Tue, 18 Sep 2012 16:49:19 -0400 Date: Tue, 18 Sep 2012 16:49:19 -0400 Message-Id: From: US-CERT Alerts To: technical-alerts em us-cert.gov Organization: US-CERT - +1 202-205-5266 List-Id: US-CERT Alerts List-Help: , List-Subscribe: List-Unsubscribe: List-Post: NO (posting not allowed on this list) List-Archive: Subject: US-CERT Alert TA12-262A - Microsoft Security Advisory for Internet Explorer Exploit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System US-CERT Alert TA12-262A Microsoft Security Advisory for Internet Explorer Exploit Original release date: September 18, 2012 Last revised: -- Systems Affected * Microsoft Internet Explorer 7 * Microsoft Internet Explorer 8 * Microsoft Internet Explorer 9 Overview An unpatched use-after-free vulnerability in Microsoft Internet Explorer versions 7, 8, and 9 is being exploited in the wild. Microsoft has released Security Advisory 2757760 with mitigation techniques. Description Microsoft Internet Explorer versions 7, 8, and 9 are susceptible to a use-after-free vulnerability. This vulnerability is being actively exploited in the wild. At this time, there is no patch available for this vulnerability. End-users can mitigate the vulnerability by using Microsoft's Enhanced Mitigation Experience Toolkit. Additional mitigation advice is available in the MSRC blog post: "Microsoft Releases Security Advisory 2757760" and US-CERT Vulnerability Note VU#480095. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution US-CERT recommends Internet Explorer users read Microsoft Security Advisory 2757760 and apply mitigation techniques such as using the Microsoft Enhanced Mitigation Experience Toolkit. References * Microsoft Security Advisory (2757760) * MSRC Blog: Microsoft Releases Security Advisory 2757760 * Download Microsoft EMET 3.0 * US-CERT Vulnerability Note VU#480095 Revision History September 18, 2012: Initial release ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA12-262A Feedback VU#480095" in the subject. ____________________________________________________________________ Produced by US-CERT, a government organization. ____________________________________________________________________ This product is provided subject to this Notification: http://www.us-cert.gov/privacy/notification.html Privacy & Use policy: http://www.us-cert.gov/privacy/ This document can also be found at http://www.us-cert.gov/cas/techalerts/TA12-262A.html For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBUFjR/XdnhE8Qi3ZhAQKbYgf/ea8sgQoPJhjLd95pO0Xqejz+82rgVVFX jiEAZcKpNygrCdh5NKNsEuZXQvsn4bew+pg3jgf5mplXLtl05WrOukZ7SL74GQjy LFNPeRZ+nB8q6KwIEAGoeDFkewZqdzV0ro/z/ttMHjtbSteHoa9hrYqrwqPURZT0 JgGmth33YDV0VK1KZkgmD15mA1CMAPwbdVqL3WdznR/Dm9HyXi1XkRemA5TmBH8j TpiMbHoUFZm79ZC/PbjE07NVZm5YNoTrWBZpebhsDssgnfBnL6J2BTtKeBKMVMcb NNul23iMf7ydy6FjAvDmhmQ9A7WMyky+SFavYTr5GsXN8AkDhuOrJA== =K/5z -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Wed Sep 19 15:09:01 2012 From: security em unicamp.br (CSIRT - UNICAMP) Date: Wed, 19 Sep 2012 18:09:01 +0000 Subject: [SECURITY-L] US-CERT Alert TA12-262A - Microsoft Security Advisory for Internet Explorer Exploit Message-ID: <20120919180901.GA58433@unicamp.br> ----- Forwarded message from US-CERT Alerts ----- From: US-CERT Alerts Subject: US-CERT Alert TA12-262A - Microsoft Security Advisory for Internet Explorer Exploit To: technical-alerts em us-cert.gov Date: Tue, 18 Sep 2012 16:49:19 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System US-CERT Alert TA12-262A Microsoft Security Advisory for Internet Explorer Exploit Original release date: September 18, 2012 Last revised: -- Systems Affected * Microsoft Internet Explorer 7 * Microsoft Internet Explorer 8 * Microsoft Internet Explorer 9 Overview An unpatched use-after-free vulnerability in Microsoft Internet Explorer versions 7, 8, and 9 is being exploited in the wild. Microsoft has released Security Advisory 2757760 with mitigation techniques. Description Microsoft Internet Explorer versions 7, 8, and 9 are susceptible to a use-after-free vulnerability. This vulnerability is being actively exploited in the wild. At this time, there is no patch available for this vulnerability. End-users can mitigate the vulnerability by using Microsoft's Enhanced Mitigation Experience Toolkit. Additional mitigation advice is available in the MSRC blog post: "Microsoft Releases Security Advisory 2757760" and US-CERT Vulnerability Note VU#480095. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution US-CERT recommends Internet Explorer users read Microsoft Security Advisory 2757760 and apply mitigation techniques such as using the Microsoft Enhanced Mitigation Experience Toolkit. References * Microsoft Security Advisory (2757760) * MSRC Blog: Microsoft Releases Security Advisory 2757760 * Download Microsoft EMET 3.0 * US-CERT Vulnerability Note VU#480095 Revision History September 18, 2012: Initial release ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA12-262A Feedback VU#480095" in the subject. ____________________________________________________________________ Produced by US-CERT, a government organization. ____________________________________________________________________ This product is provided subject to this Notification: http://www.us-cert.gov/privacy/notification.html Privacy & Use policy: http://www.us-cert.gov/privacy/ This document can also be found at http://www.us-cert.gov/cas/techalerts/TA12-262A.html For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBUFjR/XdnhE8Qi3ZhAQKbYgf/ea8sgQoPJhjLd95pO0Xqejz+82rgVVFX jiEAZcKpNygrCdh5NKNsEuZXQvsn4bew+pg3jgf5mplXLtl05WrOukZ7SL74GQjy LFNPeRZ+nB8q6KwIEAGoeDFkewZqdzV0ro/z/ttMHjtbSteHoa9hrYqrwqPURZT0 JgGmth33YDV0VK1KZkgmD15mA1CMAPwbdVqL3WdznR/Dm9HyXi1XkRemA5TmBH8j TpiMbHoUFZm79ZC/PbjE07NVZm5YNoTrWBZpebhsDssgnfBnL6J2BTtKeBKMVMcb NNul23iMf7ydy6FjAvDmhmQ9A7WMyky+SFavYTr5GsXN8AkDhuOrJA== =K/5z -----END PGP SIGNATURE----- ----- End forwarded message ----- From security em unicamp.br Mon Sep 24 10:06:41 2012 From: security em unicamp.br (CSIRT - UNICAMP) Date: Mon, 24 Sep 2012 13:06:41 +0000 Subject: [SECURITY-L] [technical-alerts@us-cert.gov: US-CERT Alert TA12-265A - Microsoft Releases Patch for Internet Explorer Exploit] Message-ID: <20120924130641.GA5402@unicamp.br> ----- Forwarded message from US-CERT Alerts ----- From: US-CERT Alerts Subject: US-CERT Alert TA12-265A - Microsoft Releases Patch for Internet Explorer Exploit To: technical-alerts em us-cert.gov Date: Fri, 21 Sep 2012 14:59:44 -0400 Organization: US-CERT - +1 202-205-5266 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Awareness System US-CERT Alert TA12-265A Microsoft Releases Patch for Internet Explorer Exploit Original release date: September 21, 2012 Last revised: -- Systems Affected * Microsoft Internet Explorer 6 * Microsoft Internet Explorer 7 * Microsoft Internet Explorer 8 * Microsoft Internet Explorer 9 Overview Microsoft has released Security Bulletin MS12-063 to address the use-after-free vulnerability that has been actively exploited this past week. Description Microsoft Internet Explorer versions 6, 7, 8, and 9 are susceptible to a use-after-free vulnerability. This vulnerability is being actively exploited in the wild. Microsoft has released Security Bulletin MS12-063 to patch this vulnerability and four others. This vulnerability was previously mentioned in US-CERT Alert TA12-262A. Additional information is available in US-CERT Vulnerability Note VU#480095. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution US-CERT recommends that Internet Explorer users run Windows Update as soon as possible to apply the MS12-063 patch. References * Microsoft Security Bulletin MS12-063 * US-CERT Alert: Microsoft Security Advisory for Internet Explorer Exploit * Microsoft Windows Update * US-CERT Vulnerability Note VU#480095 Revision History September 21, 2012: Initial release ____________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to with "TA12-265A Feedback " in the subject. ____________________________________________________________________ Produced by US-CERT, a government organization. ____________________________________________________________________ This product is provided subject to this Notification: http://www.us-cert.gov/privacy/notification.html Privacy & Use policy: http://www.us-cert.gov/privacy/ This document can also be found at http://www.us-cert.gov/cas/techalerts/TA12-265A.html For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBUFyvBXdnhE8Qi3ZhAQJc5wf/YpFjtWoSngsRAsW/7C3yGbHv3FG0WaCR tLj85fLeewJ09OjcEQgeW23aILaQHXC42PZJF6MG/d7WSL24GAmiIKkek80TCBjL CVRtRFKXwDQA5QgCrh+i8O0IlBUb6X3+E+3UJDxsydcPa4TyUab5DBUM0JxkhEaD b5XrHPU99OkY9+XtVUm8xConC0KET06jOw6jtaUhBGTApM8uFUzePr0DbTl0DpiU LchPZNUb+/EIseUZ3GEZcOKJGaS7YX4A9Itr7P9Di3iqEYI7A9dJ2h5Mc+6OcS9E yycnt5nlLN7qhie4t3u+PstNiD6HzmGJ/JwSQQTbgNqKMzBMglbeDw== =4ycT -----END PGP SIGNATURE----- ----- End forwarded message -----