added Monday, April 16, 2012 at 3:11 pm | updated Tuesday, May 15, 2012 at 10:02 am

Apple has released security updates to address Flashback malware in the following products:

• OS X Lion v10.7.3
• OS X Lion Server v10.7.3
• Mac OS X v10.6.8
• Mac OS X Server v10.6.8

Apple has released a malware removal tool for the most common variant of the Flashback malware. If the malware is discovered, the tool will notify the user and remove it automatically. If the malware is not discovered, no indication will be given.

Update: On May 14, 2012 Apple has released security updates to address Flashback malware in the following product:

• Mac OS X v10.5 to v10.5.8

US-CERT encourages users and administrators to review articles HT5247, HT5254, and HT5273 and apply any necessary updates to help mitigate the risk.


Read more at: http://www.us-cert.gov/current/#apple_releases_quicktime_7_71

added Monday, April 16, 2012 at 3:11 pm | updated Tuesday, May 15, 2012 at 10:02 am

Apple has released security updates to address Flashback malware in the following products:

• OS X Lion v10.7.3
• OS X Lion Server v10.7.3
• Mac OS X v10.6.8
• Mac OS X Server v10.6.8

Apple has released a malware removal tool for the most common variant of the Flashback malware. If the malware is discovered, the tool will notify the user and remove it automatically. If the malware is not discovered, no indication will be given.

Update: On May 14, 2012 Apple has released security updates to address Flashback malware in the following product:

• Mac OS X v10.5 to v10.5.8

US-CERT encourages users and administrators to review articles HT5247, HT5254, and HT5273 and apply any necessary updates to help mitigate the risk.


Read more at: http://www.us-cert.gov/current/#google_releases_google_chrome_19

Tuesday, May 8, 2012 at 04:29 pm

Apple has released iOS 5.1.1 for iPhone, iPod, iPad, and iPad 2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, perform a cross-site-scripting attack, or spoof a website address.

US-CERT encourages users and administrators to review Apple Support Article HT5278 and apply any necessary updates to help mitigate the risk.


Read more at: http://www.us-cert.gov/current/#apple_releases_ios_5_1

Tuesday, May 8, 2012 at 04:29 pm

Apple has released iOS 5.1.1 for iPhone, iPod, iPad, and iPad 2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, perform a cross-site-scripting attack, or spoof a website address.

US-CERT encourages users and administrators to review Apple Support Article HT5278 and apply any necessary updates to help mitigate the risk.


Read more at: http://www.us-cert.gov/current/#microsoft_releases_advance_notification_for56

Tuesday, April 24, 2012 at 2:20 pm

US-CERT encourages users and administrators to ensure their systems are not infected with the DNSChanger malware by utilizing tools and resources available at the DNS Changer Working Group (DCWG) website. Computers testing positive for infection of DNSChanger malware will need to be cleaned of the malware in order to maintain continued internet connectivity beyond July 9, 2012.

On November 8, 2011, the FBI, NASA-OIG, and Estonian police arrested several cyber criminals in “Operation Ghost Click.” The criminals operated under the company name “Rove Digital,” and distributed DNS changing viruses, variously known as TDSS, Alureon, TidServ, and TDL4 viruses.

Additional information about Operation Ghost Click and the DNSChanger malware is available at the FBI website.


Read more at: http://www.us-cert.gov/current/#google_releases_chrome_18_0

Tuesday, April 24, 2012 at 2:20 pm

US-CERT encourages users and administrators to ensure their systems are not infected with the DNSChanger malware by utilizing tools and resources available at the DNS Changer Working Group (DCWG) website. Computers testing positive for infection of DNSChanger malware will need to be cleaned of the malware in order to maintain continued internet connectivity beyond July 9, 2012.

On November 8, 2011, the FBI, NASA-OIG, and Estonian police arrested several cyber criminals in “Operation Ghost Click.” The criminals operated under the company name “Rove Digital,” and distributed DNS changing viruses, variously known as TDSS, Alureon, TidServ, and TDL4 viruses.

Additional information about Operation Ghost Click and the DNSChanger malware is available at the FBI website.


Read more at: http://www.us-cert.gov/current/#ruggedcom_rugged_operating_system_vulnerability

Monday, April 16, 2012 at 3:11 pm

Apple has released security updates to address Flashback malware in the following products:

• OS X Lion v10.7.3
• OS X Lion Server v10.7.3
• Mac OS X v10.6.8
• Mac OS X Server v10.6.8

Apple has released a malware removal tool for the most common variant of the Flashback malware. If the malware is discovered, the tool will notify the user and remove it automatically. If the malware is not discovered, no indication will be given.

US-CERT encourages users and administrators to review article HT5247 and HT5254 and apply any necessary updates to help mitigate the risk.


Read more at: http://www.us-cert.gov/current/#oracle_releases_critical_patch_update18

Thursday, April 5, 2012 at 04:14 pm

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Office, SQL Server, Server Software, Developer Tools, and Forefront United Access Gateway as part of the Microsoft Security Bulletin Summary for April 2012. These vulnerabilities may allow an attacker to execute arbitrary code or disclose sensitive information.

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.


Read more at: http://www.us-cert.gov/current/#apple_releases_flashback_malware_security

Thursday, April 5, 2012 at 04:14 pm

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Office, SQL Server, Server Software, Developer Tools, and Forefront United Access Gateway as part of the Microsoft Security Bulletin Summary for April 2012. These vulnerabilities may allow an attacker to execute arbitrary code or disclose sensitive information.

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.


Read more at: http://www.us-cert.gov/current/#hp_procurve_5400_zl_switches

Thursday, April 5, 2012 at 04:14 pm

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Office, SQL Server, Server Software, Developer Tools, and Forefront United Access Gateway as part of the Microsoft Security Bulletin Summary for April 2012. These vulnerabilities may allow an attacker to execute arbitrary code or disclose sensitive information.

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.


Read more at: http://www.us-cert.gov/current/#samba_releases_updates_for_3