Original release date: May 08, 2012 | Last revised: -- Systems Affected Microsoft Windows Microsoft .NET Framework Microsoft Office Microsoft Silverlight Overview Select Microsoft software products contain multiple vulnerabilities.  Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for May 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for May 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for May 2012 - Microsoft Windows Server Update Services - Microsoft Update - Microsoft Update Overview - Turn Automatic Updating On or Off - Revision History May 08, 2012: Initial release

Original release date: April 10, 2012 | Last revised: -- Systems Affected Adobe Reader X (10.1.2) and earlier 10.x versions for Windows and Macintosh Adobe Reader 9.5 and earlier 9.x versions for Windows, Macintosh, and UNIX Adobe Acrobat X (10.1.2) and earlier 10.x versions for Windows and Macintosh Adobe Acrobat 9.5 and earlier 9.x versions for Windows and Macintosh Overview Adobe has released Security Bulletin APSB12-08, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. As part of this update, Adobe Reader and Acrobat 9.x will use the system-wide Flash Player browser plug-in instead of the Authplay component. In addition, Reader and Acrobat now disable the rendering of 3D content by default. Description Adobe Security Bulletin APSB12-08 describes a number of vulnerabilities affecting Adobe Reader and Acrobat. These vulnerabilities affect Adobe Reader and Acrobat versions 9.x through 9.5, and Reader X and Acrobat X versions prior to 10.1.3. The Adobe ASSET blog provides additional details on new security architecture changes to Adobe Reader and Acrobat. Adobe Reader and Acrobat 9.5.1 will use the Adobe Flash Player plug-in version installed on the user’s system rather than the Authplay component that ships with Adobe Reader and Acrobat. This change helps limit the number of out-of-date, vulnerable Flash runtimes available to an attacker. Adobe Reader and Acrobat 9.5.1 also now disable rendering of 3D content by default because the 3D rendering components have a history of vulnerabilities. US-CERT recommends that Flash users upgrade to the latest version of Adobe Flash Player and turn on automatic updates. An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. This can happen automatically as the result of viewing a webpage. Impact These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file. Solution Update Reader Adobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB12-08 and update vulnerable versions of Adobe Reader and Acrobat. In addition to updating, please consider the following mitigations. Disable JavaScript in Adobe Reader and Acrobat Disabling JavaScript may prevent some exploits from resulting in code execution. You can disable Acrobat JavaScript using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript). Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this framework may be useful when specific APIs are known to be vulnerable or used in attacks. Prevent Internet Explorer from automatically opening PDF files The installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\AcroExch.Document.7] "EditFlags"=hex:00,00,00,00 Disable the display of PDF files in the web browser Preventing PDF files from opening inside a web browser will partially mitigate this vulnerability. Applying this workaround may also mitigate future vulnerabilities. To prevent PDF files from automatically being opened in a web browser, do the following: 1. Open Adobe Acrobat Reader. 2. Open the Edit menu. 3. Choose the Preferences option. 4. Choose the Internet section. 5. Uncheck the "Display PDF in browser" checkbox. Do not access PDF files from untrusted sources Do not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010. References Security update available for Adobe Reader and Acrobat - Adobe Reader and Acrobat JavaScript Blacklist Framework - Background on Security Bulletin APSB12-08 - Adobe Flash Player - Adobe Flash vulnerability affects Flash Player and other Adobe products - Vulnerability Notes with advice to disable 3D rendering - Revision History April 10, 2012: Initial release

Original release date: April 10, 2012 | Last revised: -- Systems Affected Microsoft Windows Microsoft Internet Explorer Microsoft .NET Framework Microsoft Office Microsoft Server Software Microsoft SQL Server Microsoft Developer Tools Microsoft Forefront United Access Gateway Overview There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Microsoft Office, Microsoft Server Software, Microsoft SQL Server, Microsoft Developer Tools, and Microsoft Forefront United Access Gateway.  Microsoft has released updates to address these vulnerabilities. Description The Microsoft Security Bulletin Summary for April 2012 describes multiple vulnerabilities in Microsoft software. Microsoft has released updates to address the vulnerabilities. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. Solution Apply updates Microsoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for April 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. References Microsoft Security Bulletin Summary for April 2012 - Microsoft Windows Server Update Services - Microsoft Update - Microsoft Update Overview - Turn Automatic Updating On or Off - Revision History April 10, 2012: Initial release

Original release date: March 13, 2012 Last revised: -- Source: US-CERT Systems Affected Microsoft WindowsMicrosoft Visual StudioMicrosoft Expression Design Overview There are multiple vulnerabilities in Microsoft Windows, Microsoft Visual Studio, and Microsoft Expression Design. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for March 2012 describes multiple vulnerabilities in Microsoft Windows, Microsoft Visual Studio, and Microsoft Expression Design. Microsoft has released updates to address the vulnerabilities. II. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. III. Solution Apply updatesMicrosoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for March 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. IV. References Microsoft Security Bulletin Summary for March 2012 - Microsoft Windows Server Update Services - Microsoft Update - Microsoft Update Overview - Turn Automatic Updating On or Off - Feedback can be directed to US-CERT. Produced 2012 by US-CERT, a government organization. Terms of use Revision History March 13, 2012: Initial release

Original release date: February 14, 2012 Last revised: -- Source: US-CERT Systems Affected Microsoft WindowsMicrosoft Internet ExplorerMicrosoft .NET FrameworkMicrosoft SilverlightMicrosoft OfficeMicrosoft Server Software Overview There are multiple vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft .NET Framework, Silverlight, Office, and Microsoft Server Software. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for February 2012 describes multiple vulnerabilities in Microsoft Windows. Microsoft has released updates to address the vulnerabilities. II. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. III. Solution Apply updatesMicrosoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for February 2012, which describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). Home users are encouraged to enable automatic updates. IV. References Microsoft Security Bulletin Summary for February 2012 - Microsoft Windows Server Update Services - Microsoft Update - Microsoft Update Overview - Turn Automatic Updating On or Off - Feedback can be directed to US-CERT. Produced 2012 by US-CERT, a government organization. Terms of use Revision History February 14, 2012: Initial release

Original release date: January 24, 2012 Last revised: -- Source: US-CERT Overview US-CERT has received information from multiple sources about coordinated distributed denial-of-service (DDoS) attacks with targets that included U.S. government agency and entertainment industry websites. The loosely affiliated collective "Anonymous" allegedly promoted the attacks in response to the shutdown of the file hosting site MegaUpload and in protest of proposed U.S. legislation concerning online trafficking in rightsed intellectual property and counterfeit goods (Stop Online Piracy Act, or SOPA, and Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act, or PIPA). I. Description US-CERT has evidence of two types of DDoS attacks: One using HTTP GET requests and another using a simple UDP flood.The Low Orbit Ion Cannon (LOIC) is a denial-of-service attack tool associated with previous Anonymous activity. US-CERT has reviewed at least two implementations of LOIC. One variant is written in JavaScript and is designed to be used from a web browser. An attacker can access this variant of LOIC on a website and select targets, specify an optional message, throttle attack traffic, and monitor attack progress. A binary variant of LOIC includes the ability to join a botnet to allow nodes to be controlled via IRC or RSS command channels (the "HiveMind" feature).The following is a sample of LOIC traffic recorded in a web server log:"GET /?id=1327014400570&msg=We%20Are%20Legion! HTTP/1.1" 200 99406 "hxxp://pastehtml.com/view/blafp1ly1.html" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0.1) Gecko/20100101 Firefox/9.0.1"The following sites have been identified in HTTP referrer headers of suspected LOIC traffic. This list may not be complete. Please do not visit any of the links as they may still host functioning LOIC or other malicious code."hxxp://3g.bamatea.com/loic.html""hxxp://anonymouse.org/cgi-bin/anon-www.cgi/""hxxp://chatimpacto.org/Loic/""hxxp://cybercrime.hostzi.com/Ym90bmV0/loic/""hxxp://event.seeho.co.kr/loic.html""hxxp://pastehtml.com/view/bl3weewxq.html""hxxp://pastehtml.com/view/bl7qhhp5c.html""hxxp://pastehtml.com/view/blafp1ly1.html""hxxp://pastehtml.com/view/blakyjwbi.html""hxxp://pastehtml.com/view/blal5t64j.html""hxxp://pastehtml.com/view/blaoyp0qs.html""hxxp://www.lcnongjipeijian.com/loic.html""hxxp://www.rotterproxy.info/browse.php/704521df/ccc21Oi8/vY3liZXJ/jcmltZS5/ob3N0emk/uY29tL1l/tOTBibVY/wL2xvaWM/v/b5/fnorefer""hxxp://www.tandycollection.co.kr/loic.html""hxxp://www.zgon.cn/loic.html""hxxp://zgon.cn/loic.html""hxxp://www.turbytoy.com.ar/admin/archivos/hive.html"The following are the A records for the referrer sites as of January, 20, 2012:3g[.]bamatea[.]com                A    218[.]5[.]113[.]218cybercrime[.]hostzi[.]com         A    31[.]170[.]161[.]36event[.]seeho[.]co[.]kr           A    210[.]207[.]87[.]195chatimpacto[.]org                 A    66[.]96[.]160[.]151  anonymouse[.]org                  A    193[.]200[.]150[.]125pastehtml[.]com                   A    88[.]90[.]29[.]58lcnongjipeijian[.]com             A    49[.]247[.]252[.]105www[.]rotterproxy[.]info          A    208[.]94[.]245[.]131www[.]tandycollection[.]co[.]kr   A    121[.]254[.]168[.]87www[.]zgon[.]cn                   A    59[.]54[.]54[.]204www[.]turbytoy[.]com[.]ar         A    190[.]228[.]29[.]84The HTTP requests contained an "id" value based on UNIX time and user-defined "msg" value, for example:GET /?id=1327014189930&msg=%C2%A1%C2%A1NO%20NOS%20GUSTA%20LA%20Other "msg" examples:msg=%C2%A1%C2%A1NO%20NOS%20GUSTA%20LA%20msg=:)msg=:Dmsg=Somos%20Legion!!!msg=Somos%20legi%C3%B3n!msg=Stop%20S.O.P.A%20:)%20%E2%99%AB%E2%99%AB HTTP/1.1" 200 99406 "http://pastehtml.com/view/bl7qhhp5c.html"msg=We%20Are%20Legion!msg=ghmsg=open%20megauploadmsg=que%20sepan%20los%20nacidos%20y%20los%20que%20van%20a%20nacer%20que%20nacimos%20para%20vencer%20y%20no%20para%20ser%20vencidosmsg=stop%20SOPA!!msg=We%20are%20Anonymous.%20We%20are%20Legion.%20We%20do%20not%20forgive.%20We%20do%20not%20forget.%20Expect%20us!The "msg" field can be arbitrarily set by the attacker.As of January 20, 20012, US-CERT has observed another attack that consists of UDP packets on ports 25 and 80. The packets contained a message followed by variable amounts of padding, for example:66:6c:6f:6f:64:00:00:00:00:00:00:00:00:00 | flood.........Target selection, timing, and other attack activity is often coordinated through social media sites or online forums.US-CERT is continuing research efforts and will provide additional data as it becomes available. III. Solution There are a number of mitigation strategies available for dealing with DDoS attacks, depending on the type of attack as well as the target network infrastructure. In general, the best practice defense for mitigating DDoS attacks involves advanced preparation.Develop a checklist or Standard Operating Procedure (SOP) to follow in the event of a DDoS attack. One critical point in a checklist or SOP is to have contact information for your ISP and hosting providers. Identify who should be contacted during a DDoS, what processes should be followed, what information is needed, and what actions will be taken during the attack with each entity.The ISP or hosting provider may provide DDoS mitigation services. Ensure your staff is aware of the provisions of your service level agreement (SLA).Maintain contact information for firewall teams, IDS teams, network teams and ensure that it is current and readily available.Identify critical services that must be maintained during an attack as well as their priority. Services should be prioritized beforehand to identify what resources can be turned off or blocked as needed to limit the effects of the attack. Also, ensure that critical systems have sufficient capacity to withstand a DDoS attack.Have current network diagrams, IT infrastructure details, and asset inventories. This will assist in determining actions and priorities as the attack progresses.Understand your current environment and have a baseline of daily network traffic volume, type, and performance. This will allow staff to better identify the type of attack, the point of attack, and the attack vector used. Also, identify any existing bottlenecks and remediation actions if required.Harden the configuration settings of your network, operating systems, and applications by disabling services and applications not required for a system to perform its intended function. Implement a bogon block list at the network boundary.Employ service screening on edge routers wherever possible in order to decrease the load on stateful security devices such as firewalls.Separate or compartmentalize critical services:Separate public and private servicesSeparate intranet, extranet, and internet servicesCreate single purpose servers for each service such as HTTP, FTP, and DNSReview the US-CERT Cyber Security Tip Understanding Denial-of-Service Attacks. IV. References Cyber Security Tip ST04-015 - Anonymous's response to the seizure of MegaUpload according to CNN - The Internet Strikes Back #OpMegaupload - Twitter Post from the author of the JavaScript based LOIC code - Anonymous Operations tweets on Twitter - @Megaupload Tweets on Twitter - LOIC DDoS Analysis and Detection - Impact of Operation Payback according to CNN - OperationPayback messages on YouTube - The Bogon Reference - Team Cymru - Feedback can be directed to US-CERT. Produced 2012 by US-CERT, a government organization. Terms of use Revision History January 24, 2012: Initial release

Original release date: January 10, 2012 Last revised: -- Source: US-CERT Systems Affected Microsoft WindowsMicrosoft Developer Tools and Software Overview There are multiple vulnerabilities in Microsoft Windows and Microsoft Developer Tools and Software. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for January 2012 describes multiple vulnerabilities in Microsoft Windows. Microsoft has released updates to address the vulnerabilities. II. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. III. Solution Apply updatesMicrosoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for January 2012. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References Microsoft Security Bulletin Summary for January 2012 - Microsoft Windows Server Update Services - Feedback can be directed to US-CERT. Produced 2012 by US-CERT, a government organization. Terms of use Revision History January 10, 2012: Initial release

Original release date: January 06, 2012 Last revised: -- Source: US-CERT Systems Affected Most Wi-Fi access points that support Wi-Fi Protected Setup (WPS) are affected. Overview Wi-Fi Protected Setup (WPS) provides simplified mechanisms to configure secure wireless networks. The external registrar PIN exchange mechanism is susceptible to brute force attacks that could allow an attacker to gain access to an encrypted Wi-Fi network. I. Description WPS uses a PIN as a shared secret to authenticate an access point and a client and provide connection information such as WEP and WPA passwords and keys. In the external registrar exchange method, a client needs to provide the correct PIN to the access point.An attacking client can try to guess the correct PIN. A design vulnerability reduces the effective PIN space sufficiently to allow practical brute force attacks. Freely available attack tools can recover a WPS PIN in 4-10 hours.For further details, please see Vulnerability Note VU#723755 and further documentation by Stefan Viehbock and Tactical Network Solutions. II. Impact An attacker within radio range can brute-force the WPS PIN for a vulnerable access point. The attacker can then obtain WEP or WPA passwords and likely gain access to the Wi-Fi network. Once on the network, the attacker can monitor traffic and mount further attacks. III. Solution Update FirmwareCheck your access point vendor's support website for updated firmware that addresses this vulnerability. Further information may be available in the Vendor Information section of VU#723755 and in a Google spreadsheet called WPS Vulnerability Testing.Disable WPSDepending on the access point, it may be possible to disable WPS. Note that some access points may not actually disable WPS when the web management interface indicates that WPS is disabled. IV. References Vulnerability Note VU#723755 - Wi-Fi Protected Setup PIN brute force vulnerability - Cracking WiFi Protected Setup with Reaver - WPS Vulnerability Testing - Feedback can be directed to US-CERT. Produced 2012 by US-CERT, a government organization. Terms of use Revision History January 06, 2012: Initial release

Original release date: December 16, 2011 Last revised: -- Source: US-CERT Systems Affected Adobe Reader X (10.1.1) and earlier 10.x versions for Windows and MacintoshAdobe Reader 9.4.6 and earlier 9.x versions for Windows, Macintosh, and UNIXAdobe Acrobat X (10.1.1) and earlier 10.x versions for Windows and MacintoshAdobe Acrobat 9.4.6 and earlier 9.x versions for Windows and Macintosh Overview Adobe has released Security Bulletin APSB11-30, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. I. Description Adobe Security Bulletin APSB11-30 and Adobe Security Advisory APSA11-04 describe a number of vulnerabilities affecting Adobe Reader and Acrobat. These vulnerabilities affect Reader and Acrobat 9.4.6 and earlier 9.x versions. These vulnerabilities also affect Reader X and Acrobat X 10.1.1 and earlier 10.x versions.An attacker could exploit these vulnerabilities by convincing a user to open a specially crafted PDF file. The Adobe Reader browser plug-in, which can automatically open PDF documents hosted on a website, is available for multiple web browsers and operating systems.Adobe Reader X and Adobe Acrobat X will be patched in the next quarterly update scheduled for January 10, 2012.Additional details for the U3D memory corruption vulnerability can be found in US-CERT Vulnerability Note VU#759307. II. Impact These vulnerabilities could allow a remote attacker to execute arbitrary code, write arbitrary files or folders to the file system, escalate local privileges, or cause a denial of service on an affected system as the result of a user opening a malicious PDF file. III. Solution Update ReaderAdobe has released updates to address this issue. Users are encouraged to read Adobe Security Bulletin APSB11-30 and update vulnerable versions of Adobe Reader and Acrobat.In addition to updating, please consider the following mitigations.Disable Flash in Adobe Reader and AcrobatDisabling Flash in Adobe Reader will mitigate attacks that rely on Flash content embedded in a PDF file. Disabling 3D & Multimedia support does not directly address the vulnerability, but it does provide additional mitigation and results in a more user-friendly error message instead of a crash. To disable Flash and 3D & Multimedia support in Adobe Reader 9, delete, rename, or remove access to these files:Microsoft Windows"%ProgramFiles%\Adobe\Reader 9.0\Reader\authplay.dll""%ProgramFiles%\Adobe\Reader 9.0\Reader\rt3d.dll"Apple Mac OS X"/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/AuthPlayLib.bundle""/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"GNU/Linux (locations may vary among distributions)"/opt/Adobe/Reader9/Reader/intellinux/lib/libauthplay.so""/opt/Adobe/Reader9/Reader/intellinux/lib/librt3d.so"File locations may be different for Adobe Acrobat or other Adobe products that include Flash and 3D & Multimedia support. Disabling these plugins will reduce functionality and will not protect against Flash content that is hosted on websites. Depending on the update schedule for products other than Flash Player, consider leaving Flash and 3D & Multimedia support disabled unless they are absolutely required.Disable JavaScript in Adobe Reader and AcrobatDisabling JavaScript may prevent some exploits from resulting in code execution. Acrobat JavaScript can be disabled using the Preferences menu (Edit -> Preferences -> JavaScript; uncheck Enable Acrobat JavaScript).Adobe provides a framework to blacklist specific JavaScipt APIs. If JavaScript must be enabled, this framework may be useful when specific APIs are known to be vulnerable or used in attacks.Prevent Internet Explorer from automatically opening PDF filesThe installer for Adobe Reader and Acrobat configures Internet Explorer to automatically open PDF files without any user interaction. This behavior can be reverted to a safer option that prompts the user by importing the following as a .REG file:Windows Registry Editor Version 5.00[HKEY_CLASSES_ROOT\AcroExch.Document.7]"EditFlags"=hex:00,00,00,00Disable the display of PDF files in the web browserPreventing PDF files from opening inside a web browser will partially mitigate this vulnerability. If this workaround is applied, it may also mitigate future vulnerabilities.To prevent PDF files from automatically being opened in a web browser, do the following:1. Open Adobe Acrobat Reader.2. Open the Edit menu.3. Choose the Preferences option.4. Choose the Internet section.5. Uncheck the "Display PDF in browser" checkbox.Remove or restrict access to 3difr.x3dBy removing or restricting access to the 3difr.x3d file, Adobe Reader and Acrobat will fail to render U3D content, which helps to mitigate this vulnerability. PDF documents that use the PRC format for 3D content will continue to function on Windows and Linux platforms.To disable U3D support in Adobe Reader 9 on Microsoft Windows, delete or rename this file:    "%ProgramFiles%\Adobe\Reader 9.0\Reader\plug_ins3d\3difr.x3d"For Apple Mac OS X, delete or rename this directory:    "/Applications/Adobe Reader 9/Adobe Reader.app/Contents/Frameworks/Adobe3D.framework"For GNU/Linux, delete or rename this file (locations may vary among distributions):    "/opt/Adobe/Reader9/Reader/intellinux/plug_ins3d/3difr.x3d"File locations may be different for Adobe Acrobat or other Adobe products or versions.Do not access PDF files from untrusted sourcesDo not open unfamiliar or unexpected PDF files, particularly those hosted on websites or delivered as email attachments. Please see Cyber Security Tip ST04-010. IV. References Security update available for Adobe Reader and Acrobat - Adobe Reader and Acrobat JavaScript Blacklist Framework - Adobe Acrobat and Reader U3D memory corruption vulnerability - Security Advisory for Adobe Reader and Acrobat - Feedback can be directed to US-CERT. Produced 2011 by US-CERT, a government organization. Terms of use Revision History December 16, 2011: Initial release

Original release date: December 13, 2011 Last revised: -- Source: US-CERT Systems Affected Microsoft WindowsMicrosoft OfficeInternet Explorer Overview There are multiple vulnerabilities in Microsoft Windows, Office, and Internet Explorer. Microsoft has released updates to address these vulnerabilities. I. Description The Microsoft Security Bulletin Summary for December 2011 describes multiple vulnerabilities in Microsoft Windows. Microsoft has released updates to address the vulnerabilities. Additional details for MS11-091 can be found in US-CERT vulnerability note VU#361441. II. Impact A remote, unauthenticated attacker could execute arbitrary code, cause a denial of service, or gain unauthorized access to your files or system. III. Solution Apply updatesMicrosoft has provided updates for these vulnerabilities in the Microsoft Security Bulletin Summary for December 2011. That bulletin describes any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. In addition, administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References Microsoft Security Bulletin Summary for December 2011 - Microsoft Windows Server Update Services - US-CERT Vulnerability Note VU#361441 - Feedback can be directed to US-CERT. Produced 2011 by US-CERT, a government organization. Terms of use Revision History December 13, 2011: Initial release

Johan Arwidmark är killen du ringer när du vill standardisera och automatisera så mycket det bara går. Om han ser en tekniker springa in i en serverhall med en skiva i handen vill han slå sin panna i väggen.

Har din dator infekterats av ett virus eller annat skadligt program som ställer till en massa problem? Här går vi igenom hur du rensar ut skräpet.

CS har tagit en tillbakablick i internethistorien. Här är några gamla favoritsajter.

En förargad fransman stämde Google efter ha fångats på bild när han slog en drill i sin egen trädgård. Här är fem udda åtal mot företaget.

Just nu är molnet it-branschens hetaste term. Men vid horisonten anar ett oväder. Personuppgiftslagen blåser bort alla moln från it-himlen.

Bindningstiderna för mobil-, bredbands- och tv-abonnemang kan kortas.

Blizzards uppföljare tog hela 12 år. Trots att det inte har hänt så mycket sedan sist är Diablo 3 ändå ett mycket bra spel.

"När handeln i Facebookaktien är i full gång har de riktiga vinnarna redan cashat in", skriver CS Marcus Jerräng.

I dag börsnoteras Facebook och de anställda laddar med ett hackathon inför händelsen. Men i USA är man inte överens om at jätten kommer att överleva på sikt.

HPs Sverigechef Kjell Ahlzén vill vare sig kommentera dagens medieuppgifter om stora neddragningar på HP eller hur det skulle påverka det svenska bolaget.