Destroy PC Viruses

Home

VideoLAN Releases Security Advisory for VLC Media Player

Sunday, 25 April 2010 03:34 |

VideoLAN has released a security advisory to address multiple vulnerabilities in VLC Media Player. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review VideoLAN security advisory VideoLAN-SA-1003 and apply any necessary updates or workarounds to help mitigate the risks.

McAfee DAT 5958 Issues

Sunday, 25 April 2010 03:34 |

US-CERT is aware of public reports indicating that McAfee DAT release 5958 is incorrectly identifying the valid system file, C:\Windows\system32\svchost.exe, as containing malicious code. Reports indicate that a false positive detection occurs on Windows XP Service Pack 3 systems. Symptoms include a denial-of-service condition when the McAfee software attempts to clean the file.

US-CERT encourages users and administrators to review the McAfee Virus Profile: W32/Wecorl.a and apply the "extra.dat" and additional updates provided by McAfee as necessary to mitigate this issue. Users should ensure that they have installed DAT 5959 or greater before running any on-demand scans.

Corporate users and administrators are encouraged to review the McAfee Corporate Knowledgebase Article KB68780, while home users are encouraged to review the McAfee FAQ Document TS100969.

Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability

Saturday, 17 April 2010 12:41 |

The Sun Java Development Toolkit plugin and ActiveX control contain a vulnerability. This vulnerability is due to insufficient argument validation. By convincing a user to visit a specially crafted HTML document, an attacker may be able to exploit this vulnerability and execute an arbitrary JAR file on the affected system.

US-CERT encourages users and administrators to review US-CERT Vulnerability Note VU#886582 and implement any necessary workarounds to help mitigate the risk until a fix is available from the product vendor.

US-CERT will provide additional information as it becomes available.

Microsoft Revokes Security Update

Sunday, 25 April 2010 03:34 |

The Microsoft Security Response Center has posted a blog entry indicating that it has revoked the update related to Microsoft security bulletin MS10-025 because it does not effectively correct the underlying vulnerability. This vulnerability affects Windows Media Services running on Windows 2000 Server. The blog entry indicates that Microsoft has targeted a re-release of the update for next week.

US-CERT encourages users and administrators to review the Microsoft Security Response Center blog entry and implement the suggested guidance to help mitigate the risks.

US-CERT will provide additional information as it becomes available.

Microsoft Releases April Security Bulletin

Saturday, 17 April 2010 12:41 |

Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Exchange as part of the Microsoft Security Bulletin Summary for April 2010. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, cause a denial-of-service attack or spoof an IPv4 address to bypass filtering devices.

US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 6 of 26