More Security Information

<<  Back
UM Home
Advanced Search
Archived Articles

July 27, 2006 Mozilla Products Contain Multiple Vulnerabilities
Overview: The Mozilla web browser and derived products contain several vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system.

Systems Affected:

* Mozilla SeaMonkey

* Mozilla Firefox

* Mozilla Thunderbird

Any products based on Mozilla components, specifically Gecko, may also be affected. Click HERE for more important info.

July 11, 2006 New Microsoft Security Bulletins
Microsoft has just released a Security Bulletin listing 7 new vulnerabilities. To immediately check if your system requires these patches, select "Windows Update" from the start menu on windows systems.
Also, check that your settings are configured to download and install windows updates daily. Instructions to configure automatic updates can be found on the itsecurity.olemiss.edu web site in the left column, second entry, "Configuring Windows for Automatic Updates".
The following 7 new Security Bulletins (5 critical, 2 important) were just released by Microsoft. We are reviewing MS06-033 through MS06-039 and will issue advisories as appropriate.

Vulnerability Links to Microsoft Security Bulletin:

  • (MS06-033) - Vulnerability in ASP.NET Could Allow Information Disclosure (917283) - Important

  • (MS06-034) - Vulnerability in Microsoft Internet Information Services using Active Server Pages Could Allow Remote Code Execution (917537) - Important

  • (MS06-035) - Vulnerability in Server Service Could Allow Remote Code Execution (917159) - Critical

  • (MS06-036) - Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388) - Critical

  • (MS06-037) - Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285) - Critical

  • (MS06-038) - Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (917284) - Critical

  • (MS06-039) - Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384) - Critical

    • May 16, 2006
    Surge in Tech-Savvy Phishing Attacks Maddy Sauer Reports: Many users are more than familiar with the bait. An email arrives from a familiar company (Amazon, eBay, PayPal, Chase Bank) claiming that personal information has been compromised or that an account is about to expire. The reader is asked to click on a link to confirm information. Those that are lured, click on the link where they are asked for their username, password or other vital information. Once they complete the forms, they've been caught – the readers' personal information is transmitted to the crooks. Article Link