Posted in June 9, 2009 ¬ 9:19 pmh.
peter
Cisco Response to Microsoft Security Bulletin Release for June 2009
Microsoft published its monthly security bulletin release on June 9, 2009. Ten total bulletins were released to address a total of 31 vulnerabilities. Microsoft rated six of the ten bulletins as Critical, four as Important, and one as Moderate. Five of the Critical bulletins address vulnerabilities in Microsoft Windows and Office applications, including Word, Excel, and Internet Explorer. Exploits of these vulnerabilities could allow an attacker to execute arbitrary code, but an attacker must rely upon user participation to accomplish an exploit. The final Critical bulletin addresses vulnerabilities in Active Directory that could allow a remote attacker to execute arbitrary code on a targeted system. One previously reported vulnerability in Microsoft Internet Information Services was corrected as part of this month’s Microsoft release. Although exploit code exists publicly for this vulnerability, no incidents have been reported.
The Cisco suite of security solutions provides immediate protection for these vulnerabilities. Detailed vulnerability information, analysis, and Cisco-specific mitigation information is available on the IntelliShield Event Response for this Microsoft Security Bulletin Release. For continuously updated information on specific vulnerabilities or to view additional IntelliShield alerts, please visit Cisco Security Center.
Event Intelligence
The following table identifies Cisco Security Intelligence Operations content and Cisco mitigation information that is associated with this Microsoft release:
http://www.cisco.com/web/about/security/intelligence/ERP_jun09.html
Posted in May 20, 2009 ¬ 7:22 amh.
peter
Ask the Experts About the New Cisco ASA Botnet Traffic Filter from May 25 to June 5, 2009
Have questions about the recently introduced Cisco ASA 5500 Series Botnet Traffic Filter? Botnets are an increasing source of concern for businesses.
They are extremely difficult to detect, can propagate and mutate quickly, and pose numerous security risks, from data leakage to denial-of-service attacks.
Ask the Cisco ASA expert, Tom Hunter, about how to combat botnets in our Ask the Experts Session, from May 25 to June 5, 2009.
For more information about the Ask the Experts Session, go to http://www.cisco.com/go/asktheexpert/
Posted in May 12, 2009 ¬ 3:02 pmh.
peter
Cisco Response to Microsoft Security Bulletin Release for May 2009
Microsoft published its monthly security bulletin release on May 12, 2009. One bulletin was released that addresses 14 individual vulnerabilities. Microsoft has scored the bulletin with a maximum severity rating of Critical. This bulletin addresses vulnerabilities in the Microsoft Office PowerPoint software. In every case, a successful exploit requires a user to open a malformed PowerPoint file; an attacker cannot force a user to do so directly. One vulnerability, which is described in CVE-2009-0556 and IntelliShield alert 17966, is being actively exploited in the wild.
The Cisco suite of security solutions provides immediate protection for these vulnerabilities. Detailed vulnerability information, analysis, and Cisco-specific mitigation information is available in the IntelliShield Event Response for this Microsoft Release. To access continuously updated information on specific vulnerabilities or to view additional IntelliShield alerts, please visit Cisco Security Center.
Additional information on the impact of these vulnerabilities, including detailed mitigation procedures, is available in the Cisco Applied Mitigation Bulletin. Applied Mitigation Bulletins provide identification and mitigation techniques that administrators can deploy on Cisco network devices.
Posted in March 31, 2009 ¬ 9:46 pmh.
peter
Up to Date Summary and Mitigation information is available for you here:
http://tools.cisco.com/security/center/viewAlert.x?alertId=17121