Microsoft Windows Desktop Wallpaper Code Execution Vulnerability

Microsoft Internet Explorer ‘Forced Tweet’ Cross Domain

Microsoft Internet Explorer AddFavorite Method Denial-of-Service Vulnerability

Recently a new PDF-based malware threat for OS X was discovered that displays a Chinese PDF file while it installs and runs its malicious code in the background. While the initial version of this malware (OSX/Revir.A) was detected over a week ago, the criminals developing the code are busy revising and refining it, and over the weekend a variant has been identified (OSX/Revir.B). As with all malware, new versions of these threats are likely to surface in the future, and as they do, expect malware detection utilities (including Apple’s XProtect) to follow close behind and label them alphabetically as they appear.

A new worm called Morto has begun making the rounds on the Internet in the last couple of days, infecting machines via RDP (Remote Desktop Protocol).

The worm is generating a large amount of outbound RDP traffic on networks that have infected machines, and Morto is capable of compromising both servers and workstations running Windows.

If you have any questions or need assistance, please let me know and I will follow up with you.

Additional Information:
• http://threatpost.com/en_us/blogs/new-worm-morto-using-rdp-infect-windows-pcs-082811
• http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Worm%3aWin32%2fMorto.A
• http://blogs.computerworld.com/18870/morto_worm_spreading_fast_via_rdp?af

The Metasploit team is excited to announce a new incentive for community exploit contributions: Cash! Running until July 20th, our Exploit Bounty program will pay out $5,000 in cash awards (in the form of American Express gift cards) to any community member that submits an accepted exploit module for an item from our Top 5 or Top 25 exploit lists. This is our way of saying thanks to the open source exploit development community and encouraging folks who may not have written Metasploit modules before to give it a try.

Cisco Security Intelligence Operations has detected significant activity related to Portuguese-language spam e-mail messages that claim to contain pictures of Osama Bin Laden The text in the e-mail message instructs the recipient to open a .zip attachment to view the pictures. However, the .zip attachment contains a malicious .scr file that, when executed, attempts to infect the system with malicious code.

Apache Tomcat is the servlet container for JavaServlet and JavaServer Page Web applications.

A vulnerability in Apache Tomcat HTTP server may allow for directory traversal attacks. The vulnerability is cause by a misconfiguration of certain modules. An attacker could craft a special URL to view directories and files on the HTTP server without authorization.

Stuxnet appeared on the scene earlier this summer, though it was written more than a year ago. The code, its mechanics, the way it moved from system to system using Zero-Day vulnerabilities in Windows, everything about it was both frightening and shady. The hype given to it was justified, if only because it was a targeted payload, aimed at critical infrastructure.

Earlier in the day a security flaw turned Twitter’s Website into a chaotic and potentially unsafe place, filled with annoying pop-up windows that activated just by rolling the mouse over another user’s tweets.

With the release of the bulletins for September 2010, this bulletin
summary replaces the bulletin advance notification originally issued
on September 9, 2010. For more information about the bulletin
advance notification service, see
http://www.microsoft.com/technet/security/Bulletin/advance.mspx.