University of Southern California

Tag Archives: security advisory

← Older posts

Sandworm Vulnerability Requires Another Fix from Microsoft

Posted on by mbordas

BACKGROUND Hackers have bypassed Microsoft’s security patch to address the Sandworm vulnerability in Windows resulting in the company issuing another advisory and warning users of the new threat. IMPACT The vulnerability could allow remote code execution if a user opens … Continue reading

Posted in Malware, Security Updates | Tagged , ,

Adobe Flash Vulnerability Currently Being Exploited

Posted on by mbordas

BACKGROUND There is a vulnerability in Adobe Flash that is being exploited in large scale attacks. The vulnerability is being tracked as CVE-2014-0569 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0558) on the Common Vulnerabilities and Exposures (CVE) database. The exploit includes memory corruption vulnerabilities and an integer overflow vulnerability that … Continue reading

Posted in Malware, Security Updates | Tagged , , ,

Bash Vulnerability Update

Posted on by mbordas

Please note the following updates to the September 25 post regarding the Bash / Shellshock vulnerability.

Posted in Security Breach, Security Updates | Tagged , , , ,

More OpenSSL Vulnerabilities Reported

Posted on by mbordas

Security researchers have recently identified several vulnerabilities in the OpenSSL encryption library in addition to the widely publicized Heartbleed bug (see https://it-security.usc.edu/2014/04/09/openssl-heartbleed-bug​ for more information about Heartbleed). System Administrators within USC’s IT units should complete the action items (fixes) summarized … Continue reading

Posted in Security Updates | Tagged , , ,

Zero-Day Vulnerability in Internet Explorer

Posted on by mbordas

On September 17, Microsoft published an emergency security advisory and “Fix it” solution to address a zero-day vulnerability affecting all supported versions of Internet Explorer. (Zero-day vulnerabilities are those that exploit previously unknown vulnerabilities and for which there is no … Continue reading

Posted in Security Updates | Tagged ,

Phishing Warning 2013-08-28

Posted on by mbordas

Many users have reported receiving the following phish email. If you have received the phish, do not reply, click the link, or supply any login information. If you have replied or followed the link, change your USC password as soon … Continue reading

Posted in Phishing | Tagged , ,

Patch Tuesday Roundup for April 2013

Posted on by mbordas

Today is Patch Tuesday for April 2013.  Microsoft released nine security bulletins, two of which are considered critical and address vulnerabilities that could allow remote users to execute code on your machines.  For more information and to download the updates, … Continue reading

Posted in Patch Tuesday | Tagged , , ,

This Week in Security

Posted on by mbordas

Twitter announced today that it has discovered unauthorized attempts to access user data, including usernames, email addresses and passwords.  The attackers may have gained access to information on approximately 250,000 users.  Twitter has reset the passwords of affected users, and … Continue reading

Posted in Mobile Devices, Phishing, Security Updates | Tagged , , ,

Critical Security Updates Released

Posted on by mbordas

Microsoft today released an emergency patch to address the zero day vulnerability discovered last December, which could allow remote code execution if users of Internet Explorer 6, 7, or 8 visit websites or open emails containing malicious code.  For more … Continue reading

Posted in Security Updates | Tagged , , ,

This Week in Security

Posted on by mbordas

The past week saw a number of  patches, updates, and alerts. Microsoft released a number of security bulletins on Patch Tuesday.   In conjunction, Adobe released updates for Reader, Acrobat, and Flash Player, and issued an advisory about unpatched vulnerabilities in Coldfusion. … Continue reading

Posted in Malware, Patch Tuesday, Security Updates | Tagged , , , , , , , , , ,

← Older posts