MS-ISAC Cyber Security Advisories
2008 Cyber Advisories
January | February | March | April | May | June | July | August | September | October | November
| Number | Date Issued | Subject |
|---|---|---|
| 2008-037 | Tuesday, November 11, 2008 | Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution |
| 2008-035 | Monday, November 10, 2008 | Multiple Vulnerabilities Discovered in Adobe Reader and Adobe Acrobat |
| 2008-036 | Thursday, November 06, 2008 | Multiple Vulnerabilities Discovered in Adobe Flash Player |
| 2008-035 | Tuesday, November 04, 2008 | Multiple Vulnerabilities Discovered in Adobe Reader and Adobe Acrobat |
| Number | Date Issued | Subject |
|---|---|---|
| 2008-034 Updated | Friday, October 24, 2008 | Vulnerability in Server Services Could Allow Remote Code Execution |
| 2008-034 | Thursday, October 23, 2008 | Vulnerability in Server Services Could Allow Remote Code Execution |
| 2008-033 | Wednesday, October 15, 2008 | Vulnerability in Microsoft Server Message Block (SMB) Protocol Could Allow Remote Code Execution |
| 2008-032 | Wednesday, October 15, 2008 | Vulnerability in Active Directory Could Allow Remote Code Execution |
| 2008-031 | Tuesday, October 14, 2008 | Vulnerabilities in Internet Explorer Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2008-30 | Tuesday, September 09, 2008 | Multiple Vulnerabilities in Microsoft Graphics Device Interface (GDI+) Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2008-029 | Wednesday, August 13, 2008 | Vulnerability in Microsoft Word Could Allow Remote Code Execution |
| 2008-028 | Tuesday, August 12, 2008 | Vulnerability in Microsoft Windows Image Color Management System Could Allow Remote Code Execution |
| 2008-027 | Tuesday, August 12, 2008 | Vulnerabilities in Internet Explorer Could Allow Remote Code Execution |
| 2008-025 Updated | Tuesday, August 12, 2008 | Vulnerability in Snapshot Viewer for Microsoft Access May Allow Remote Compromise |
| Number | Date Issued | Subject |
|---|---|---|
| 2008-026 Updated | Tuesday, July 22, 2008 | Vulnerabilities in Multiple Vendors' DNS Implementations May Allow For Cache Poisoning |
| 2008-026 | Tuesday, July 08, 2008 | Vulnerabilities in Multiple Vendors' DNS Implementations May Allow For Cache Poisoning |
| 2008-025 | Tuesday, July 08, 2008 | Vulnerability in Snapshot Viewer for Microsoft Access May Allow Remote Compromise |
| 2008-024 | Monday, July 07, 2008 | Novell eDirectory Integer Overflow Vulnerability |
| Number | Date Issued | Subject |
|---|---|---|
| 2008-023 | Tuesday, June 24, 2008 | New Vulnerability in Adobe Acrobat and Adobe Reader That May Allow Remote Code Execution |
| 2008-022 | Tuesday, June 10, 2008 | Two Vulnerabilities in DirectX Could Allow Remote Code Execution |
| 2008-021 | Tuesday, June 10, 2008 | Vulnerabilities in Internet Explorer Could Allow Remote Code Execution or Information Disclosure |
| Number | Date Issued | Subject |
|---|---|---|
| 2008-020 | Wednesday, May 21, 2008 | Vulnerability in IBM Lotus Domino Web Server Could Allow Remote Code Execution |
| 2008-018 | Sunday, May 18, 2008 | Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution |
| 2008-019 | Tuesday, May 13, 2008 | Vulnerabilities in Microsoft Word Could Allow Remote Code Execution |
| 2008-017 Updated | Friday, May 09, 2008 | Novell GroupWise Buffer Overflow Vulnerability |
| Number | Date Issued | Subject |
|---|---|---|
| 2008-017 | Wednesday, April 30, 2008 | Novell GroupWise Buffer Overflow Vulnerability |
| 2008-016 Updated | Thursday, April 10, 2008 | Vulnerability in Microsoft Graphics Device Interface (GDI) Could Allow for Remote Code Execution |
| 2008-016 | Wednesday, April 09, 2008 | Vulnerability in Microsoft Graphics Device Interface (GDI) Could Allow for Remote Code Execution |
| 2008-015 | Wednesday, April 09, 2008 | Security Update of ActiveX Kill Bits |
| 2008-014 | Wednesday, April 09, 2008 | A Vulnerability in Adobe Flash Player Allows for Remote Code Execution |
| 2008-013 | Tuesday, April 08, 2008 | Cumulative Internet Explorer Update Addresses Critical Data Stream Handling Vulnerability |
| 2008-012 | Tuesday, April 08, 2008 | Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2008-010 Updated | Wednesday, March 19, 2008 | Multiple Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution |
| 2008-011 | Tuesday, March 11, 2008 | Microsoft Office Web Components Remote Code Execution Vulnerability |
| 2008-010 | Tuesday, March 11, 2008 | Multiple Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution |
| 2008-009 | Tuesday, March 11, 2008 | Multiple Vulnerabilities in Microsoft Office Could Allow Remote Code Execution |
| 2008-008 | Friday, March 07, 2008 | Sun Java Runtime Environment Image Parsing Vulnerability |
| Number | Date Issued | Subject |
|---|---|---|
| 2008-007 | Wednesday, February 13, 2008 | Multiple Vulnerabilities in Adobe Reader and Adobe Acrobat Could Allow Remote Code Execution |
| 2008-006 | Wednesday, February 13, 2008 | Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution |
| 2008-005 | Tuesday, February 12, 2008 | Multiple Vulnerabilities in Internet Explorer Could Allow Remote Code Execution |
| 2008-004 | Tuesday, February 12, 2008 | Vulnerability in Microsoft OLE Automation Could Allow Remote Code Execution |
| 2008-003 | Tuesday, February 12, 2008 | Novell Netware Client 4.91 Service Pack 1 through Service Pack 4 |
| Number | Date Issued | Subject |
|---|---|---|
| 2008-002 | Wednesday, January 16, 2008 | Microsoft Excel Vulnerability |
| 2008-001 | Thursday, January 03, 2008 | Shockwave Flash (SWF) files may contain cross-site scripting vulnerabilities |
2007 Cyber Advisories
January | February | March | April | May | June | July | August | October | November | December
| Number | Date Issued | Subject |
|---|---|---|
| 2007-028 | Wednesday, December 19, 2007 | Multiple Vulnerabilities in Adobe Flash Player Could Allow for Remote Code Execution |
| 2007-023 | Friday, December 14, 2007 | Apple QuickTime RTSP Response Header Remote Stack Based Buffer Overflow |
| 2007-027 Updated | Tuesday, December 11, 2007 | Vulnerabilities in Microsoft DirectX Could Allow Remote Code Execution |
| 2007-026 Updated | Tuesday, December 11, 2007 | Vulnerability in Windows Media File Format Could Allow for Remote Code Execution |
| 2007-025 | Tuesday, December 11, 2007 | Multiple Vulnerabilities in Internet Explorer Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2007-024 Updated | Wednesday, November 28, 2007 | IBM Lotus Notes 1-2-3 Viewer Multiple Buffer Overflow Vulnerabilities |
| 2007-023 | Wednesday, November 28, 2007 | Apple QuickTime RTSP Response Header Remote Stack Based Buffer Overflow |
| 2007-020 | Tuesday, November 13, 2007 | New Vulnerability in Windows URI Handler Could Allow for Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2007-022 | Wednesday, October 24, 2007 | IBM Lotus Notes Attachment Viewer Multiple Buffer Overflow Vulnerabilities |
| 2007-020 | Tuesday, October 23, 2007 | New Vulnerability in Windows URI Handler Could Allow for Remote Code Execution |
| 2007-021 | Monday, October 22, 2007 | Unpatched RealPlayer ActiveX Component Exploitation |
| 2007-021 | Friday, October 19, 2007 | Unpatched RealPlayer ActiveX Component Exploitation |
| 2007-020 | Tuesday, October 16, 2007 | New Vulnerability in Windows URI Handler Could Allow for Remote Code Execution |
| 2007-019 | Tuesday, October 09, 2007 | Multiple Remote Code Execution and Spoofing Vulnerabilities in Internet Explorer |
| Number | Date Issued | Subject |
|---|---|---|
| 2007-018 | Tuesday, August 14, 2007 | New Vulnerability in GDI Could Allow for Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2007-017 | Wednesday, July 18, 2007 | Vulnerability in Adobe Flash Player Could Allow Remote Code Execution |
| 2007-016 | Tuesday, July 17, 2007 | Sun Java Runtime Environment and Java Web Start Remote Code Execution Vulnerabilities |
| 2007-015 | Wednesday, July 11, 2007 | Vulnerabilities in Microsoft .NET Framework Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2007-014 | Thursday, June 14, 2007 | Multiple Remote Code Execution Vulnerabilities in Internet Explorer |
| 2007-014 | Tuesday, June 12, 2007 | Multiple Remote Code Execution Vulnerabilities in Internet Explorer |
| 2007-013 | Friday, June 01, 2007 | Security Vulnerability in Novell GroupWise |
| Number | Date Issued | Subject |
|---|---|---|
| 2007-012 Updated | Tuesday, May 08, 2007 | Multiple Remote Code Execution Vulnerabilities in Internet Explorer |
| 2007-011 Updated | Tuesday, May 08, 2007 | Vulnerabilities in Microsoft Exchange Server |
| 2007-010 | Tuesday, May 08, 2007 | Vulnerability in CAPICOM Could Allow Remote Code Execution |
| 2007-009 Updated | Tuesday, May 08, 2007 | Microsoft Windows Domain Name System Service Remote Procedure Call Interface Vulnerability |
| Number | Date Issued | Subject |
|---|---|---|
| 2007-009 Updated | Friday, April 20, 2007 | Microsoft Windows Domain Name System Service Remote Procedure Call Interface Vulnerability |
| 2007-009 | Monday, April 16, 2007 | Microsoft Windows Domain Name System Service Remote Procedure Call Interface Vulnerability |
| 2007-008 Updated | Tuesday, April 03, 2007 | New Vulnerability in Windows Animated Cursor Handling Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2007-008 Updated | Friday, March 30, 2007 | New Vulnerability in Windows Animated Cursor Handling Could Allow Remote Code Execution |
| 2007-008 | Thursday, March 29, 2007 | New Vulnerability in Windows Animated Cursor Handling Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2007-007 | Wednesday, February 14, 2007 | Multiple Remote Code Execution Vulnerabilities Exploitable through Internet Explorer |
| 2006-013 Updated | Wednesday, February 14, 2007 | New Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution |
| 2007-006 | Tuesday, February 13, 2007 | Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution |
| 2007-005 | Monday, February 12, 2007 | Sun Solaris Telnet Remote Authentication Bypass Vulnerability |
| Number | Date Issued | Subject |
|---|---|---|
| 2007-004 | Thursday, January 25, 2007 | Multiple Vulnerabilities in Cisco IOS |
| 2007-003 | Tuesday, January 23, 2007 | Wide-Spread Trojan Horse Infection |
| 2007-001 Updated | Thursday, January 11, 2007 | Adobe Acrobat Reader Plugin is Prone to Cross-Site Scripting Attacks |
| 2007-002 Updated | Tuesday, January 09, 2007 | Vulnerability in Vector Markup Language Affecting Microsoft Window Platforms |
| 2006-002 Updated | Tuesday, January 09, 2007 | Vulnerability in Microsoft Outlook and Microsoft Exchange Could Allow Remote Control of System |
| 2007-001 | Friday, January 05, 2007 | Adobe Acrobat Reader Plugin is Prone to Cross-Site Scripting Attacks |
2006 Cyber Advisories
January | February | April | May | June | July | August | September | October | November | December
| Number | Date Issued | Subject |
|---|---|---|
| 2006-019 | Tuesday, December 12, 2006 | Vulnerability in Windows Media Format Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2006-014 Updated | Friday, November 17, 2006 | New Vulnerability in Microsoft Server Service Could Allow Remote Code Execution |
| 2006-018 | Thursday, November 16, 2006 | Vulnerabilities in Broadcom Wireless Driver and D-Link DWL-G132 Wireless Adapters |
| 2006-017 | Tuesday, November 14, 2006 | Vulnerabilities in ActiveX Controls Could Allow Remote Control of Systems |
| 2006-014 Updated | Tuesday, November 14, 2006 | New Vulnerability in Microsoft Server Service Could Allow Remote Code Execution |
| 2006-010 Updated | Tuesday, November 14, 2006 | Multiple Vulnerabilities in the Macromedia Flash Player from Adobe |
| Number | Date Issued | Subject |
|---|---|---|
| 2006-016 | Tuesday, October 10, 2006 | Vulnerability in Windows Explorer Could Allow Remote Control of Systems |
| Number | Date Issued | Subject |
|---|---|---|
| 2006-015 Updated | Tuesday, September 26, 2006 | Public Exploitation of Unpatched VML Vulnerability Affecting Microsoft Internet Explorer and Microsoft Outlook |
| 2006-015 | Friday, September 22, 2006 | Public Exploitation of Unpatched VML Vulnerability Affecting Microsoft Internet Explorer and Microsoft Outlook |
| 2006-014 Updated | Wednesday, September 13, 2006 | New Vulnerability in Microsoft Server Service Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2006-014 Updated | Thursday, August 10, 2006 | New Vulnerability in Microsoft Server Service Could Allow Remote Code Execution |
| 2006-014 | Tuesday, August 08, 2006 | New Vulnerability in Microsoft Server Service Could Allow Remote Code Execution |
| 2006-013 Updated | Tuesday, August 08, 2006 | New Vulnerability in Microsoft PowerPoint Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2006-013 | Monday, July 17, 2006 | Multiple unpatched Microsoft PowerPoint vulnerabilities have been discovered which could allow Remote Code Execution and cause a Denial of Service |
| 2006-012 Updated | Tuesday, July 11, 2006 | New Vulnerability in Microsoft Excel Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2006-012 | Thursday, June 15, 2006 | New Vulnerability in Microsoft Excel Could Allow Remote Code Execution |
| 2006-011 | Tuesday, June 13, 2006 | Microsoft Windows Malformed ART Image Remote Code Execution Vulnerability |
| 2006-001 Updated | Tuesday, June 13, 2006 | Unpatched WMF Vulnerability in Microsoft Windows |
| Number | Date Issued | Subject |
|---|---|---|
| 2006-010 | Tuesday, May 09, 2006 | Multiple Vulnerabilities in the Macromedia Flash Player from Adobe |
| 2006-009 | Tuesday, May 09, 2006 | Vulnerability in Microsoft Exchange Server |
| Number | Date Issued | Subject |
|---|---|---|
| 2006-008 | Wednesday, April 12, 2006 | Vulnerability in the Microsoft Data Access Components (MDAC) |
| 2006-007 | Wednesday, April 12, 2006 | Cumulative Security Update for Internet Explorer |
| Number | Date Issued | Subject |
|---|---|---|
| 2006-005 | Tuesday, February 14, 2006 | New WMF Vulnerability in Microsoft Windows 2000 SP4 (MS06-004 Cumulative Security Update for Internet Explorer) |
| Number | Date Issued | Subject |
|---|---|---|
| 2006-004 | Tuesday, January 24, 2006 | Blackmal Email Worm destroys files on the third day of each month |
| 2006-003 | Tuesday, January 10, 2006 | Vulnerability in Windows Web Font Processing Could Allow Remote Control of System |
| 2006-002 | Tuesday, January 10, 2006 | Vulnerability in Microsoft Outlook and Microsoft Exchange Could Allow Remote Control of System |
| 2006-001 | Monday, January 09, 2006 | New Unpatched WMF Vulnerability in Microsoft Windows |
| 2005-022 Updated | Thursday, January 05, 2006 | Public Exploitation of Unpatched WMF Vulnerability in Microsoft Windows |
2005 Cyber Advisories
January | February | March | April | May | June | July | August | October | November | December
| Number | Date Issued | Subject |
|---|---|---|
| 2005-022 Updated | Thursday, December 29, 2005 | Public Exploit for Newly Discovered WMF Vulnerability in Microsoft Windows |
| 2005-022 | Wednesday, December 28, 2005 | Public Exploit for Newly Discovered WMF Vulnerability in Microsoft Windows |
| 2005-021 | Thursday, December 22, 2005 | Vulnerabilities in Symantec AntiVirus Library Could Allow Remote Code Execution |
| 2005-017 Updated | Friday, December 16, 2005 | Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution - MS05-051 |
| Number | Date Issued | Subject |
|---|---|---|
| 2005-020 | Wednesday, November 23, 2005 | Cisco PIX Firewall Denial of Service Vulnerability |
| 2005-019 Updated | Friday, November 18, 2005 | Vulnerabilities Affecting Multiple Cisco, Juniper and Check Point Devices |
| 2005-019 | Monday, November 14, 2005 | Vulnerabilities Affecting Multiple Cisco and Juniper Devices |
| 2005-018 | Wednesday, November 02, 2005 | Oracle Proof-of-Concept Worm Disclosed |
| Number | Date Issued | Subject |
|---|---|---|
| 2005-017 Updated | Thursday, October 13, 2005 | Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution - MS05-051 |
| 2005-017 | Tuesday, October 11, 2005 | Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2005-016 | Tuesday, August 16, 2005 | Update on the Microsoft Windows Plug and Play Buffer Overflow Vulnerability |
| 2005-013 Updated | Friday, August 12, 2005 | New Vulnerability in Microsoft Plug and Play |
| 2005-014 Updated | Wednesday, August 10, 2005 | Cumulative Security Update for Internet Explorer |
| 2005-015 | Tuesday, August 09, 2005 | Vulnerability in Print Spooler Service Could Allow Remote Code Execution |
| 2005-014 | Tuesday, August 09, 2005 | Cumulative Security Update for Internet Explorer |
| 2005-013 | Tuesday, August 09, 2005 | New Vulnerability in Microsoft Plug and Play |
| Number | Date Issued | Subject |
|---|---|---|
| 2005-012 | Friday, July 29, 2005 | Cisco IOS IPv6 Vulnerability |
| 2005-011 | Friday, July 22, 2005 | Two States Report Similar Virus Infections |
| 2005-010 | Tuesday, July 12, 2005 | New Vulnerability in Microsoft Color Management Module |
| 2005-009 Updated | Tuesday, July 12, 2005 | New vulnerability in a component of Microsoft Internet Explorer |
| 2005-009 | Sunday, July 03, 2005 | New vulnerability in a component of Microsoft Internet Explorer |
| Number | Date Issued | Subject |
|---|---|---|
| 2005-008 | Monday, June 27, 2005 | Exploits for at least one of the vulnerabilities in Veritas Backup Exec software |
| Number | Date Issued | Subject |
|---|---|---|
| 2005-007 | Tuesday, May 17, 2005 | SPAM messages in German |
| Number | Date Issued | Subject |
|---|---|---|
| 2005-006 | Wednesday, April 13, 2005 | Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service |
| 2005-005 | Tuesday, April 12, 2005 | Vulnerability in Microsoft Exchange Server Could Allow Remote Code Execution |
| Number | Date Issued | Subject |
|---|---|---|
| 2005-004 | Wednesday, March 30, 2005 | Oracle XDB FTP Services Buffer Overflow Vulnerability is being exploited in the wild |
| Number | Date Issued | Subject |
|---|---|---|
| 2005-003 | Thursday, February 17, 2005 | New Variant of MyDoom Worm Spreading Rapidly |
| Number | Date Issued | Subject |
|---|---|---|
| 2005-002 | Friday, January 28, 2005 | Two New Beagle Variants in the Wild |
| 2005-001 | Thursday, January 13, 2005 | Vulnerability in Veritas Backup Exec |
-