National Cyber Alert System

Quicktime Vulnerability - July 30, 2010
The Quicktime vulnerability if exploited can result in execution of arbitrary code. The vulnerability is caused due to a boundary error in QuickTimeStreaming.qtx when constructing a string to write to a debug log file. This can be exploited to cause a stack-based buffer overflow. Since a patch is currently unavailable it is recommended to avoid use of the application unless absolutely necessary until a patch/fix is issued.

PHP 5.3.3 Released! - July 22, 2010
This release focuses on improving the stability and security of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. All users are encouraged to upgrade to this release.

Microsoft issues tool to repel Windows shortcut attacks - July 21, 2010
Microsoft Corp. late Tuesday released an automated tool to stymie exploits of a critical unpatched Windows vulnerability that experts fear will soon be used by hackers against the general PC population.

Oracle Critical Patch Update - July 14, 2010
The Oracle products and components listed are affected by multiple vulnerabilities. The impacts of these vulnerabilities include remote execution of arbitrary code, information disclosure and denial of service.

Security Tools

A tool to detect all viruses taking advantage of .lnk vulnerability - July 22, 2010
The tool can be used to help users check if their computers are infected with viruses exploiting the .lnk vulnerability.

Zabbix - Open Source Monitoring Solution - July 6, 2010
ZABBIX is an enterprise-class open source distributed monitoring solution designed to monitor and track performance and availability of network servers, devices and other IT resources. It supports distributed and WEB monitoring, auto-discovery, and more.