JC3 Low Impact Assessment Bulletins

November 30, 2011

U-048: HP LaserJet Printers Unspecified Flaw Lets Remote Users Update Firmware with Arbitrary Code

A remote user can upgrade the printer's firmware with arbitrary code

November 25, 2011

U-045: Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny Service

Windows Win32k.sys Keyboard Layout Bug Lets Local Users Deny

July 1, 2011

T-659: Update support for RSA Authentication Manager

RSA posted SP4 Patch 4 of their Authentication Manager product 06/30/2011. There are a few pages of fixes in the README, but the most significant is that Authentication Manager can now be installed on Windows Server 2008 (both 32 and 64bit).

April 7, 2011

T-597: WordPress Multiple Security Vulnerabilities

Attackers can exploit these issues to perform unauthorized actions in the context of the logged-in user, crash the affected application and therefore deny service to legitimate users, or execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may let the attacker steal cookie-based authentication credentials or launch other attacks.

February 25, 2011

T-565: Vulnerability in Microsoft Malware Protection Engine Could Allow Elevation of PrivilegeVulnerability

Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft.

Energy.gov

Office of the Chief Information Officer

Office of the Chief Information Officer

All Offices

You are here