National Computer Board Computer Emergency Response Team of Mauritius (CERT-MU) Weekly Security Bulletin CERT-MU Weekly Security Bulletin provides a summary of information security news, vulnerabilities, advisories and virus alerts for the week of October 13, 2014. This information is uploaded on CERT-MU website on a daily basis. For details, refer to CERT-MU website: http://cert-mu.org.mu. Information Security News  Hottest News of the Week Malicious worm seeks vulnerable home data stores A malicious worm that can roam the net seeking data stored on insecure hardware has been created by a security researcher Jacob Holcomb. The proof-of-concept worm was written to illustrate how vulnerable such data stores are to malicious attack. The worm can exploit the many bugs found in popular home data storage systems. The researcher started work on the worm after carrying out a series of tests on Network Attached Storage (NAS) systems made by 10 separate manufacturers. Read More Vulnerabilities The table below shows the vulnerabilities related to various Operating Systems, Application software and Network devices discovered during the week of October 13, 2014. More details about the vulnerabilities and their countermeasures are available on the CERT-MU website. The vulnerabilities are organized according to their severity – High, Medium and Low. Vulnerabilities – High Vendor / Product OpenSSL Vulnerability OpenSSL SRTP and Session Ticket Memory Leaks Let Remote Users Deny Service Published Date CERT-MU References October 17, 2014 VN-2014-199 1 SSL Google The Poodle Attack October 15, 2014 PDF Google Chrome Multiple Bugs Let Remote Users Execute Arbitrary Code and Obtain Information October 13, 2014 VN-2014-194 Vulnerabilities – Medium Vendor / Product Cisco Mozilla Cisco IBM Vulnerability Cisco TelePresence VCS and Expressway Multiple Bugs Let Remote Users Deny Service Mozilla Thunderbird Bugs Let Remote Users Execute Arbitrary Code Cisco Email Security Appliance AsyncOS ZIP File Processing Flaw Lets Remote Users Bypass the Protection Engine IBM Flex System Manager Node (FSM) GNU Bash Multiple Vulnerabilities Published Date CERT-MU References October 17, 2014 VN-2014-198 October 16, 2014 VN-2014-197 October 15, 2014 VN-2014-196 October 14, 2014 VN-2014-195 Virus Alerts The latest viruses and risks for this week are listed below. Users are required to follow the links on CERT-MU website for the removal instructions as proposed by the specific vendors. Virus Alerts Name Trojan.Beginto Type Trojan Damage Level Medium Systems Affected           Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Server 2008 Windows Vista Windows XP Release Date October 16, 2014 2 Android.Windseeker Trojan Medium SearchProtect!gen1 Potentially Unwanted App Low Yontoo.C!gen1 Potentially Unwanted App Low Backdoor.Gresim Trojan Medium Backdoor.Hikit!gen1 Trojan Medium Trojan.Naid!gen1 Trojan Low  Android                                             Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Server 2008 Windows Vista Windows XP Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Server 2008 Windows Vista Windows XP Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Server 2008 Windows Vista Windows XP Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Vista Windows XP Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me October 15, 2014 October 15, 2014 October 14, 2014 October 14, 2014 October 14, 2014 October 14, 2014 3 W32.Ippedo Worm Medium Trojan.Cidox.D Trojan Medium Bloodhound.Malautoit.6 Trojan Medium                         Windows NT Windows Server 2003 Windows Server 2008 Windows Vista Windows XP Windows 2000 Windows 7 Windows 95 Windows 98 Windows Me Windows NT Windows Server 2003 Windows Server 2008 Windows Vista, Windows XP Windows 2000 Windows 7 Windows Vista Windows XP Windows 2000 Windows 95 Windows 98 Windows NT Windows Vista Windows XP October 13, 2014 October 13, 2014 October 13, 2014 Please note that the members who do not want to receive the weekly security bulletin, they can unsubscribe from CERT-MU mailing list by sending an e-mail to the following address: [email protected]. For more information please contact CERT-MU team on: Hotline No: (+230) 800 2378 Fax No: (+230) 208 0119 Gen. Info. : [email protected] Incident: [email protected] Website: http://cert-mu.org.mu 4