Bulletins

UMB Seal

Staff Directory VP and CIO CITS Organizational Chart

Campus IT Policies CITS Bits CITS Staff Policies & Forms Cisco IP Phone 7040/7960 User Manual Cortelco Phone Manual Forms How to Update Contact Info IT Plans & Strategies Unified Messaging

Customer Service Database Administration Directory Services Enterprise Applications Infrastructure Services IT Security PC Sales Security, Networking & Communications Software Licensing Quality Assurance, Policy & Planning Web Development

ASC Helpdesk Assistance & Service Center IT Training Helpdesk FAQ UMnet Help

Blackboard Coeus Content Management System Corporate Purchasing Card (CPC) Directory Services & Identity Mgmt eUMB myUMB Portal Open Webmail SIMS SURFS VOICECOM

Print This Page

How to Tell If a Microsoft Security-Related Message Is Genuine

Campus Network Documentation

Other IT Policies/Standards

Security Updates

IT Security Bulletin History

Bulletin History - (Latest Bulletins)
March 24, 2006	New Microsoft Internet Explorer Zero-Day Exploit MS-ISAC Advisory Number 2006-006
March 15, 2006	Microsoft Security Bulletin Summary for March 2006 Microsoft Security Bulletin, March 2006
February 15, 2006	Microsoft Security Bulletin Summary for February 2006 Microsoft Security Bulletin, February 2006
January 11, 2006	Microsoft Security Bulletin Summary for January 2006 Microsoft Security Bulletin, January 2006
December 14, 2005	Microsoft Security Bulletin Summary for December 2005 Microsoft Security Bulletin, December 2005
December 14, 2005 Original Release: October 11, 2005	Vulnerability in DirectShow Could Allow Remote Code Execution Microsoft Security Bulletin MS05-050
November 9, 2005	Microsoft Security Bulletin Summary for November 2005 Microsoft Security Bulletin, November 2005
October 11, 2005	Microsoft Security Bulletin Summary for October 2005 Microsoft Security Bulletin, October 2005
August 9, 2005 Original Release: June 14, 2005	Vulnerability in Microsoft Agent Could Allow Spoofing Microsoft Security Bulletin MS05-032
August 9, 2005 Original Release: June 14, 2005	Vulnerability in Microsoft Work May Lead to Remote Code Execution Microsoft Security Bulletin MS05-023
August 9, 2005	Microsoft Security Bulletin Summary for August 2005 Microsoft Security Bulletin, August 2005
June 14, 2005 Original Release: April 12, 2005	Vulnerability in TCP/IP Processing Could Allow Remote Code Execution and Denial of Service Microsoft Security Bulletin MS05-019
June 14, 2005 Original Release: February 8, 2005	ASP.NET Path Validation Vulnerability Microsoft Security Bulletin MS05-004
June 14, 2005 Original Release: July 10, 2002	SQL Server Installation Process May Leave Passwords on System Microsoft Security Bulletin MS02-035
June 14, 2005	Microsoft Security Bulletin Summary for June 2005 Microsoft Security Bulletin, June 2005
April 13, 2005 Original Release: February 8, 2005	Vulnerability in PNG Processing Could Allow Remote Code Execution Microsoft Security Bulletin MS05-009
April 13, 2005 Original Release: January 11, 2005	Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution Microsoft Security Bulletin MS05-002
April 13, 2005	Microsoft Security Bulletin Summary for April 2005 Microsoft Security Bulletin, April 2005
February 9, 2005	Symantec UPX Parsing Engine Heap Overflow Symantec Security Response SYM05-003
February 9, 2005	Vulnerability in SMTP Could Allow Remote Code Execution Microsoft Security Bulletin MS04-035
February 9, 2005	Microsoft Security Bulletin Summary for February 2005 Microsoft Security Bulletin, January 2005
January 26, 2005	Multiple Denial-of-Service Vulnerabilities in Cisco IOS CERT Technical Cyber Security Alert TA05-026A
January 12, 2005	Microsoft Security Bulletin Summary for January 2005 Microsoft Security Bulletin, January 2005
December 22, 2004	phpBB viewtopic.php fails to properly sanitize input passed to the "highlight" parameter CERT Vulnerability Note VU#497400
December 2, 2004	Microsoft Security Bulletin Summary for December 2004 Microsoft Security Bulletin, December 2004
November 19, 2004	WORM_SOBER.I TrendMicro Security Information
November 16, 2004 Original Release: November 9, 2004	Vulnerability in ISA Server 2000 and Proxy Server 2.0 Could Allow Internet Content Spoofing Microsoft Security Bulletin MS04-039
November 9, 2004	Microsoft Security Bulletin Summary for November 2004 Microsoft Security Bulletin, November 2004
October 13, 2004	Microsoft Security Bulletin Summary for October, 2004 Microsoft Security Bulletin, October 2004
October 13, 2004 Original Release: September 14, 2004	Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987) Microsoft Security Bulletin MS04-028
September 30, 2004	Summary of Security Items from September 22 through September 28, 2004 Cyber Security Bulletin SB04-273
September 15, 2004	Microsoft Security Bulletin Summary for September, 2004 Microsoft Security Bulletin, September 2004
August 10, 2004	Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks Microsoft Security Bulletin MS04-026
August 10, 2004 Original Release: July 13, 2004	Vulnerability in POSIX Could Allow Code Execution Microsoft Security Bulletin MS04-020
July 30, 2004	Cumulative Security Update for Internet Explorer Microsoft Security Bulletin MS04-025
July 7, 2004 Original Release: June 11, 2004	Cross-Domain Redirect Vulnerability in Internet Explorer US-CERT Technical Cyber Security Alert TA04-163A
July 1, 2004	Network device drivers reuse old frame buffer data to pad packets Vulnerability Note VU#412115
June 28, 2004	Increase Your Browsing and E-Mail Safety Microsoft Security Information
June 28, 2004	Download.Ject Information Microsoft Security Information
June 25, 2004	JS.Scob.Trojan Symantec Security Response - JS.Scob.Trojan
June 2, 2004 Updated June 3, 2004	W32.Spybot.Worm Variant Information - Symantec Beta Definitions
April 30, 2004	W32.Sasser.Worm Symantec Security Response - W32.Sasser.Worm
April 20, 2004	Vulnerabilities in SNMP Message Processing Cisco Security Advisory
April 20, 2004	TCP Vulnerabilities in Multiple IOS-Based Cisco Products Cisco Security Advisory
April 20, 2004	TCP Vulnerabilities in Multiple Non-IOS Cisco Products Cisco Security Advisory
April 13, 2004 Original Release: October 31, 2000	Patch Available for 'Malformed MIME Header Vulnerability Microsoft Security Bulletin MS00-082
April 13, 2004 Original Release: July 26, 2001	Malformed RPC Request Can Cause Service Failure Microsoft Security Bulletin MS01-041
April 13, 2004 Orignal Release: February 27, 2004	Authentication Flaw Could Allow Unauthorized Users To Authenticate To SMTP Service Microsoft Security Bulletin MS02-011
April 13, 2004 Original Release: October 15, 2003	Vulnerability in Exchange Server Could Allow Arbitrary Code Execution Microsoft Security Bulletin MS03-046
April 7, 2004	W32.Gaobot.YC Symantec Security Response - W32.Gaobot.YC
March 18, 2004	Multiple Vulnerabilities in OpenSSL Technical Cyber Security Alert TA04-078A
March 9, 2004	Vulnerability in ISAPI Extension for Windows Media Services Could Cause Code Execution Microsoft Security Bulletin MS03-022
March 9, 2004	Microsoft MSN Products Security Bulletin Summary for March, 2004 Microsoft MSN Products Security Bulletin Summary for March, 2004
March 9, 2004	Microsoft Office Security Bulletin Summary for March, 2004 Microsoft Office Security Bulletin Summary for March, 2004
March 9, 2004	Microsoft Windows Security Bulletin Summary for March, 2004 Microsoft Windows Security Bulletin Summary for March, 2004
March 3, 2004	W32.Beagle.K@mm Symantec Security Response - W32.Beagle.K@mm
February 18, 2004	W32.Netsky@mm Symantec Security Response - W32.Netsky@mm US-CERT Incident Note IN-2004-02
February 12, 2004	Vulnerability in Virtual PC for Mac could lead to privilege elevation Microsoft Security Bulletin MS04-005
February 10, 2004	Microsoft Windows Security Bulletin Summary for February 2004 Microsoft Windows Security Bulletin Summary for February, 2004
February 2, 2004	Cumulative Security Update for Internet Explorer Microsoft Bulletin MS04-04
January 27, 2004	Email-borne Viruses CERT Advisory CA-2004-02 Email-borne Viruses
January 26, 2004	W32.Novarg.A@mm Symantec Security Response - W32.Novarg.A@mm US-CERT Technical Cyber Security Alert TA04-028A
January 13, 2004	Multiple H.323 Message Vulnerabilities CERT Advisory CA-2004-01
November 12, 2003	Cumulative Security Update for Internet Explorer Microsoft Bulletin MS03-048
November 12, 2003	Buffer Overrun in the Workstation Service Could Allow Code Execution Microsoft Bulletin MS03-049
November 12, 2003	Buffer Overrun in Microsoft FrontPage Server Extensions Could Allow Code Execution Microsoft Bulletin MS03-051
November 12, 2003	Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run Microsoft Bulletin MS03-050
September 4, 2002 UPDATED: November 11, 2003	Certificate Validation Flaw Could Enable Identity Spoofing Microsoft Bulletin MS02-050
October 29, 2003	Buffer Overrun in Messenger Service Could Allow Code Execution Microsoft Bulletins MS03-043
October 15, 2003 UPDATED: October 22, 2003	Microsoft Windows Security Bulletin Summary for October, 2003 Microsoft Bulletins MS03-041 through 045
October 15, 2003 UPDATED: October 22, 2003	Microsoft Exchange Server Security Bulletin Summary for October, 2003 Microsoft Bulletins MS03-046 and MS03-047
October 13, 2003	Microsoft Windows DCOM/RPC vulnerability CERT Vunerability Note #547820
October 6, 2003	Cumulative Patch for Internet Explorer Microsoft Bulletin MSB03-040
September 26, 2003	Cold Fusion - Cross-site scripting vulnerability with default error handlers Macromedia Advisory MPSB03-06
September 18, 2003	Buffer Overflow in Sendmail CERT Advisory CA-2003-25
September 17, 2003	Buffer Management Vulnerability in OpenSSH CERT Advisory CA-2003-24
September 17, 2003	IRIX 6.5.21 NFS export vulnerability SGI Advisory Website
September 10, 2003	Buffer Overrun In RPCSS Service Could Allow Code Execution Microsoft Bulletin MSB03-039
September 3, 2003	Unchecked buffer in Microsoft Access Snapshot Viewer Could Allow Code Execution Microsoft Bulletin MSB03-038
September 3, 2003	Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution Microsoft Bulletin MSB03-037
September 3, 2003	Buffer Overrun in WordPerfect Converter Could Allow Code Execution Microsoft Bulletin MSB03-036
September 3, 2003	Flaw in Microsoft Word Could Enable Macros to Run Automatically Microsoft Bulletin MSB03-035
September 3, 2003	Flaw in NetBIOS Could Lead to Information Disclosure Microsoft Bulletin MSB03-034
August 20, 2003 Original Post on July 31, 2002	Unchecked Buffer in MDAC Function Could Enable System Compromise Microsoft Bulletin MSB02-040
August 20, 2003	Unchecked Buffer in MDAC Function Could Enable System Compromise Microsoft Bulletin MSB03-033
August 20, 2003	Cumulative Patch for Internet Explorer Microsoft Bulletin MSB03-032
August 20, 2003 Original Post on July 23, 2003	Unchecked Buffer in DirectX Could Enable System Compromise Microsoft Bulletin MSB03-030
August 19, 2003	W32.Sobig.F@mm Symantec Advisory
August 12, 2003	MS Blast/Blaster Worm Propagation CERT Advisory Microsoft Bulletin MS03-026 Information
July 16, 2003	Unchecked Buffer in Windows Shell Could Enable System Compromise Microsoft Bulletin MS03-027 Information
July 16, 2003	Flaw in ISA Server Error Pages Could Allow Cross-Site Scripting Attack Microsoft Bulletin MS03-028 Information
July 9, 2003	Denial-of-Service of TCP-Based Services in CatOS Cisco Security Advisory
July 9, 2003	Flaw in Windows Message Handling Through Utility Manager Could Enable Privilege Elevation Microsoft Bulletin MS03-025 Information
July 9, 2003	Buffer Overrun in Windows Could Lead to Data Corruption Microsoft Bulletin MS03-024 Information
July 9, 2003	Buffer Overrun in HTML Converter Could Allow Code Execution CERT Advisory Microsoft Bulletin MS03-023 Information
May 14, 2003	Multiple Security Vulnerabilities in OpenSSL on IRIX 6.5.19 OpenSSL Advisory SGI Advisory
May 15, 2003	Cisco IOS Software Processing of SAA Packets Cisco Security Advisory
May 7, 2003	Flaw in Windows Media Player Skins Downloading could allow Code Execution Microsoft Bulletin MS03-017 Information
May 7, 2003	Cisco VPN 3000 Concentrator Vulnerabilities Cisco Security Advisory
April 24, 2003	Cisco Catalyst Enable Password Bypass Vulnerability Cisco Security Advisory
April 23, 2003	Cumulative Patch for Internet Explorer Microsoft Bulletin MS03-015 Information
April 23, 2003	Cumulative Patch for Outlook Express Microsoft Bulletin MS03-014 Information
April 23, 2003	Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability Cisco Security Advisory
April 16, 2003	Buffer Overrun in Windows Kernel Message Handling could Lead to Elevated Privileges Microsoft Bulletin MS03-013 Information
April 7, 2003	Remote Root Vulnerability in Samba CERT Advisory Samba Advisory
March 29, 2003	Sendmail Remote Root Vulnerability CERT Advisory Sendmail Patch Information
March 26, 2003	Flaw in RPC Endpoint Mapper Could Allow Denial of Service Attacks Microsoft Bulletin MS03-010 Information
March 26, 2003	Multiple Vulnerabilities in Lotus Notes and Domino CERT Advisory
March 19, 2003 Updated on April 9, 2003	Integer overflow in Sun RPC XDR library routines CERT Advisory
March 17, 2003	Root Vulnerability in Samba CERT Advisory Samba Advisory
March 17, 2003 Updated on March 26, 2003	Unchecked Buffer in Windows/Web Server Compromise CERT Advisory Microsoft Bulletin MS03-007 Information
March 3, 2003	Sendmail Remote Root Vulnerability ISS Advisory Sendmail Patch Information
March 17, 2003	Unchecked Buffer in Windows/Web Server Compromise CERT Advisory Microsoft Bulletin MS03-007 Information
March 17, 2003	Testing font..it is different

CONTACT US | DIRECTORY | myUMB | WEBSITES A-Z

Center for Information Technology Services, 601 W. Lombard St. Baltimore, MD 21201 410-706-1117 cits@umaryland.edu
©2007 University of Maryland, Baltimore. All Rights Reserved.
Please send comments, corrections, and link improvements to Web Support.