Enterprise Information Security Office

Cyber Security Advisories

Share This

Cyber Security Advisories

The following cyber advisory was issued by the New York State Office of Information Technology Services and is intended for State government entities. The information may or may not be applicable to the general public and, accordingly, the State does not warrant its use for any specific purposes
No. Datesort ascending Title
#2014-026 03/16/2015 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB15-05)
#2015-028 03/13/2015 Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
#2015-027 03/13/2015 Microsoft Security Advisory 3033929 Causing Issues in Windows 7
#2015-025 03/10/2015 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (MS15-022)
#2015-024 03/10/2015 Vulnerabilities in Adobe Font Driver Could Allow Remote Code Execution (MS15-021)
#2015-023 03/10/2015 Vulnerabilities in Microsoft Windows Could Allow Remote Code Execution (MS15-020)
#2015-022 03/10/2015 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (MS15-019)
#2015-021 03/10/2015 Cumulative Security Update for Internet Explorer (MS15-018)
#2015-020 03/10/2015 Multiple Vulnerabilities in Apple Mac OS X Could Allow Remote Code Execution
#2015-019 03/06/2015 Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
#2015-018 03/05/2015 Vulnerability in Microsoft Word Could Allow Remote Code Execution
#2015-017 02/25/2015 Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Could Allow for Remote Code Execution
#2015-016 02/24/2015 Vulnerability in Samba could result in remote code execution
#2015-015 02/23/2015 Vulnerability in PHP Could Allow Remote Code Execution
#2015-014 02/13/2015 WordPress Content Management System Vulnerability
#2015-009 02/10/2015 Vulnerability in PHP Could Allow Remote Code Execution
#2015-010 02/10/2015 Cumulative Security Update for Internet Explorer (MS15-009)
#2015-011 02/10/2015 Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution (MS15-010)
#2015-012 02/10/2015 Vulnerability in Group Policy Could Allow Remote Code Execution (MS15-011)
#2015-013 02/10/2015 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (MS15-012)
#2015-008 02/06/2015 Multiple Vulnerabilities In Adobe Flash Player Could Allow Remote Code Execution
#2015-006 02/02/2015 Multiple Vulnerabilities in Apple Mac OS X Could Allow Remote Code Execution
#2015-007 02/02/2015 Vulnerability in Adobe Flash Player Could Allow Remote Code Execution
#2015-004 01/28/2015 Vulnerability in GNU C Library Could Allow for Remote Code Execution (Ghost Vulnerability)
#2015-005 01/28/2015 Multiple Vulnerabilities In Adobe Flash Player Could Allow Remote Code Execution (APSB15-02) and (APSB15-03)
#2014-003 01/22/2015 Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
#2015-002 01/15/2015 Multiple Vulnerabilities in Mozilla Firefox, Thunderbird, and SeaMonkey Could Allow for Remote Code Execution.
#2015-001 01/13/2015 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB15-01)
#2014-114 12/22/2014 Multiple Vulnerabilities in Network Time Protocol daemon could allow Remote Code Execution
#2014-115 12/22/2014 Vulnerability in Git Could Allow Remote Code Execution
#2014-107 12/09/2014 Cumulative Security Update for Internet Explorer (MS14-080)
#2014-108 12/09/2014 Vulnerabilities in Microsoft Word and Microsoft Office Web Apps Could Allow Remote Code Execution (MS14-081)
#2014-109 12/09/2014 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (MS14-082)
#2014-111 12/09/2014 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (MS14-084)
#2014-112 12/09/2014 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB14-27)
#2014-113 12/09/2014 Multiple Vulnerabilities in Adobe Reader and Adobe Acrobat Could Allow Remote Code Execution (APSB14-28)
#2014-106 12/05/2014 Multiple Vulnerabilities in WordPress Download Manager Plugin Could Allow Remote Code Execution
#2014-105 12/04/2014 Multiple Vulnerabilities in WebKit Could Allow for Remote Code Execution
#2014-098 12/03/2014 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (MS14-069)
#2014-104 12/02/2014 Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Could Allow for Remote Code Execution
#2014-103 12/01/2014 Multiple Security Vulnerabilities Reported in Siemens SIMATIC WinCC
#2014-102 11/26/2014 Vulnerability found in Adobe Flash Player Could Allow Remote Code Execution (APSB14-26)
#2014-100 11/24/2014 Multiple vulnerabilities in Drupal Core could allow Unauthorized Access (DRUPAL-SA-CORE-2014-006)
#2014-101 11/24/2014 Multiple Vulnerabilities in WordPress Content Management System
#2014-099 11/18/2014 Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
#2014-097 11/11/2014 Vulnerability in XML Core Services Could Allow Remote Code Execution (MS14-067)
#2014-093 11/11/2014 Security updates available for Adobe Flash Player (APSB14-24)
#2014-094 11/11/2014 Vulnerabilities in Windows OLE Could Allow Remote Code Execution (MS14-064)
#2014-094 11/11/2014 Vulnerabilities in Windows OLE Could Allow Remote Code Execution (MS14-064)
#2014-095 11/11/2014 Cumulative Security Update for Internet Explorer (MS14-065)
#2014-096 11/11/2014 Vulnerability in Schannel Could Allow Remote Code Execution (MS14-066)
#2014-092 10/17/2014 Vulnerability in SSLv3 Could Allow Information Disclosure
#2014-091 10/16/2014 SQL Injection Vulnerability in Drupal could allow for Remote Code Execution
#2014-085 10/14/2014 Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Could Allow for Remote Code Execution
#2014-086 10/14/2014 Cumulative Security Update for Internet Explorer (MS14-056)
#2014-087 10/14/2014 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (MS14-057)
#2014-088 10/14/2014 Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution (MS14-058)
#2014-090 10/14/2014 Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (MS14-061)
#2014-084 10/09/2014 Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
#2014-083 09/25/2014 Critical Bourne Again SHell (BASH) Vulnerability Allows for Remote Code Execution
#2014-081 09/18/2014 Multiple Vulnerabilities in AppleiOS Prior to iOS 8 and TV Prior to TV 7
#2014-082 09/18/2014 Multiple Vulnerabilities in Apple Mac OS X
#2014-080 09/18/2014 Vulnerabilities in Adobe Reader and Acrobat Could Allow For Remote Code Execution (APSB14-20)
#2014-079 09/11/2014 Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
#2014-076 09/09/2014 Multiple Vulnerabilities Discovered in IBM Security Network Intrusion Prevention System Sensors
#2014-077 09/09/2014 Security updates available for Adobe Flash Player (APSB14-21)
#2014-078 09/09/2014 Cumulative Security Update for Internet Explorer (MS14-052)
#2014-075 09/05/2014 Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Could Allow for Remote Code Execution
#2014-074 09/04/2014 Vulnerability in Multiple F5 products could allow for Remote code execution
#2014-072 08/26/2014 Vulnerability in Slider Revolution Responsive plugin for WordPress Could Allow for Arbitrary-File Download
#2014-073 08/26/2014 Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
#2014-071 08/15/2014 Multiple Vulnerabilities in WebKit Could Allow for Remote Code Execution
#2014-070 08/13/2014 Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
#2014-066 08/12/2014 Security updates available for Adobe Flash Player (APSB14-18)
#2014-065 08/12/2014 Multiple Vulnerabilities in Mozilla Firefox and Thunderbird Could Allow Remote Code Execution
#2014-067 08/12/2014 Security Updates available for Adobe Reader and Acrobat (APSB14-19)
#2014-068 08/12/2014 Vulnerability in Windows Media Center Could Allow Remote Code Execution (MS14-043)
#2014-069 08/12/2014 Cumulative Security Update for Internet Explorer (MS14-051)
#2014-064 07/29/2014 Multiple Security Vulnerabilities Reported in Siemens SIMATIC WinCC
#2014-061 07/08/2014 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB14-17)
#2014-062 07/08/2014 Cumulative Security Update for Internet Explorer (MS14-037)
#2014-063 07/08/2014 Vulnerability in Windows Journal Could Allow Remote Code Execution (MS14-038)
#2014-060 07/02/2014 Multiple Vulnerabilities in Apple Mac OS X, Apple Safari and Apple iOS Could Allow for Local or Remote Code Execution
#2014-059 06/20/2014 Multiple Vulnerabilities in Oracle Database Could Allow Remote Code Execution
#2014-058 06/18/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-052 06/10/2014 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB14-16)
#2014-053 06/10/2014 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2014-054 06/10/2014 Vulnerability in Microsoft Lync Server Could Allow Information Disclosure
#2014-055 06/10/2014 Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261)
#2014-056 06/10/2014 Cumulative Security Update for Internet Explorer (MS14-035)
#2014-057 06/10/2014 Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution (2967487)
#2014-051 06/05/2014 Multiple Vulnerabilities in OpenSSL Could Allow Remote Code Execution
#2014-050 05/30/2014 Vulnerabilities in Oracle Reports Developer could allow remote code execution
#2014-049 05/27/2014 Vulnerability in Internet Explorer 8 Could Allow Remote Code Execution
#2014-049b 05/22/2014 Vulnerability in Internet Explorer 8 Could Allow Remote Code Execution
#2014-048 05/21/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-045 05/14/2014 Security Update for Internet Explorer (MS14-029)
#2014-046 05/14/2014 Vulnerability in Adobe Flash Player Could Allow Remote Code Execution (APSB14-14)
#2014-047 05/14/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-044 05/13/2014 Vulnerabilities in Adobe Reader and Acrobat Could Allow For Remote Code Execution (APSB14-15)
#2014-043 05/01/2014 Multiple Vulnerabilities in Cisco Telepresence TC and TE Software
#2014-042 04/30/2014 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2014-039 04/28/2014 Vulnerability in Internet Explorer Could Allow Remote Code Execution
#2014-040 04/28/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-041 04/28/2014 Vulnerability in Adobe Flash Player Could Allow Remote Code Execution (APSB14-13)
#2014-039b 04/28/2014 Vulnerability in Internet Explorer Could Allow Remote Code Execution
#2014-038 04/25/2014 Vulnerability in Apache Struts Could Allow Remote Code Execution
#2014-037 04/23/2014 Multiple Vulnerabilities in Apple Mac OS X and Apple Safari Could Allow Remote Code Execution
#2014-036 04/14/2014 Multiple Vulnerabilities Discovered in WordPress Content Management System
#2014-035 04/09/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-029 04/08/2014 OpenSSL TLS heartbeat' Extension Information Disclosure Vulnerability'
#2014-030 04/08/2014 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB14-09)
#2014-031 04/08/2014 Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (MS14-017)
#2014-032 04/08/2014 Cumulative Security Update for Internet Explorer (MS14-018)
#2014-033 04/08/2014 Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (MS14-019)
#2014-029b 04/08/2014 OpenSSL TLS heartbeat' Extension Information Disclosure Vulnerability'
#2014-034 04/08/2014 Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (2950145)
#2014-028 03/24/2014 Vulnerability in Microsoft Word Could Allow Remote Code Execution
#2014-028b 03/24/2014 Vulnerability in Microsoft Word Could Allow Remote Code Execution
#2014-027 03/19/2014 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2014-026 03/17/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-025 03/13/2014 Vulnerability in Adobe Shockwave Player Could Allow for Remote Code Execution (APSB14-10)
#2014-024 03/12/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-020 03/11/2014 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB14-08)
#2014-021 03/11/2014 Cumulative Security Update for Internet Explorer (MS14-012)
#2014-022 03/11/2014 Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (MS14-013)
#2014-023 03/11/2014 Vulnerability in Microsoft Silverlight Could Allow For Security Feature Bypass (MS14-014)
#2014-019 03/04/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-017 02/26/2014 Multiple Vulnerabilities in Apple Mac OS X Could Allow Remote Code Execution
#2014-018 02/26/2014 Multiple Vulnerabilities in Apple QuickTime Could Allow Remote Code Execution
#2014-015 02/20/2014 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB14-07)
#2014-016 02/20/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-014b 02/14/2014 Zero Day Vulnerability in Internet Explorer Could Allow Remote Code Execution
#2014-014 02/14/2014 Zero Day Vulnerability in Internet Explorer Could Allow Remote Code Execution
#2014-014c 02/14/2014 Zero Day Vulnerability in Internet Explorer Could Allow Remote Code Execution
#2014-008 02/11/2014 Vulnerability in Direct2D Could Allow Remote Code Execution (2912390)
#2014-009 02/11/2014 Vulnerability in Microsoft Forefront Protection for Exchange Could Allow Remote Code Execution (2927022)
#2014-010 02/11/2014 Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (MS14-009)
#2014-011 02/11/2014 Cumulative Security Update for Internet Explorer (MS14-010)
#2014-012 02/11/2014 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (2928390)
#2014-013 02/11/2014 Security Update Available for Adobe Shockwave Player (APSB14-06)
#2014-006 02/04/2014 Vulnerability in Adobe Flash Player Could Allow Remote Code Execution (APSB14-04)
#2014-007 02/04/2014 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2014-005 01/28/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-004 01/14/2014 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2014-001 01/14/2014 Vulnerabilities in Adobe Reader and Acrobat Could Allow For Remote Code Execution (APSB14-01)
#2014-002 01/14/2014 Security Updates Available for Adobe Flash Player
#2014-003 01/14/2014 Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)
#2013-114 12/10/2013 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution
#2013-115 12/10/2013 Security Update Available for Adobe Shockwave Player
#2013-116 12/10/2013 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2013-117 12/10/2013 Cumulative Security Update for Internet Explorer (MS13-097)
#2013-118 12/10/2013 Vulnerability in Windows Could Allow Remote Code Execution (2893294)
#2013-119 12/10/2013 Vulnerability in Microsoft Scripting Runtime Object Library Could Allow Remote Code Execution (2909158)
#2013-120 12/10/2013 Vulnerability in Microsoft Office Could Allow Information Disclosure (2909976)
#2013-121 12/10/2013 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (MS13-105)
#2013-113 12/05/2013 Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2013-112 11/15/2013 Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2013-110 11/13/2013 Cumulative Google Chrome Updates
#2013-111 11/13/2013 Vulnerabilities found in Adobe ColdFusion
#2013-109 11/12/2013 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2885093)
#2013-105 11/12/2013 Multiple Vulnerabilities in Adobe Flash Player and Adobe AIR Could Allow Remote Code Execution
#2013-106 11/12/2013 Cumulative Security Update for Internet Explorer (MS13-088)
#2013-107 11/12/2013 Vulnerability in Windows Graphics Device Interface Could Allow Remote Code Execution (MS13-089)
#2013-108 11/12/2013 Cumulative Security Update of ActiveX Kill Bits (MS13-090)
#2013-104b 11/06/2013 Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution
#2013-104 11/06/2013 Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution
#2013-103 10/31/2013 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2013-102 10/25/2013 Multiple Vulnerabilities in Apple Mac OS X Could Allow Remote Code Execution
#2013-101 10/16/2013 Multiple Security Vulnerabilities reported in Google Chrome
#2013-093 10/08/2013 Vulnerability in Adobe Reader and Acrobat Could Allow For Remote Code Execution (APSB13-25)
#2013-094 10/08/2013 Cumulative Security Update for Internet Explorer (MS13-080)
#2013-095 10/08/2013 Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (MS13-081)
#2013-096 10/08/2013 Vulnerabilities in .NET Framework Could Allow Remote Code Execution (MS13-082)
#2013-097 10/08/2013 Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (MS13-083)
#2013-098 10/08/2013 Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2885089)
#2013-099 10/08/2013 Multiple Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (MS013-085)
#2013-100 10/08/2013 Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (MS13-086)
#2013-094b 10/08/2013 Cumulative Security Update for Internet Explorer (MS13-080)
#2013-092 09/23/2013 Vulnerabilities in Apache Struts Could Allow Remote Code Execution
#2013-091b 09/18/2013 A vulnerability in Internet Explorer Could Allow Remote Code Execution (288705)
#2013-090 09/18/2013 Multiple Security Vulnerabilities Reported in Mozilla Products
#2013-091 09/18/2013 A vulnerability in Internet Explorer Could Allow Remote Code Execution (288705)
#2013-088 09/13/2013 Vulnerability in WordPress Content Management System Could Allow Remote Code Execution
#2013-089 09/13/2013 Multiple Vulnerabilities in Apple Mac OS X Could Allow Remote Code Execution
#2013-077 09/10/2013 Vulnerabilities in Adobe Shockwave Player could allow Remote Code Execution
#2013-078 09/10/2013 Multiple Vulnerabilities found in Microsoft SharePoint Server (MS13-067)
#2013-079 09/10/2013 Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (2756473)
#2013-080 09/10/2013 Multiple Vulnerabilities in Internet Explorer Could Allow Remote Code Execution (MS13-059)
#2013-081 09/10/2013 Vulnerability in OLE Could Allow Remote Code Execution (MS13-070)
#2013-082 09/10/2013 Vulnerability in Windows Theme File Could Allow Remote Code Execution (MS13-071)
#2013-083 09/10/2013 Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2845537)
#2013-084 09/10/2013 Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution(MS13 -073)
#2013-085 09/10/2013 Multiple Vulnerabilities in Microsoft Access Could Allow Remote Code Execution (MS13-074)
#2013-086 09/10/2013 A Vulnerability in Adobe Flash Player Could Allow for Remote Code Execution
#2013-087 09/10/2013 Vulnerabilities in Adobe Reader and Acrobat could allow Remote Code Execution (APSB13-22)
#2013-076 08/21/2013 Multiple Security Vulnerabilities Reported in Google Chrome
#2013-074b 08/13/2013 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (MS13-061)
#2013-072 08/13/2013 Multiple Vulnerabilities in Internet Explorer Could Allow Remote Code Execution (MS13-059)
#2013-073 08/13/2013 Vulnerability in Unicode Scripts Processor could allow Remote Code Execution (2850869)
#2013-074 08/13/2013 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (MS13-061)
#2013-075 08/13/2013 Vulnerability in Remote Procedure Call Could Allow Remote Code Execution (MS13-062)
#2013-071 08/07/2013 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2013-070 08/05/2013 Joomla CMS is Vulnerable to Arbitrary File Upload
#2013-069 07/30/2013 Multiple Security Vulnerabilities reported in Google Chrome
#2013-068 07/10/2013 Multiple Security Vulnerabilities reported in Google Chrome
#2013-061 07/09/2013 Vulnerability in Adobe Shockwave Player could allow Remote Code Execution
#2013-062 07/09/2013 Cumulative Security Update for Internet Explorer (MS13-055)
#2013-063 07/09/2013 Multiple Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2850851)
#2013-064 07/09/2013 Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2861561)
#2013-065 07/09/2013 Vulnerability in GDI+ Could Allow Remote Code Execution (MS13-054)
#2013-066 07/09/2013 Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (2845187)
#2013-067 07/09/2013 Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution (2847883)
#2013-060 07/09/2013 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution
#2013-059 06/26/2013 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2013-056 06/11/2013 A Vulnerability in Adobe Flash Player Could Allow for Remote Code Execution
#2013-057 06/11/2013 Cumulative Security Update for Internet Explorer (MS13-047)
#2013-058 06/11/2013 Vulnerability in Microsoft Office Could Allow Remote Code Execution (MS13-051)
#2013-054 06/05/2013 Multiple Google Chrome Vulnerabilities Could Allow for Remote Code Execution
#2013-055 06/05/2013 Multiple Vulnerabilities in Apple Mac OS X could allow Remote Code Execution
#2013-052 05/23/2013 Multiple Google Chrome Vulnerabilities Could Allow for Remote Code Execution
#2013-053 05/23/2013 Multiple Vulnerabilities in Apple QuickTime Could Allow Remote Code Execution
#2013-051 05/15/2013 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2013-045 05/14/2013 Vulnerability in Adobe ColdFusion Allows for Remote Code Execution (APSB13-13)
#2013-046 05/14/2013 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution
#2013-047 05/14/2013 Multiple Vulnerabilities in Adobe Reader and Acrobat Could Allow For Remote Code Execution (APSB13-15)
#2013-048 05/14/2013 Cumulative Security Update for Internet Explorer (MS13-037)
#2013-049 05/14/2013 Vulnerabilities in Microsoft Publisher Could Allow Remote Code Execution (MS13-042)
#2013-050 05/14/2013 Vulnerability in Microsoft Word Could Allow Remote Code Execution (MS13-043)
#2013-044b 05/10/2013 Vulnerability in Adobe ColdFusion Allows Unauthorized File Access (APSA13-03)
#2013-044 05/10/2013 Vulnerability in Adobe ColdFusion Allows Unauthorized File Access (APSA13-03)
#2013-043 05/07/2013 Multiple Vulnerabilities In Adobe ColdFusion Could Allow Security Bypass
#2013-042b 05/06/2013 Vulnerability in Internet Explorer Could Allow Remote Code Execution
#2013-042c 05/06/2013 Vulnerability in Internet Explorer Could Allow Remote Code Execution
#2013-042 05/06/2013 Vulnerability In Internet Explorer Could Allow Remote Code Execution
#2013-041 04/23/2013 Vulnerability In Oracle Java Runtime Environment Could Allow Remote Code Execution
#2013-036 04/09/2013 Multiple Adobe Flash Player Vulnerabilities could allow Remote Code Execution
#2013-037 04/09/2013 Security Update available for Adobe Shockwave Player
#2013-038 04/09/2013 Cumulative Security Update for Internet Explorer (MS13-028)
#2013-039 04/09/2013 Vulnerability in MS Remote Desktop Client Could Allow Remote Code Execution (MS13-029)
#2013-040 04/09/2013 Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege (MS13-035)
#2013-035 04/03/2013 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2013-034 03/27/2013 Multiple Security Vulnerabilities in Google Chrome Could Allow Remote Code Execution
#2013-032 03/15/2013 Multiple Vulnerabilities in Apple Mac OS X could allow Remote Code Execution
#2013-033 03/15/2013 Vulnerabilities in Oracle Java SE Could Allow Remote Code Execution
#2013-030 03/13/2013 Vulnerabilities in SharePoint Could Allow Elevation of Privilege (MS13-024)
#2013-031 03/13/2013 Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege (2807986)
#2013-029 03/12/2013 Adobe Flash Player Remote Code Execution Vulnerability (APSB13-09)
#2013-026 03/12/2013 Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (MS13-023)
#2013-027 03/12/2013 Vulnerability in Microsoft Silverlight Could Allow Remote Code Execution (MS13-022)
#2013-028 03/12/2013 Cumulative Security Update for Internet Explorer (MS13-021)
#2013-025 03/08/2013 Vulnerability in Mozilla Products Could Allow Remote Code Execution
#2013-024 03/05/2013 Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
#2013-023b 03/01/2013 Vulnerability in Oracle Java Runtime Environment Could Allow Remote Code Execution
#2013-023 03/01/2013 Vulnerability in Oracle Java Runtime Environment Could Allow Remote Code Execution
#2013-022 02/27/2013 Multiple Vulnerabilities in Adobe Flash Player Could Allow Remote Code Execution (APSB13-08)
#2013-021 02/22/2013 Multiple Google Chrome Vulnerabilities Could Allow for Remote Code Execution
#2013-019 02/20/2013 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2013-020 02/20/2013 Oracle Java Runtime Environment (JRE) is prone to Multiple Security Vulnerabilities
#2013-018b 02/14/2013 Multiple Vulnerabilities in Adobe Reader and Acrobat Could Allow For Remote Code Execution (APSA13-02)
#2013-018 02/14/2013 Multiple Vulnerabilities in Adobe Reader and Acrobat Could Allow For Remote Code Execution (APSA13-02)
#2013-013 02/12/2013 Vulnerability in .NET Framework Could Allow Elevation of Privilege (MS13-015)
#2013-014 02/12/2013 Vulnerability in OLE Automation Could Allow Remote Code Execution (MS13-0020)
#2013-015 02/12/2013 Vulnerability in Vector Markup Language (VML) Could Allow Remote Code Execution (MS13-010)
#2013-016 02/12/2013 Multiple Vulnerabilities in Adobe Flash Player and Adobe AIR Could Allow Remote Code Execution (APSB13-05)
#2013-017 02/12/2013 Vulnerabilities in Adobe Shockwave Player Could Allow Remote Code Execution
#2013-010 02/12/2013 Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (MS13-012)
#2013-011 02/12/2013 Vulnerability in Media Decompression Could Allow Remote Code Execution (MS13-011)
#2013-012 02/12/2013 Cumulative Security Update for Internet Explorer (MS13-009)
#2013-009b 02/08/2013 Multiple Vulnerabilities in Adobe Flash Player Could Allow For Remote Code Execution (APSB13-04)
#2013-009 02/08/2013 Multiple Vulnerabilities in Adobe Flash Player Could Allow For Remote Code Execution (APSB13-04)
#2013-008 02/04/2013 Multiple Vulnerabilities In Oracle Java Could Allow Remote Code Execution
#2013-007 02/01/2013 Multiple Vulnerabilities in Novell GroupWise Could Allow Remote Code Execution
#2013-006 01/11/2013 Vulnerability In Oracle Java Could Allow Remote Code Execution
#2013-006b 01/11/2013 Vulnerability in Oracle Java Could Allow Remote Code Execution
#2013-005 01/09/2013 Multiple Vulnerabilities in Mozilla Products Could Allow Remote Code Execution
#2013-001 01/08/2013 Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (MS13-002)
#2013-002 01/08/2013 Multiple Vulnerabilities in .NET Framework (MS13-004)
#2013-003 01/08/2013 Vulnerability in Adobe Flash Player Could Allow For Remote Code Execution (APSB13-01)
#2013-004 01/08/2013 Multiple Vulnerabilities in Adobe Reader and Acrobat Could Allow For Remote Code Execution (APSB13-02)
#2012-097b 12/31/2012 Vulnerability in Internet Explorer Could Allow Remote Code Execution
#2012-097c 12/31/2012 Vulnerability in Internet Explorer Could Allow Remote Code Execution
The following cyber advisories were issued by the New York State Cyber Threat Intelligence Coordinating Group, which includes the following entities: NYS Office of Cyber Security, NYS Office of Counter Terrorism, NYS Police, NYS Intelligence Center, Multi-State Information Sharing and Analysis Center, Federal Bureau of Investigation, US Secret Service, US Department of Justice, US Department of Homeland Security (National Cyber Security Division and Intelligence & Analysis Division) and Local Police Departments.
Monday October 24, 2011

The totality of metadata provided by documents, photographs and files can lead to significant vulnerabilities for any company. This Cyber Security Advisory is provided to remind the private sector and Federal, state, and local government agencies of the vulnerabilities associated with and the need to effectively control the release of metadata. It is specifically intended to be shared with personnel responsible for policy and information security and dissemination.

Friday January 21, 2011

This primer provides a common language between organization leaders and technical employees protecting networks from cyber threats. The sections of this document contain a brief introduction to cyber threats, appropriate for corporate, Federal, state and local agency leaders; it is not a comprehensive discussion of cyber crime. An enhanced understanding of the cyber crime field can assist leaders to deter, prevent, and respond to cyber threats.

Friday January 21, 2011
This two-page guide contains the highlights of the Cyber Crime Executive Briefing. While we strongly suggest reading the slightly longer full document, this briefing will provide an overview of the cyber crime threat.

Wednesday October 27, 2010

This Cyber Security Advisory is provided to assist the private sector and Federal, state, and local government agencies in effectively deterring, preventing, preempting, and responding to dynamic user-based web content vulnerabilities.

Wednesday July 28, 2010

This technical advisory is being provided as an information resource in response to the malware that was discovered on 14 July 2010, which exploits an un-patched Microsoft vulnerability and is targeting the Siemens SIMATIC WinCC and SIMATIC PCS 7 platforms used by SCADA process control systems (PCS).

Friday March 12, 2010

Cyber security best practices that help reduce the risks associated with online banking.

These links are provided because they have information that may be useful. The Enterprise Information Security Office (EISO) and the State of New York do not warrant the accuracy of any information contained in the links and neither endorses nor intends to promote the advertising of the resources listed herein. The opinions and statements contained in such resources are those of the author(s) and do not necessarily represent the opinions of EISO or the State of New York.