Microsoft Addresses New Watering Hole Attack in the November, 2013 Security Bulletin Release

Original release date: November 12, 2013

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer and Office as part of the Microsoft Security Bulletin Summary for November, 2013. These vulnerabilities could allow remote code execution, elevation of privilege, information disclosure or denial of service. The November Security Bulletin includes a patch for the new “watering hole” campaign which utilizes a US-based website that specializes in domestic and international security policy.

US-CERT encourages users and administrators to review the bulletin and follow best practice security policies to determine which updates should be applied.


This product is provided subject to this Notification and this Privacy & Use policy.


Philippines Typhoon Disaster Email Scams and Phishing Attack Warning

Original release date: November 12, 2013

After a natural disaster phishing emails and websites requesting donations for bogus charitable organizations begin to appear. Users should be aware of potential email scams and phishing attacks regarding the recent Philippines Typhoon disaster. Email scams may contain links or attachments which may direct users to phishing or malware-laden websites.

US-CERT encourages users to take the following measures to protect themselves:

US-CERT will provide additional information as it becomes available.


This product is provided subject to this Notification and this Privacy & Use policy.