Skip to content

Home  |   FAQ  |   Contact  |   Privacy & Use

customize
Current Activity Calendar
Left Arrow
January 2010
 Right Arrow
Su M Tu W Th F Sa
          1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Please click on a date above to see current activity for that day.

  • Latest Current Activity
    •

    January 05, 2010 - Current Activity

    This is an archived copy of current activity, if you would like to see the most recent version, please click here.

    December 22Adobe Releases Security Update for Flash Media Server
    December 17Cisco Releases Security Advisory for Cisco WebEx WRF Player Vulnerabilities
    December 16Mozilla Releases Firefox 3.5.6 and Firefox 3.0.16
    December 16Adobe Reader and Acrobat Remote Code Execution Vulnerability
    December 14FBI Releases Warning about Scareware
    December 11Microsoft Releases Security Advisory 954157
    December 11HP Releases Update to Address OpenView Network Node Manager Vulnerabilities
    December 9Adobe Releases Security Updates for Flash Player and AIR
    December 8Microsoft Releases December Security Bulletin
    December 4Sun Releases Update 17 for Java SE 6


    Adobe Releases Security Update for Flash Media Server

    added December 22, 2009 at 09:11 am

    Adobe has released a security bulletin to address multiple vulnerabilities in Flash Media Server (FMS) 3.5.2 and earlier.  These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

    US-CERT encourages users and administrators to review Adobe security bulletin APSB09-18 and apply any necessary updates to help mitigate the risks.


    Cisco Releases Security Advisory for Cisco WebEx WRF Player Vulnerabilities

    added December 17, 2009 at 09:23 am

    Cisco has released a security advisory to address multiple vulnerabilities in WebEx WRF Player. These vulnerabilities may allow an attacker to execute arbitrary code.

    US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20091216-webex and apply any necessary updates to help mitigate the risks.


    Mozilla Releases Firefox 3.5.6 and Firefox 3.0.16

    added December 16, 2009 at 03:54 pm

    Mozilla has released Firefox 3.5.6 and Firefox 3.0.16 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, operate with escalated privileges, or mislead users. These vulnerabilities may also affect SeaMonkey and Thunderbird.

    US-CERT encourages users and administrators to review the security advisories for their version of Firefox and upgrade to Firefox 3.5.6 or Firefox 3.0.16 to help mitigate the risks.


    Adobe Reader and Acrobat Remote Code Execution Vulnerability

    added December 15, 2009 at 10:29 am | updated December 16, 2009 at 02:04 pm

    Adobe has released a security advisory to address a vulnerability in Adobe Reader and Acrobat. By convincing a user to open a specially crafted PDF file, an attacker may be able to execute arbitrary code. Public reports currently indicate active exploitation of this vulnerability.

    US-CERT encourages users and administrators to do the following to help mitigate the risks until the vendor is able to provide an update:

    • Review Adobe security advisory APSA09-07 and apply any necessary solutions listed in the document.
    • Use caution when opening PDF files from untrusted sources.
    • Disable JavaScript in Adobe Acrobat and Reader. To do this, click "Edit," then "Preferences" and then "JavaScript," and uncheck "Enable Acrobat JavaScript."
    Additional information regarding this vulnerability can be found in the US-CERT Vulnerability Notes Database.


    FBI Releases Warning about Scareware

    added December 14, 2009 at 09:04 am

    The Federal Bureau of Investigation (FBI) has released a warning to alert users about an ongoing threat involving pop-up security messages that appear on the Internet. These pop-up messages may contain seemingly legitimate antivirus software. Users who click on these pop-up messages to purchase and install the bogus software may become infected with malicious code or to become victims of a phishing attack.

    US-CERT encourages users and administrators to do the following to help mitigate the risks:

    • Review the FBI Press Release titled Pop-Up Security Warnings Pose Threats.
    • Install antivirus software, and keep the signature files up to date.
    • Use caution when entering personal and financial information online.
    • Install software applications from only trusted sources.


    Microsoft Releases Security Advisory 954157

    added December 11, 2009 at 02:06 pm

    Microsoft has released security advisory 954157 to notify users of an update that increases the security of the Indeo codec on Microsoft Windows 2000, XP, and Server 2003. The advisory states that the Indeo codec running on these systems may allow remote code execution when opening specially crafted media content. Microsoft indicates that this update blocks the Indeo codec from being launched in Internet Explorer or Windows Media player, which removes a potential attack vector.

    US-CERT encourages users and administrators to review Microsoft security advisory 954157 and apply any necessary updates or workarounds to help mitigate the risks.


    HP Releases Update to Address OpenView Network Node Manager Vulnerabilities

    added December 11, 2009 at 09:03 am

    HP has released a security bulletin to address multiple vulnerabilities in OpenView Network Node Manager. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

    US-CERT encourages users and administrators to review HP security bulletin c01950877 and apply any necessary updates to help mitigate the risks.


    Adobe Releases Security Updates for Flash Player and AIR

    added December 9, 2009 at 09:03 am

    Adobe has released a security bulletin to address multiple vulnerabilities in Adobe Flash Player 10.0.32.18 and earlier and Adobe AIR1.5.2 and earlier. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information.

    US-CERT encourages users and administrators to review Adobe security bulletin APSB09-19 and update to Adobe Flash Player 10.0.42.34 and Adobe AIR 1.5.3.


    Microsoft Releases December Security Bulletin

    added December 8, 2009 at 01:31 pm

    Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for December 2009. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

    US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.


    Sun Releases Update 17 for Java SE 6

    added November 4, 2009 at 09:04 am | updated December 4, 2009 at 08:30 am

    Sun has released update 17 for Java SE JDK 6 and Java SE JRE 6 to address multiple vulnerabilities. The impacts of these vulnerabilities include arbitrary code execution, privilege escalation, denial of service, and information disclosure.

    US-CERT encourages users and administrators to review the Java SE 6 Update 17 release notes and apply any necessary updates to help mitigate the risks.

    Apple has released Java for Mac OS X 10.6 Update 1 and Java for Mac OS X 10.5 Update 6 to address these vulnerabilities. Mac users are encouraged to review Apple articles HT3969 and HT3970 and apply any necessary updates to help mitigate the risks.