U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Firmware Update for Apple AirPort Devices

Apple has released firmware update 7.7.3 for AirPort Extreme and AirPort Time Capsule base stations with 802.11ac. The update addresses the OpenSSL "Heartbleed" vulnerability where an attacker may obtain memory contents.

US-CERT recommends that users and administrators review Apple Security Update HT6203 and apply the necessary update.

For more details and recommended actions regarding the OpenSSL "Heartbleed" vulnerability please see TA14-098A and Heartbleed OpenSSL Vulnerability.pdf

Apple Releases Security Updates for OS X, iOS devices, and Apple TV

Apple has released security updates for Mac OS X, iOS devices, and Apple TV to address multiple vulnerabilities, some of which could allow an attacker to execute arbitrary code, cause application termination, or expose users to covert eavesdropping.

Updates available include:

  • Security Update 2014-002 for OS X Lion v10.7.5, OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.2.
  • iOS 7.1.1 for iPhone 4 and later, iPod touch 5th generation and later, or iPad 2 and later.
  • Apple TV 6.1.1 for Apple TV 2nd generation and later.

Users and administrators are encouraged to review Apple Security Updates HT6207, HT6208, and HT6209, and apply the necessary updates to help mitigate these risks.

Adobe Releases Security Update for Reader Mobile

Adobe has released a security update to address a vulnerability in Adobe Reader Mobile 11.1.3 and earlier versions for Android. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code via a crafted PDF document.

US-CERT recommends that users and administrators review Adobe Security Bulletin APSB14-12 and apply the necessary update.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top