U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird

The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Firefox ESR, and Thunderbird, some of which may allow attackers to execute arbitrary code.

The following updates are available:

  • Firefox 31
  • Thunderbird 31
  • Firefox ESR 24.7
  • Thunderbird 24.7

Users and administrators are encouraged to review the Security Advisories for Firefox, Firefox ESR, and Thunderbird to determine which updates should be applied.

CPNI Releases Paper on Improving Defenses Against Targeted Attack

The United Kingdom's Centre for the Protection of National Infrastructure (CPNI) has released a report on its “Improving Defenses Against Targeted Attack" (iDATA) cyber research program. The report contains descriptions and outcomes from a number of projects aimed at addressing threats posed by nation states and state-sponsored actors. CPNI is the government authority for providing protective security advice to businesses and organizations across the UK’s national infrastructure.

 

 

Vulnerabilities in LZO and LZ4 compression libraries

Recently disclosed vulnerabilities in the LZO and LZ4 compression libraries could allow remote code execution under certain circumstances. While these libraries are used by a large number of platforms and applications, not all programs may be vulnerable to exploitation. 

US-CERT recommends that all developers who either implement or import the LZO or LZ4 libraries into their software check for susceptibility to CVE-2014-4608, CVE-2014-4715, and CVE-2014-4611.

Users and administrators should apply software security updates as they become available.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top