The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Apple has released firmware update 7.7.3 for AirPort Extreme and AirPort Time Capsule base stations with 802.11ac. The update addresses the OpenSSL "Heartbleed" vulnerability where an attacker may obtain memory contents.
US-CERT recommends that users and administrators review Apple Security Update HT6203 and apply the necessary update.
Apple has released security updates for Mac OS X, iOS devices, and Apple TV to address multiple vulnerabilities, some of which could allow an attacker to execute arbitrary code, cause application termination, or expose users to covert eavesdropping.
Updates available include:
- Security Update 2014-002 for OS X Lion v10.7.5, OS X Mountain Lion v10.8.5 and OS X Mavericks v10.9.2.
- iOS 7.1.1 for iPhone 4 and later, iPod touch 5th generation and later, or iPad 2 and later.
- Apple TV 6.1.1 for Apple TV 2nd generation and later.
Adobe has released a security update to address a vulnerability in Adobe Reader Mobile 11.1.3 and earlier versions for Android. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code via a crafted PDF document.
US-CERT recommends that users and administrators review Adobe Security Bulletin APSB14-12 and apply the necessary update.