The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Google has released Chrome 34.0.1847.120 for all Chrome OS devices, except HP Chromebook Pavillion, to address multiple bug fixes, security updates, and feature enhancements.
Users and administrators are encouraged to review the Google Chrome release blog entry for additional details.
Oracle has released its Critical Patch Update for April 2014 to address 104 vulnerabilities across multiple products. This update contains the following security fixes:
- 2 for Oracle Database Server
- 20 for Oracle Fusion Middleware
- 3 for Oracle Hyperion
- 10 for Oracle Supply Chain Products Suite
- 8 for Oracle PeopleSoft Products
- 1 for Oracle Siebel CRM
- 1 for Oracle iLearning
- 37 for Oracle Java SE
- 3 for Oracle and Sun Systems Products Suite
- 5 for Oracle Virtualization
- 14 for Oracle MySQL
US-CERT encourages users and administrators to review the April 2014 Critical Patch Update and follow best practice security policies to determine which updates should be applied.
As the Easter holiday approaches, US-CERT reminds users to stay aware of holiday scams and cyber campaigns, which may include:
- shipping notifications that may be phishing scams or may contain malware
- electronic greeting cards that may contain malware
- requests for charitable contributions that may be phishing scams and may originate from illegitimate sources claiming to be charities
US-CERT encourages users and administrators to use caution when encountering these types of email messages and take the following preventative measures to protect themselves from phishing scams and malware campaigns: