The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Cisco has released updates to address three vulnerabilities in the Cisco Intrusion Prevention Software (IPS). These vulnerabilities affect multiple versions of Cisco IPS Software on multiple platforms and could allow remote, unauthenticated attackers to cause a Denial of Service condition.
US-CERT encourages users and administrators to review the Cisco advisory to determine if they are running vulnerable versions of Cisco IPS Software and apply the appropriate updates and workarounds.
An unpatched Internet Explorer 10 use-after-free vulnerability is being exploited in the wild. CERT/CC Vulnerability Note VU#732479 has been published with further details about the vulnerability. US-CERT recommends users protect themselves against this exploit by using Microsoft's EMET utility, upgrading to Internet Explorer 11, or using an unaffected alternative web browser until a patch is released.
Adobe has released a security update to address a vulnerability in Adobe Shockwave Player 188.8.131.52 and earlier versions for Windows and Macintosh operating systems. Exploitation of this vulnerability could allow an attacker to take control of the affected system.
US-CERT recommends that users and administrators review Adobe Security Bulletin APSB14-06 and follow best practice security policies to determine which updates should be applied.