U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Multiple Vulnerabilities in Cisco IPS Software

Cisco has released updates to address three vulnerabilities in the Cisco Intrusion Prevention Software (IPS). These vulnerabilities affect multiple versions of Cisco IPS Software on multiple platforms and could allow remote, unauthenticated attackers to cause a Denial of Service condition. 

US-CERT encourages users and administrators to review the Cisco advisory to determine if they are running vulnerable versions of Cisco IPS Software and apply the appropriate updates and workarounds.

Internet Explorer 10 Use-After-Free Vulnerability Being Actively Exploited In The Wild

An unpatched Internet Explorer 10 use-after-free vulnerability is being exploited in the wild. CERT/CC Vulnerability Note VU#732479 has been published with further details about the vulnerability.  US-CERT recommends users protect themselves against this exploit by using Microsoft's EMET utility, upgrading to Internet Explorer 11, or using an unaffected alternative web browser until a patch is released.

Adobe Releases Security Update for Adobe Shockwave Player

Adobe has released a security update to address a vulnerability in Adobe Shockwave Player 12.0.7.148 and earlier versions for Windows and Macintosh operating systems.  Exploitation of this vulnerability could allow an attacker to take control of the affected system.

US-CERT recommends that users and administrators review Adobe Security Bulletin APSB14-06 and follow best practice security policies to determine which updates should be applied.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top