U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Microsoft Releases Security Bulletin MS10-070

Microsoft has released Microsoft Security Bulletin MS10-070 to address a vulnerability affecting ASP.NET. Exploitation of this vulnerability may allow an attacker to obtain sensitive information or tamper with data.

US-CERT encourages users and administrators to review Microsoft Security Bulletin MS10-070 and apply any necessary updates to help mitigate the risks.

Microsoft Releases Advance Notification for Out-of-Band Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that it will be releasing an out-of-band security bulletin to address a vulnerability affecting Windows. The Microsoft SharePoint Team blog indicates that this bulletin will address the recently reported vulnerability in ASP.NET. Exploitation of this vulnerability may allow an attacker to obtain sensitive information or tamper with data. Release of this bulletin is scheduled for September 28, 2010.

US-CERT encourages users and administrators to review the Microsoft Security Bulletin Advance Notification, the SharePoint Team blog entry, and Microsoft Security Advisory 2416728 for additional information regarding this vulnerability.

OpenX Releases Security Update

OpenX has released a security update to address a vulnerability in the 2.8 downloadable version of OpenX. Exploitation of this vulnerability may allow an attacker to compromise the integrity of the server running OpenX.

US-CERT encourages users and administrators to review the OpenX "Security Update" blog entry and upgrade to OpenX 6.8.7 to help mitigate the risks. OpenX users are also encouraged to review the "How to Secure your OpenX Installation" blog entry on how to further secure the OpenX installation.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top