The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Oracle has released its Critical Patch Update for April 2010 to address 47 vulnerabilities across several products. This update contains the following security fixes:
- 7 for Oracle Database Server
- 5 for Oracle Fusion Middleware
- 1 for Oracle Collaboration Suite
- 8 for Oracle Application Suite
- 4 for PeopleSoft and JD Edwards Suite
- 6 for Oracle Industry Applications
- 16 for Sun Products
Adobe has released security updates to address multiple vulnerabilities that affect the following:
- Adobe Reader 9.3.1 and earlier
- Adobe Acrobat 9.3.1 and earlier
- Adobe Reader 8.2.1 and earlier
- Adobe Acrobat 8.2.1 and earlier
US-CERT encourages users and administrators to review Adobe security bulletin APSB10-09 and apply any necessary updates to help mitigate the risks.
Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Exchange as part of the Microsoft Security Bulletin Summary for April 2010. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, cause a denial-of-service attack or spoof an IPv4 address to bypass filtering devices.
US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.