The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for September 2010. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges.
US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.
Adobe has released a security advisory to alert users of a vulnerability affecting Adobe Flash Player. This vulnerability affects Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Android. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
Update: Adobe has released a security update to address this vulnerability. Users and administrators are encouraged to review Adobe security bulletin APSB10-22 and apply any necessary updates to help mitigate the risks.
Additional information regarding this vulnerability can be found in the following:
Adobe has released a security advisory to address a vulnerability in Adobe Reader and Acrobat. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. The advisory indicates that this vulnerability is being actively exploited.
US-CERT encourages users and administrators to review Adobe security advisory APSA10-02 and consider implementing the suggested workaround of utilizing Microsoft's Enhanced Mitigation Toolkit (EMET) to help prevent this vulnerability from being exploited. Additional information on EMET can be found on the Microsoft Security Research and Defense blog.
US-CERT will provide additional information as it becomes available.