The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Apple has released iOS 4.0.2 for the iPhone and iPod touch and iOS 3.2.2 for the iPad to address vulnerabilities in the FreeType and IOSurface packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or gain system privileges.
iPhone and iPod touch users are encouraged to review Apple article HT4291 and upgrade to iOS 4.0.2. iPad users are encouraged to review Apple article HT4292 and upgrade to iOS 3.2.2. Additional information regarding the vulnerability affecting the FreeType package can be found in US-CERT Vulnerability Note VU#275247.
Adobe has released Flash Player 10.1.82.76 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. This vulnerability also affects Adobe Air 184.108.40.20610 and earlier versions.
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB10-16 and apply any necessary updates to help mitigate the risks. Additional information can be found in the US-CERT Vulnerability Note VU#660993.
Google has released Chrome 5.0.375.126 for Linux, Mac, and Windows. Chrome 5.0.375.126 contains an updated version of the Flash plugin which addresses multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.