U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Adobe Releases Security Updates for Adobe Reader and Acrobat

Adobe has released security updates to address multiple vulnerabilities that affect the following:

  • Adobe Reader 9.3.1 and earlier
  • Adobe Acrobat 9.3.1 and earlier
  • Adobe Reader 8.2.1 and earlier
  • Adobe Acrobat 8.2.1 and earlier
These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Adobe security bulletin APSB10-09 and apply any necessary updates to help mitigate the risks.

Microsoft Releases April Security Bulletin

Microsoft has released an update to address vulnerabilities in Microsoft Windows, Office, and Exchange as part of the Microsoft Security Bulletin Summary for April 2010. These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, cause a denial-of-service attack or spoof an IPv4 address to bypass filtering devices.

US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

Sun Java Deployment Toolkit Plugin and ActiveX Control Vulnerability

The Sun Java Development Toolkit plugin and ActiveX control contain a vulnerability. This vulnerability is due to insufficient argument validation. By convincing a user to visit a specially crafted HTML document, an attacker may be able to exploit this vulnerability and execute an arbitrary JAR file on the affected system.

US-CERT encourages users and administrators to review US-CERT Vulnerability Note VU#886582 and implement any necessary workarounds to help mitigate the risk until a fix is available from the product vendor.

US-CERT will provide additional information as it becomes available.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top