The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
The Mozilla Foundation has released Firefox V3.6.3 to address a critical vulnerability. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review Mozilla Foundation Security Advisory mfsa2010-25 and upgrade to Firefox V3.6.3.
VMware has released a security advisory to address vulnerabilities in the Samba and acpid packages of ESX Service Console. These vulnerabilities may allow an attacker to cause a denial-of-service condition, obtain sensitive information or bypass security restrictions.
US-CERT encourages users and administrators to review VMware security bulletin VMSA-2010-0006 and apply any necessary updates to help mitigate the risks.
Oracle has released a critical patch update to address 27 vulnerabilities in Java SE and Java for Business. These vulnerabilities are in the following components: ImageIO, Java 2D, Java Runtime Environment, Java Web Start, Pack200, Sound, JSSE, and HotSpot Server.
US-CERT encourages users and administrators to review the critical patch update and apply any necessary updates to help mitigate the risks.