The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for February 2010. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with elevated privileges.
US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.
Oracle has released a security alert to address a vulnerability in Oracle WebLogic Server. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands on an affected system.
US-CERT encourages users and administrators to review the Oracle security alert and apply any necessary updates to help mitigate the risks.
Microsoft has issued a Security Bulletin Advance Notification, indicating that its February release cycle will contain 13 bulletins. Five of them will have a severity rating of Critical and will be for Microsoft Windows. The remaining eight bulletins have an Important rating and are for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, February 9, 2010.
US-CERT will provide additional information as it becomes available.