U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Cisco Addresses Apache Struts 2 Vulnerability

Multiple Cisco products include an implementation of Apache Struts 2 which contains a vulnerability that could allow an unauthenticated, remote attacker to bypass security restrictions and execute arbitrary commands on a targeted system.

Cisco products affected by this vulnerability include:

  • Cisco Business Edition 3000 Series
  • Cisco Identity Services Engine (ISE)
  • Cisco Media Experience Engine (MXE) 3500 Series
  • Cisco Unified Contact Center Enterprise (Cisco Unified CCE)

US-CERT encourages users and administrators to review the Cisco Advisory and apply the necessary updates.

Adobe Releases Security Updates for Flash Player and Air

Adobe has released security updates to address multiple vulnerabilities in Flash Player and Air. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system.

 The following updates are available:

  • Adobe Flash Player 14.0.0.145 for Windows, Macintosh and Linux
  • Adobe Flash Player 11.2.202.394 for Linux
  • Adobe AIR 14.0.0.137 for Windows, Macintosh and Android
  • Adobe AIR SDK and Compiler 14.0.0.137 for Windows, Macintosh, Android and iOS
  • Adobe AIR SDK 14.0.0.137 for Windows, Macintosh, Android and iOS

Users and administrators are encouraged to review Adobe Security Bulletin APSB14-17 and determine which updates should be applied.

Microsoft Releases July 2014 Security Bulletin

Microsoft has released updates to address vulnerabilities in Windows, Internet Explorer, and Microsoft Service Bus for Windows Server as part of the Microsoft Security Bulletin Summary for July 2014. Some of these vulnerabilities could allow remote code execution, elevation of privilege, or denial of service.

US-CERT encourages users and administrators to review the bulletin and apply the necessary updates.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top