The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Microsoft has released security advisory 983438 to notify users of a vulnerability in Microsoft Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007. The advisory states that Microsoft is investigating public reports of exploitation of the vulnerability that may allow the execution of arbitrary script within the SharePoint site.
US-CERT encourages users and administrators to review Microsoft Security Advisory 983438 and apply any workarounds to mitigate the risks.
US-CERT will provide additional information as it becomes available.
Google has released Chrome 184.108.40.2064 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or bypass the same origin policy in the browser.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 220.127.116.114 for Windows to help mitigate the risks.
Microsoft has re-released the security update related to Microsoft security bulletin MS10-025. This vulnerability affects Windows Media Services running on Windows 2000 Server. The original release of this update had been revoked last week because it did not effectively correct the underlying vulnerability.
US-CERT encourages users and administrators to review Microsoft security bulletin MS10-025 and apply the update as necessary to help mitigate the risks. Additional information regarding the re-release of this update can be found in the Microsoft Security Response Center blog.