The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Adobe has released two security bulletins to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player.
The first bulletin, APSB10-06, is a security update for Adobe Flash Player and Adobe AIR that addresses a critical vulnerability. Exploitation of these vulnerabilities may allow an attacker to make unauthorized cross-domain requests. The bulletin indicates that the update also addresses a potential denial-of-service issue.
The second bulletin, APSB10-07, indicates that security updates are available for Adobe Reader and Acrobat. These updates address two critical vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, make unauthorized cross-domain requests, or cause a denial-of-service condition.
Google has released Chrome 184.108.40.206 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 220.127.116.11 for Windows to help mitigate the risks.
Cisco has released an advisory to address multiple vulnerabilities in IronPort Encryption Appliance. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information.
US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20100210-ironport and apply any necessary workarounds to help mitigate the risks. Additional information regarding these vulnerabilities can be found in Cisco Applied Mitigation Bulletin 111668.