The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Cisco has released a bundled publication, which contains seven security advisories, to address multiple vulnerabilities in Cisco IOS Software. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
US-CERT encourages users and administrators to review the security advisories listed in the Cisco IOS Software Security Advisory bundled publication (cisco-sa-20100324-bundle) and apply any necessary updates to help mitigate the risks.
The Mozilla Foundation has released Firefox 3.6.2 to address multiple security issues, including a critical vulnerability that may allow a remote attacker to execute arbitrary code.
US-CERT encourages users and administrators to do the following to help mitigate the risks:
- Review the Firefox 3.6.2 release notes.
- Review Mozilla Foundation Security Advisory 2010-08.
- Upgrade to Firefox 3.6.2
CA has released updates to address vulnerabilities in the version of Java JRE bundled with ARCserve Backup. These vulnerabilities in Java JRE may allow an attacker to execute arbitrary code, bypass security restrictions, cause a denial-of-service condition, or obtain sensitive information.
US-CERT encourages users and administrators to review the CA security notice CA20100318-01 and apply any necessary updates to help mitigate the risks.