U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

U.S. Census Bureau 2010 Census Campaign Warning

US-CERT asks users to be vigilant during the U.S. Census Bureau's 2010 Census campaign and to watch for potential census scams.

According to the U.S. Census 2010 website, they began delivery of the printed census forms to every resident in the United States on March 1, 2010. The only way to complete the census is by filling in the form using pen and ink; in some instances, census takers will be visiting households to complete the form face-to-face. It is important to understand that the U.S. Census Bureau will not, under any circumstances, be providing an online option to complete the 2010 census form.

US-CERT encourages all residents in the United States to take the following measures to protect themselves:

Microsoft Re-Releases Security Bulletin MS10-015

Microsoft has re-released the security update described in Microsoft Security Bulletin MS10-015. This release contains an updated installation package that does not allow the security update to be installed on computers infected with malicious code. Microsoft has also released a Fix-It Tool to determine if systems are compatible with the update.

US-CERT encourages users and administrators to review Microsoft Knowledge Base Article 977165, Microsoft Knowledge Base Article 980966, and the MSRC Blog Post. Users who have already successfully installed the update for MS10-015 do not need to take any action.

Microsoft Releases Security Advisory to Address VBScript Vulnerability

Microsoft has released a security advisory to address a vulnerability in VBScript. The advisory indicates that this vulnerability exists in the way that VBScript interacts with Windows Help files when using Internet Explorer. By convincing a user to view a specially crafted HTML document (web page, HTML email, or email attachment) with Internet Explorer and to press the F1 key, an attacker could run arbitrary code with the privileges of the user running the application.

US-CERT encourages users and administrators to do the following to help mitigate the risks:

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top