U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Apple Releases Security Updates for Safari

Apple released Safari 6.1.3 and Safari 7.0.3 for OS X to address multiple vulnerabilities in WebKit. Software memory corruption issues may lead to information disclosure, unexpected application termination, or arbitrary code execution.

Users and administrators are encouraged to review Apple Support Article HT6181 and apply the necessary updates.

Microsoft Releases Security Advisory

Microsoft has released a security advisory for Microsoft Word. A vulnerability exists for remote code execution which could allow an attacker to gain user rights by opening a specifically crafted Rich Text Format file.

Applying the Microsoft Fix it solution will disable the opening of RTF content in Microsoft Word, preventing the exploitation of this vulnerability.

US-CERT recommends that users and administrators review Microsoft Security Advisory 2953095 and apply any necessary updates to help mitigate the risk.

Mozilla Releases Updates for Firefox, Thunderbird, and Seamonkey

The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Thunderbird, and Seamonkey. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, cause a denial-of-service condition, execute arbitrary code, or operate with elevated privileges on an affected system.

The following updates are available:

  • Firefox 28
  • Firefox ESR 24.4
  • Thunderbird 24.4
  • Seamonkey 2.25

Users and administrators are encouraged to review the Security Advisories for Firefox, Firefox ESR, Thunderbird, and Seamonkey to determine which updates should be applied to mitigate these risks.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top