U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Security Updates Available for Adobe Reader and Acrobat

Published Thursday, May 16, 2013

Adobe has released security updates for Adobe Reader and Acrobat to address multiple vulnerabilities. These vulnerabilities could cause a crash and potentially allow an attacker to take control of an affected system.

The following versions of Adobe Reader and Acrobat are affected:

  • Adobe Reader XI (11.0.02) and earlier 11.x versions for Windows and Macintosh
  • Adobe Reader X (10.1.6) and earlier 10.x versions for Windows and Macintosh
  • Adobe Reader 9.5.4 and earlier 9.x versions for Windows and Macintosh
  • Adobe Reader 9.5.4 and earlier 9.x versions for Linux
  • Adobe Acrobat XI (11.0.02) and earlier 11.x versions for Windows and Macintosh
  • Adobe Acrobat X (10.1.6) and earlier 10.x versions for Windows and Macintosh
  • Adobe Acrobat 9.5.4 and earlier 9.x versions for Windows and Macintosh

US-CERT encourages users and administrators to review Adobe Security Bulletin APSB13-15 and follow best-practice security policies to determine which updates should be applied.

Read Full Entry »

Mozilla Releases Multiple Updates

Published Thursday, May 16, 2013

The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities.

  • Firefox 21.0
  • Firefox ESR 17.0.6
  • Thunderbird 17.0.6
  • Thunderbird ESR 17.0.6

These vulnerabilities could allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or operate with elevated privileges.

US-CERT encourages users and administrators to review the Mozilla Foundation Advisory for Firefox 21.0, Firefox ESR 17.0.6, Thunderbird 17.0.6, and Thunderbird ESR 17.0.6 and apply any necessary updates to help mitigate the risk.

Read Full Entry »

Microsoft Releases May 2013 Security Bulletin

Published Thursday, May 9, 2013

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Lync, Office, and Windows Essentials as part of the Microsoft Security Bulletin Summary for May 2013. These vulnerabilities could allow remote code execution, denial of service, spoofing, information disclosure, or elevation of privilege.

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.

Read Full Entry »

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top