The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Google has released Google Chrome 30.0.1599.101 for Windows, Mac, Linux and Chrome Frame operating systems to address multiple vulnerabilities. These vulnerabilities could allow a remote attacker to cause a denial-of-service condition or trigger multiple conflicting uses of the same object.
US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update to Chrome 30.0.1599.101.
Apple has released a security update for Java on Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, and OS X Mountain Lion 10.8 or later to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code with the privileges of the current user.
Oracle has released its Critical Patch Update for October 2013 to address 127 vulnerabilities across multiple products. This update contains the following security fixes:
- 2 for Oracle Database Server
- 17 for Oracle Fusion Middleware
- 4 for Oracle Enterprise Manager Grid Control
- 1 for Oracle E-Business Suite
- 2 for Oracle Supply Chain Products Suite
- 8 for Oracle PeopleSoft Products
- 9 for Oracle Siebel CRM
- 2 for Oracle iLearning
- 6 for Oracle Industry Applications
- 1 for Oracle Financial Services Software
- 2 for Oracle Primavera Products Suite
- 51 for Oracle Java SE
- 12 for Oracle and Sun Systems Products Suite
- 2 for Oracle Virtualization
- 8 for Oracle MySQL
US-CERT encourages users and administrators to review the October 2013 Critical Patch Update and follow best practice security policies to determine which updates should be applied.