U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Microsoft Releases Security Update for Internet Explorer Use-After-Free Vulnerability

Microsoft has released out-of-band updates to address a critical use-after-free vulnerability in Internet Explorer versions 6 through 11, including IE versions running on Windows XP.

US-CERT recommends that users and administrators review Microsoft Security Bulletin MS14-021 and apply the necessary updates as soon as possible.

Mozilla Releases Security Updates for Firefox, Thunderbird, and Seamonkey

The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Thunderbird, and Seamonkey. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, cause a denial-of-service condition, execute arbitrary code, conduct phishing attacks, conduct a man-in-the-middle attack, or operate with elevated privileges on an affected system.

The following updates are available:

  • Firefox 29
  • Firefox ESR 24.5
  • Thunderbird 24.5
  • Seamonkey 2.26

Users and administrators are encouraged to review the Security Advisories for Firefox, Firefox ESR, Thunderbird, and Seamonkey to determine which updates should be applied to mitigate these risks.

Adobe Releases Security Updates for Flash Player

US-CERT is aware of active exploitation of a vulnerability in versions of Flash Player which could potentially allow an attacker to take control of an affected system. Adobe has released security updates to address these vulnerabilities.

The following updates are available:

  • Flash Player 13.0.0.206 for Windows, Macintosh, and Linux
  • Flash Player 11.7.700.279 for Windows and Macintosh
  • Flash Player 11.2.202.356 for Linux

Users and administrators are encouraged to review Adobe Security Bulletin APSB14-13 and apply the necessary updates.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top