U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Mozilla Releases Security Updates for Firefox

The Mozilla Foundation has released security updates to address a critical vulnerability in Firefox and Firefox ESR. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

Available updates include:

  • Firefox 40.0.3
  • Firefox ESR 38.2.1

US-CERT encourages users and administrators to review the Security Advisories for Firefox and Firefox ESR and apply the necessary updates.

Apple Releases Security Update for QuickTime

Apple has released a security update to address multiple vulnerabilities in QuickTime for Windows 7 and Windows Vista. Exploitation of one of these vulnerabilities may allow an attacker to take control of an affected system.

Users and administrators are encouraged to review the Apple security update page for QuickTime 7.7.8 and apply the necessary update.

Drupal Releases Security Updates

Drupal has released updates to address multiple vulnerabilities, one of which could allow an attacker with elevated permissions to inject malicious code.

Available updates include:

  • Drupal core 6.37 for 6.x users
  • Drupal core 7.39 for 7.x users

US-CERT encourages users and administrators to review Drupal's Security Advisory and apply the necessary updates.

Microsoft Releases Critical Security Update for Internet Explorer

Microsoft has released a critical security update to address a vulnerability in Internet Explorer. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system if the user views a specially crafted webpage.

Users and administrators are encouraged to review Microsoft Bulletin MS15-093 for details and apply the necessary update.

Adobe Releases Security Update for LiveCycle Data Services

Adobe has released a security update to address a vulnerability in LiveCycle Data Services versions 4.7, 4.6.2, 4.5, and 3.0.x. Exploitation of this vulnerability may allow a remote attacker to obtain sensitive information from an affected system.

US-CERT recommends that users and administrators review Adobe Security Bulletin APSB15-20 and apply the necessary updates.

Apple Releases Security Updates for OS X Server, iOS, Safari, and Yosemite

Apple has released security updates for OS X Server, iOS, Safari, and Yosemite to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

Available updates include:

  • iOS 8.4.1 for iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
  • Safari 8.0.8 for OS X Yosemite v10.10.4
  • Safari 7.1.8 for OS X Mavericks v10.9.5
  • Safari 6.2.8 for OS X Mountain Lion v10.8.5
  • OS X Server v4.1.5 for OS X Yosemite v10.10.5 or later
  • OS X Yosemite v10.10.5 and Security Update 2015-006 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10 to v10.10.4.

US-CERT encourages users and administrators to review Apple security updates for OS X Server, iOS, Safari, Yosemite, and Security Update 2015-006 and apply the necessary updates.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top