The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .NET Framework, Silverlight, Forefront United Access Gateway, and Microsoft Host Integration Server as part of the Microsoft Security Bulletin Summary for October 2011. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with elevated privileges.
US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.
Additional information regarding the vulnerability identified in Microsoft Security Bulletin MS11-077 can be found in US-CERT Vulnerability Note VU#619281.
The Apache Foundation has issued a Security Advisory to address a vulnerability in Apache HTTP Server's reverse proxy mode. Exploitation of this vulnerability may allow a remote attacker to gain access to internal systems.
US-CERT encourages users and administrators to review the Apache HTTP Server Security Advisory mod_proxy reverse proxy exposure and apply any necessary updates or workarounds to help mitigate the risks.
Microsoft has issued a Security Bulletin Advance Notification indicating that its October release will contain eight bulletins. These bulletins will have the severity ratings of critical and important and will be for Microsoft .NET Framework, Microsoft Silverlight, Microsoft Windows, Internet Explorer, Microsoft Forefront Unified Access Gateway, and Microsoft Host Integration Server. Release of these bulletins is scheduled for Tuesday, October 12, 2011.
US-CERT will provide additional information as it becomes available.