U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Adobe Releases Security Advisory for Adobe Reader and Acrobat

Adobe has released a security advisory to address multiple vulnerabilities in Adobe Reader and Acrobat. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or operate with escalated privileges.

US-CERT encourages users and administrators to review Adobe security advisory APSB11-24 and apply any necessary updates to help mitigate the risks.

Microsoft Releases September Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Server Software as part of the Microsoft Security Bulletin Summary for September 2011. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges.

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.

Fraudulent DigiNotar SSL Certificate

US-CERT is aware of public reports of the existence of fraudulent SSL certificates issued by DigiNotar. These fraudulent SSL certificates could be used by an attacker to masquerade as legitimate sites.

Mozilla has released Firefox 3.6.22 and Firefox 6.0.2 to address this issue. Additional information can be found in the Mozilla Security Blog.

Microsoft has removed the DigiNotar root certificates from the Microsoft Certificate Trust List. This change affects all versions of Windows Vista, Windows 7, Windows XP, Windows Server 2008, Windows Server 2008 R2, and Windows Server 2003. Additional information can be found in Microsoft Security Advisory 2607712.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top