The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Google has released Chrome 13.0.782.107 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to perform a cross-site scripting attack, or to execute arbitrary code.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 13.0.782.107 to help mitigate the security risks.
Cisco has released a security advisory and an applied mitigation bulletin to address vulnerabilities in Cisco TelePresence Recording Server Software Release 220.127.116.11. Successful exploitation of these vulnerabilities may allow an attacker to bypass security restrictions or take control of the affected device.
US-CERT encourages system administrators to review the Cisco advisory and the Applied Mitigation Bulletin and apply any necessary updates or workarounds to mitigate the risks.
Apple has released iOS 4.3.5 for the iPhone (GSM model), iPod touch, and iPad, and iOS 4.2.10 for the iPhone (CDMA model) to address a vulnerability. This vulnerability may allow an attacker with a privileged network position to capture or modify data in SSL/TLS sessions.