The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Cisco has released three security advisories to address vulnerabilities affecting Cisco ASA 5500 Series Adaptive Security Appliances, Cisco Catalyst 6500 Series ASA Services Module, Cisco Firewall Services Module, and Cisco Network Admission Control Manager. These vulnerabilities may allow an attacker to cause a denial-of-service condition, bypass authentication mechanisms, or obtain sensitive information.
US-CERT encourages users and administrators to review Cisco security advisories cisco-sa-20111005-asa, cisco-sa-20111005-fwsm, and cisco-sa-20111005-nac and apply any necessary updates to help mitigate the risks.
Google has released Chrome 14.0.835.202 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 14.0.835.202.
Cisco has released a security advisory to address a vulnerability in the Cisco IOS Software Install feature running on Cisco Catalyst Switches. Exploitation of this vulnerability may allow remote code execution by an unauthenticated attacker.
US-CERT encourages administrators to review Cisco Security Advisory cisco-sa-20110928-smart-install for information about software updates and to review the Cisco Applied Mitigation Bulletin for workaround information.