The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Adobe has released a security update for Shockwave Player to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review Adobe security bulletin APSB10-25 and apply any necessary updates to help mitigate the risks. Additional information regarding the 'rcsL' chunk parsing vulnerability can be found in US-CERT vulnerability note VU#402231.
Adobe has released a security advisory to alert users of a vulnerability affecting the following applications:
Cisco has released a security advisory to address a vulnerability affecting CiscoWorks Common Services for Oracle Solaris and Microsoft Windows. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code with administrative privileges or cause a denial-of-service condition.
US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20101027-cs and apply any necessary updates or workarounds to help mitigate the risks.