The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Adobe has released updates for Flash Player and Flash Media Server to address multiple vulnerabilities. These vulnerabilities affect Adobe Flash Player 10.2.159.1 and earlier versions for Windows, Macintosh, Linux, and Solaris; Adobe Flash Player 10.2.157.51 and earlier versions for Android; Adobe Flash Media Server 4.0.1 and earlier versions; and Adobe Flash Media Server 3.5.5 and earlier versions for Windows and Linux. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or execute arbitrary code.
US-CERT encourages users and administrators to review Adobe Security Advisory APSB11-12 and Adobe Security Advisory APSB11-11 and apply any necessary updates to help mitigate the risks.
Google released Chrome 11.0.696.68 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 11.0.696.68 to help mitigate the security risks. The Google Chrome blog entry may be temporarily unavailable. Google is currently working to fix the issue.
US-CERT is aware of reports indicating that WebGL contains multiple significant security issues. The impact of these issues includes denial of service, and cross-domain attacks. WebGL is a new web standard that is enabled by default in Firefox 4 and Google Chrome and is included in Safari.
US-CERT encourages users and administrators to review the Context report and update their systems as necessary to help mitigate the risks.