U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

VideoLAN Releases VLC Media Player 1.1.10

VideoLAN has released VLC Media Player 1.1.10 to address an integer overflow vulnerability in the xspf demuxer. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the release notes for VLC Media Player 1.1.10 and apply any necessary updates to help mitigate the risks.

Oracle Releases Critical Patch Update for June 2011

Oracle released its June Critical Patch Update (CPU) containing 17 security fixes for the following products:

  • JDK and JRE 6 Update 25 and earlier for Windows, Solaris, and Linux
  • JDK and JRE 5.0 Update 29 and earlier for Windows, Solaris, and Linux
  • SDK and JRE 1.4.2_31 and earlier for Windows, Solaris, and Linux
US-CERT encourages users and administrators to review the Oracle Java SE Critical Patch Update Advisory for June 2011 and apply any necessary updates to help mitigate the risks.

Adobe Releases Security Update for Flash Player

Adobe has released security bulletin APSB11-13 to address a vulnerability in Flash Player 10.3.181.16 and earlier versions for Windows, Macintosh, Linux, and Solaris, and 10.3.185.22 and earlier versions for Android. Exploitation of this vulnerability may allow an attacker to conduct a cross-site scripting attack.

US-CERT encourages users and administrators to review Adobe security bulletin APSB11-13 and upgrade to Adobe Flash Player 10.3.181.22 for Windows, Macintosh, Linux, and Solaris. Adobe has indicated that updates for Android users will be available during the week of June 6.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top