U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Mozilla Releases Firefox 3.5.13 and 3.6.10

The Mozilla Foundation has released Firefox 3.5.13 and 3.6.10 to address a stability issue affecting some users.

US-CERT encourages users and administrators to review the release notes for Firefox 3.5.13 and Firefox 3.6.10 and apply any necessary updates to mitigate the issue.

Apple Releases QuickTime 7.6.8

Apple has released QuickTime 7.6.8 to address two vulnerabilities affecting earlier versions of QuickTime for Windows.

The first vulnerability is due to improper input validation in the QuickTime ActiveX control. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.

The second vulnerability is due to a path searching issue related to insecure loading of dynamic link libraries (DLLs). Exploitation of this vulnerability may allow an attacker to execute arbitrary code. Additional information regarding this class of vulnerabilities can be found in the US-CERT Current Activity entry titled "Insecure Loading of Dynamic Link Libraries in Windows Applications" and in the US-CERT Vulnerability Note VU#707943.

US-CERT encourages users and administrators to review Apple article HT4339 and apply any necessary updates to help mitigate the risks.

Google Releases Chrome 6.0.472.59

Google has released Chrome 6.0.472.59 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top