U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Adobe Releases Security Advisory for Vulnerability in Reader and Acrobat

Adobe has released a security advisory to address a vulnerability in Adobe Reader and Acrobat. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. The advisory indicates that this vulnerability is being actively exploited.

US-CERT encourages users and administrators to review Adobe security advisory APSA10-02 and consider implementing the suggested workaround of utilizing Microsoft's Enhanced Mitigation Toolkit (EMET) to help prevent this vulnerability from being exploited. Additional information on EMET can be found on the Microsoft Security Research and Defense blog.

US-CERT will provide additional information as it becomes available.

Malicious Email Campaign Circulating

US-CERT is aware of public reports of malware spreading via email. These reports indicate that the malicious email messages contain the subject line "Here you have" or "Just For You" and contain a link to a seemingly legitimate PDF file. If users click on this link, they will be redirected to a malicious website that will prompt them to download and install a screensaver (.scr) file. If they agree to install this file, they will become infected with an email worm that will continue to propagate through their email contacts.

US-CERT encourages users and administrators to take the following preventive measures to help mitigate the security risks:

Microsoft Releases Advance Notification for September Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that its September release will contain nine bulletins. Four bulletins will have the severity rating of critical and will be for Microsoft Windows and Office. The remaining five bulletins will have the severity rating of important and will be for Microsoft Windows. Release of these bulletins is scheduled for Tuesday, September 14, 2010.

US-CERT will provide additional information as it becomes available.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top