The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Microsoft has issued a Security Bulletin Advance Notification indicating that its September release will contain nine bulletins. Four bulletins will have the severity rating of critical and will be for Microsoft Windows and Office. The remaining five bulletins will have the severity rating of important and will be for Microsoft Windows. Release of these bulletins is scheduled for Tuesday, September 14, 2010.
US-CERT will provide additional information as it becomes available.
Cisco has released updates to address multiple vulnerabilities in the Cisco Wireless LAN Controller (WLC). Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition, modify the device configuration, or bypass access control lists.
US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100908-wlc and apply any necessary updates to help mitigate the risks.
The Mozilla Foundation has released Firefox 3.6.9 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, leverage cross-site scripting attacks, or cause a denial-of-service condition. The Mozilla Foundation has also released Firefox 3.5.12 to address these same vulnerabilities. Some of these vulnerabilities also affect Thunderbird and SeaMonkey.
US-CERT encourages users and administrators to review the Mozilla Foundation Security Advisories released on September 7, 2010 and apply any necessary updates to help mitigate the risks.