U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Google Releases Chrome 10.0.648.134

Google has released Chrome 10.0.648.134 for Windows, Mac, Linux, and Chrome Frame. This release contains an updated version of the Adobe Flash player that addresses a vulnerability. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

BlackBerry WebKit Browser Engine Vulnerability

Research In Motion has released a security notice to alert users of a vulnerability affecting the WebKit browser engine provided in BlackBerry Device Software versions 6.0 and later. By convincing a user to browse to specially crafted website, a remote attacker may be able to execute arbitrary code. Exploitation of this vulnerability may allow an attacker to access user data stored on the media card and the built-in media storage on the affected BlackBerry device.

US-CERT encourages users and administrators to review BlackBerry security notice KB26132 and do the following to help mitigate the risks:

Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat

Adobe has released a security advisory to alert users of a vulnerability affecting the following products:

Google Releases Chrome 10.0.648.133

Google has released Chrome 10.0.648.133 for Windows, Mac, Linux, and Chrome Frame. This update addresses a vulnerability that may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

Japan Earthquake and Tsunami Disaster Email Scams, Fake Antivirus and Phishing Attack Warning

US-CERT would like to warn users of potential email scams, fake antivirus and phishing attacks regarding the Japan earthquake and the tsunami disasters. Email scams may contain links or attachments which may direct users to phishing or malware-laden websites. Fake antivirus attacks may come in the form of pop-ups which flash security warnings and ask the user for credit card information. Phishing emails and websites requesting donations for bogus for charitable organizations commonly appear after these types of natural disasters.

US-CERT encourages users to take the following measures to protect themselves:

Apple Releases Safari 5.0.4

Apple has released Safari 5.0.4 to address multiple vulnerabilities in the ImageIO, libxml, and WebKit packages. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct cross-site scripting attacks.

US-CERT encourages users and administrators to review Apple article HT4566 and apply any necessary updates to help mitigate the risks.

Pages

TLP:WHITE

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top