The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Microsoft Office as part of the Microsoft Security Bulletin Summary for July 2011. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges.
US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.
The Internet System Consortium has released updates for BIND to address multiple vulnerabilities. CVE-2011-2464 affects the following versions: 9.6.3; 9.6-ESV-R4 and later; 9.7.0 and later; 9.7.1 and later; 9.7.2 and later; 9.7.3 and later; 9.7.4b1; 9.8.0 and later; and 9.8.1b1. CVE-2011-2465 affects the following versions: 9.8.0 and later, and 9.8.1b1. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition. Additional information regarding these vulnerabilities can be found in US-CERT Vulnerability Notes VU#142646 and VU#137968.
WordPress has released WordPress 3.1.4 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to operate with elevated privileges.
US-CERT encourages users and administrators to review the WordPress Codex document for version 3.1.4 and apply any necessary updates to help mitigate the risks.