The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
US-CERT is aware of reports indicating that WebGL contains multiple significant security issues. The impact of these issues includes denial of service, and cross-domain attacks. WebGL is a new web standard that is enabled by default in Firefox 4 and Google Chrome and is included in Safari.
US-CERT encourages users and administrators to review the Context report and update their systems as necessary to help mitigate the risks.
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Microsoft Office as part of the Microsoft Security Bulletin Summary for May 2011. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.
Apple released iOS 4.3.3 for the iPhone, iPod Touch, and iPad to address location tracking history capabilities. This update specifically addresses two bugs in iOS that resulted in the devices storing historical location data for too long.
US-CERT encourages users and administrators to review Apple article DL1358 and update to iOS 4.3.3.