U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

VideoLAN Issues Security Advisory

VideoLAN has issued a security advisory to alert users of a vulnerability affecting VLC Media Player versions 1.0.0 through 1.1.8. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review VideoLAN Security Advisory 1103 and implement the workarounds provided in the advisory until a fix is available from the vendor.

US-CERT will provide additional information as it becomes available.

Microsoft Releases Advance Notification for April Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating its April release will contain 17 bulletins. Nine of these bulletins will have the severity rating of critical and will be for Microsoft Windows, Internet Explorer and Office. The remaining bulletins will have the severity rating of important and will be for Microsoft Windows, Office, Server Software, and Developer Tools and Software. Release of these bulletins is scheduled for Tuesday, April 12, 2011.

US-CERT will provide additional information as it becomes available.

ISC dhclient Vulnerability

The Internet Systems Consortium (ISC) has released an advisory to address a vulnerability in its dhclient application. This vulnerability may allow a remote attacker to execute arbitrary code on the client machine.

US-CERT encourages administrators of this product to review the ISC advisory. Users of ISC DHCP from the original source distribution should upgrade to ISC DHCP version 3.1-ESV-R1, 4.1-ESV-R2, or 4.2.1-P1. Users who obtain ISC DHCP from a third-party vendor, such as their operating system vendor, should check with their software vendor for updated versions.

Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#107886.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top