The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Mozilla has released Firefox 4.0.1, 3.6.17, and 3.5.19 to address multiple vulnerabilities. The impact of these vulnerabilities includes arbitrary code execution, privilege escalation, directory traversal, and information disclosure.
US-CERT encourages users and administrators to review the Mozilla Foundation Security Advisories for April 28, 2011 and apply any necessary updates to mitigate the risks.
Cisco has released a security advisory to address multiple vulnerabilities in Cisco Unified Communications Manager. These vulnerabilities may allow an attacker to perform SQL injection attacks, conduct directory traversal attacks, or cause a denial-of-service condition.
US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20110427-cucm and apply any necessary updates or workarounds to help mitigate the risks.
Google has released Chrome 11.0.696.57 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or conduct cross-site scripting attacks.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 11.0.696.57 to help mitigate the security risks.