U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Foxit Releases Foxit Reader 3.3

The Foxit Corporation has released Foxit Reader 3.3 for Windows. This release of Foxit Reader contains a component called Trust Manager. Foxit Reader release notes indicate that the Trust Manager enables users to allow or deny unauthorized actions and data transmission, including URL connection, attachments PDF action, and JavaScript. This addresses the vulnerability in the PDF specification /Launch function.

US-CERT encourages users and administrators to review the Foxit Reader 3.3 release notes and upgrade to Foxit Reader 3.3 to help mitigate the risks associated with the PDF specification /Launch function vulnerability. Additional information regarding the /Launch function vulnerability can be found in the Vulnerability Notes Database.

Opera Software Releases Opera 10.53

Opera Software has released Opera 10.53 to address a vulnerability. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the Opera Software security advisory related to this vulnerability and upgrade to Opera 10.53 to help mitigate the risks.

Microsoft Releases Security Advisory 983438

Microsoft has released security advisory 983438 to notify users of a vulnerability in Microsoft Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007. The advisory states that Microsoft is investigating public reports of exploitation of the vulnerability that may allow the execution of arbitrary script within the SharePoint site.

US-CERT encourages users and administrators to review Microsoft Security Advisory 983438 and apply any workarounds to mitigate the risks.

US-CERT will provide additional information as it becomes available.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top