The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Microsoft has released Microsoft security advisory 2501696 indicating that it is investigating public reports of a vulnerability affecting Windows. This vulnerability is due to the way MHTML interprets MIME-formatted requests for content blocks within a document. Exploitation of this vulnerability may allow an attacker to obtain sensitive information.
US-CERT encourages users and administrators to review Microsoft security advisory 2501696 and implement the suggested workarounds or utilize Microsoft Fix it 50602 to help mitigate the risks. Additional information regarding this vulnerability can be found on the Microsoft TechNet Security Research & Defense blog.
RealNetworks, Inc. has released an update for Windows RealPlayer 14.0.1 and prior to address a vulnerability. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the RealNetworks, Inc. security advisory and apply any necessary updates to help mitigate the risks.
Opera Software has released version 11.01 of the Opera web browser for Windows, Mac, and Unix to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, bypass security restrictions, or obtain sensitive information.
US-CERT encourages users and administrators to review the changelog for version 11.01 of the Opera web browser and update to Opera 11.01 to mitigate the risks.