The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Cisco has released a security advisory to address a vulnerability in the web framework of Cisco Unified Computing System (UCS) Central Software. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates.
WordPress 4.2 and prior versions contain critical cross-site scripting vulnerabilities. Exploitation of these vulnerabilities could allow a remote attacker to take control of an affected website.
Users and administrators are encouraged to review the WordPress Security and Maintenance Release and upgrade to WordPress 4.2.2.
Apple has released security updates for Safari to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of the affected system.
Available updates include:
- Safari 8.0.6 for OS X Yosemite v10.10.3
- Safari 7.1.6 for OS X Mavericks v10.9.5
- Safari 6.2.6 for OS X Mountain Lion v10.8.5
US-CERT encourages users and administrators to review Apple security update HT204826 and apply the necessary updates.