The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
OpenSSL has released new updates addressing multiple vulnerabilities, one of which is classified as a high severity issue. Exploitation could allow a remote attacker to cause a cause a Denial of Service attack against the server.
Updates available include:
- OpenSSL 1.0.2a for 1.0.2 users
- OpenSSL 1.0.1m for 1.0.1 users
- OpenSSL 1.0.0r for 1.0.0 users
- OpenSSL 0.9.8zf for 0.9.8 users
Ubuntu has released a security update to address multiple vulnerabilities in PHP5 affecting Ubuntu 14.10, 14.04 LTS, 12.04 LTS, and 10.04 LTS. Exploitation of these vulnerabilities may allow an attacker to cause a denial of service or execute arbitrary code.
Users and administrators are encouraged to review Ubuntu Security Notices USN-2535-1 and apply the necessary updates.
Apple has released security updates for Safari to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow a remote attacker to execute arbitrary code or prevent users from discerning a phishing attack on an affected system.
- Safari 8.0.4 for OS X Yosemite v10.10.2
- Safari 7.1.4 for OS X Mavericks v10.9.5
- Safari 6.2.4 for OS X Mountain Lion v10.8.5
US-CERT encourages users and administrators to review Apple security update HT204560 and apply the necessary updates.