U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Cisco Releases Security Advisory for Cisco Unified Communications Manager

Cisco has released a security advisory to address multiple vulnerabilities in Cisco Unified Communications Manager. These vulnerabilities may allow an attacker to perform SQL injection attacks, conduct directory traversal attacks, or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20110427-cucm and apply any necessary updates or workarounds to help mitigate the risks.

Google Releases Chrome 11.0.696.57

Google has released Chrome 11.0.696.57 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or conduct cross-site scripting attacks.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 11.0.696.57 to help mitigate the security risks.

WordPress Releases Version 3.1.2

WordPress has released WordPress 3.1.2 to address a vulnerability. Execution of this vulnerability may allow an attacker to operate with elevated privileges.

US-CERT encourages users and administrators to review the WordPress Codex document for version 3.1.2 and apply any necessary updates to help mitigate the risks.

Adobe Releases Security Updates for Reader and Acrobat

Adobe has released updates for Adobe Reader and Acrobat for Windows and Macintosh. These updates address multiple vulnerabilities including the one described in the Flash Player security advisory APSA11-02. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review Adobe security bulletin APSB11-08 and apply any necessary updates to help mitigate the risks. Additional information regarding these vulnerabilities can be found in the US-CERT Vulnerability Note VU#230057.

Apple Releases iTunes 10.2.2

Apple has released iTunes 10.2.2 to address multiple vulnerabilities affecting the WebKit package. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Apple article HT4609 and apply any necessary updates to mitigate the risks.

Oracle Releases Critical Patch Update for April 2011

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top