U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Apple Releases Java Updates for Mac OS X 10.5 and OS X 10.6

Apple has released Java for Mac OS X 10.5 Update 9 and Java for Mac OS X 10.6 Update 4 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Apple article HT4563 and HT4562 and apply any necessary updates to help mitigate the risks.

Google Releases Chrome 10.0.648.127

Google has released Chrome 10.0.648.127 for all platforms to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or bypass security restrictions.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

Microsoft Releases March Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for March 2011. These vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied.

Microsoft Releases Advance Notification for March Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that its March release will contain three bulletins. One of these bulletins will have the severity rating of critical and will be for Microsoft Windows. The remaining two bulletins will have the severity rating of important and will be for Microsoft Windows and Office. Release of these bulletins is scheduled for Tuesday, March 8, 2011.

US-CERT will provide additional information as it becomes available.

Apple Releases iTunes 10.2

Apple has released iTunes 10.2 to address multiple vulnerabilities affecting the ImageIO, libxml, and WebKit packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Apple article HT4554 and apply any necessary updates to help mitigate the risks.

Mozilla Releases Updates for Firefox, Thunderbird, and SeaMonkey

The Mozilla Foundation has released Firefox 3.6.14 and Firefox 3.5.17 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site request forgery attacks, cause a denial-of-service condition, or operate with elevated privileges.

Some of these vulnerabilities also affect Thunderbird and SeaMonkey. The Mozilla Foundation has released Thunderbird 3.1.8 and SeaMonkey 2.0.12 to address these vulnerabilities.

US-CERT encourages users and administrators to review the Mozilla Foundation security advisories for Firefox 3.6.14 and apply any necessary updates to help mitigate the risks.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top