U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Oracle Releases Critical Patch Update for Java SE and Java for Business

Oracle has released a Critical Patch Update for Java SE and Java for Business. This update addresses multiple vulnerabilities and contains 21 security fixes.

US-CERT encourages users and administrators to review the Oracle Java SE and Java for Business Critical Patch Update Advisory for February 2011 and apply any necessary updates to help mitigate the risks.

VMware Releases Advisory for Windows 7 Users

VMware has released an advisory to alert users of an issue affecting VMware on the Microsoft Windows 7 platform. This issue prevents VMware from connecting from the View Client on Windows 7 to the View Connection Server after installing the Microsoft patches 2482017 and 2467023 from Microsoft Security Bulletin MS11-003.

VMware users on the Windows 7 platform should upgrade to VMware View Client build 353760 prior to applying Microsoft patches 2482017 and 2467023. VMware users who have previously applied these Microsoft patches should upgrade to VMware View Client build 353760 to mitigate the issue.

Additional information can be found in the VMware Knowledge Base advisory.

Oracle Releases Security Alert for Java Runtime Environment

Oracle has released a security alert to address a vulnerability in the Java Runtime Environment component of the Oracle Java SE and Java for Business products. Exploitation of this vulnerability may allow an attacker to cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Oracle Security Alert for CVE-2010-4476 and apply any necessary updates to help mitigate the risks.

Google Releases Chrome 9.0.597.95

Google has released Chrome 9.0.597.95 for all platforms to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. This update also includes a recently released version of Adobe Flash Player that repairs several vulnerabilities.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

Adobe Releases Security Update for Flash Player

Adobe has released a security bulletin to address multiple vulnerabilities in Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Adobe Security Bulletin APSB11-02 and apply any necessary updates to help mitigate the risks.

RealNetworks, Inc. Releases Security Updates for RealPlayer

RealNetworks, Inc. has released security updates to address a vulnerability affecting Windows RealPlayer 14.0.1 and earlier versions and RealPlayer Enterprise 2.1.4 and earlier versions. Exploitation of this vulnerability may allow an attacker to execute arbitrary code in the context of the browser.

US-CERT encourages users and administrators to review the RealNetworks, Inc. security notice released on February 8, 2011 and upgrade to the most current version of RealPlayer to help mitigate the risks.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top