The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Oracle has released its Critical Patch Update for July 2010 to address 59 vulnerabilities across multiple products. This update contains the following security fixes:
- 6 for Oracle Database Server
- 2 for TimesTen In-Memory Database
- 5 for Oracle Secure Backup
- 7 for Oracle Fusion Middleware
- 1 for Oracle Enterprise Manager
- 7 for Oracle E-Business Suite
- 2 for Oracle Supply Chain Products Suite
- 8 for Oracle PeopleSoft and JDEdwards Suite
- 21 for Oracle Sun Products Suite
Microsoft has released updates to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for July 2010. These vulnerabilities may allow an attacker to execute arbitrary code.
US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.
Oracle has issued a critical patch update pre-release announcement indicating that its July release will contain 59 new vulnerability fixes. Release of the critical patch update is scheduled for Tuesday, July 13, 2010.
US-CERT encourages users and administrators to review the pre-release announcement; US-CERT will provide updates as they become available.
Microsoft has issued a Security Bulletin Advance Notification, indicating that its July release will contain four bulletins. Three bulletins will have the severity rating of critical and will be for Microsoft Windows and Office. The remaining bulletin will have the severity rating of important and will be for Microsoft Office. Release of these bulletins is scheduled for Tuesday, July 13, 2010.
US-CERT will provide additional information as it becomes available.
Google has released Chrome 5.0.375.99 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.
US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.
Adobe has released an update for Reader and Acrobat to address multiple vulnerabilities. These vulnerabilities affect the following versions:
- Adobe Reader 9.3.2 and earlier versions for Windows, Macintosh, and UNIX
- Adobe Acrobat 9.3.2 and earlier versions for Windows and Macintosh
US-CERT encourages users and administrators to review Adobe Security Bulletin APSB10-15 and apply any necessary updates to help mitigate the risks.