U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Google Releases Chrome 9.0.597.84

Google has released Chrome 9.0.597.84 for all platforms to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

Adobe Prenotification Security Advisory for Adobe Reader and Acrobat

Adobe had issued a prenotification advisory indicating that it plans to release updates for Adobe Reader and Acrobat to address multiple vulnerabilities. The advisory indicates that updates for Windows and Macintosh will be available on February 8, 2011. An update for UNIX will be available the week of February 28, 2011.

US-CERT encourages users and administrators to review the Adobe Advisory.

US-CERT will provide additional information as it becomes available.

Majordomo Vulnerable to Directory Traversal

US-CERT is aware of a vulnerability affecting Majordomo 2. Exploitation of this vulnerability may allow an attacker to obtain sensitive information that could be used to leverage additional attacks. Reports indicate that this vulnerability affects builds 20110121 and prior.

US-CERT encourages users and administrators to upgrade to Majordomo 2 build 20110125 and later. Additional information regarding this vulnerability can be found in this Sitewatch Advisory.





Microsoft Releases Advance Notification for February Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that its February release will contain 12 bulletins. Three of these bulletins will have the severity rating of critical and will be for Microsoft Windows and Internet Explorer. The remaining bulletins will have a severity rating of important and will be for Microsoft Windows and Office. Release of these bulletins is scheduled for Tuesday, February 8, 2011.

US-CERT will provide additional information as it becomes available.

Cisco Releases Security Advisory for Tandberg E, EX, and C Series Endpoints

Cisco has released a security advisory to address a vulnerability in the Tandberg C Series Endpoints and E/EX Personal Video units running software versions prior to TC4.0.0. This vulnerability may allow an attacker to gain administrative access to the device.

US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20110202-tandberg and apply any necessary updates or workarounds to help mitigate the risks. Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#436854.

VideoLAN Releases Security Advisory for VLC Media Player

VideoLAN has released a security advisory to address a vulnerability in VLC Media Player. This vulnerability may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review VideoLAN security advisory VideoLAN-SA-1102 and apply any necessary updates or workarounds to help mitigate the risks.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top