U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Google Releases Chrome 5.0.375.126

Google has released Chrome 5.0.375.126 for Linux, Mac, and Windows. Chrome 5.0.375.126 contains an updated version of the Flash plugin which addresses multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks.

Microsoft Releases August Security Bulletin

Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, and Silverlight as part of the Microsoft Security Bulletin Summary for August 2010. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges.

US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied.

Foxit Releases Foxit Reader 4.1.1.0805

Foxit has released Foxit Reader 4.1.1.0805 to address a vulnerability associated with the improper rendering of PDF documents. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the security release notes for Foxit Reader 4.1.1.0805 and apply any necessary updates to help mitigate the risks. Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#275247.

US-CERT will provide additional information as it becomes available.

Microsoft Releases Advance Notification for August Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that its August release will contain 14 bulletins. Eight bulletins will have the severity rating of critical and will be for Microsoft Windows, Internet Explorer, Office, and Silverlight. The remaining six bulletins will have the severity rating of important and will be for Microsoft Windows and Office. Release of these bulletins is scheduled for Tuesday, August 10, 2010.

US-CERT will provide additional information as it becomes available.

Cisco Releases Security Advisory for Firewall Services Module

Cisco has released a security advisory to address multiple vulnerabilities in the Cisco Firewall Services Module. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition.

US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100804-fwsm and apply any necessary updates to help mitigate the risks.

Microsoft Releases Out-of-Band Security Bulletin to Address Shortcut Vulnerability

Microsoft has released security bulletin MS10-046 to address a critical vulnerability affecting Microsoft Windows. This vulnerability is due to the failure of Microsoft Windows to properly obtain icons for shortcut files. By convincing a user to display a specially crafted shortcut file, a remote attacker may be able to execute arbitrary code.

US-CERT strongly encourages users and administrators to review Microsoft security bulletin MS10-046 and apply any necessary updates to mitigate the risks.

Additional information regarding this vulnerability can be found in the following:

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top