The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Microsoft Releases Advance Notification for February Security Bulletin

Microsoft has issued a Security Bulletin Advance Notification indicating that its February release will contain 12 bulletins. Three of these bulletins will have the severity rating of critical and will be for Microsoft Windows and Internet Explorer. The remaining bulletins will have a severity rating of important and will be for Microsoft Windows and Office. Release of these bulletins is scheduled for Tuesday, February 8, 2011.

Cisco Releases Security Advisory for Tandberg E, EX, and C Series Endpoints

Cisco has released a security advisory to address a vulnerability in the Tandberg C Series Endpoints and E/EX Personal Video units running software versions prior to TC4.0.0. This vulnerability may allow an attacker to gain administrative access to the device.

VideoLAN Releases Security Advisory for VLC Media Player

VideoLAN has released a security advisory to address a vulnerability in VLC Media Player. This vulnerability may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review VideoLAN security advisory VideoLAN-SA-1102 and apply any necessary updates or workarounds to help mitigate the risks.

Cisco Releases Security Advisory for Multiple Cisco WebEx Player Vulnerabilities

Cisco has released a security advisory to address multiple vulnerabilities in WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. These vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20110201-webex and apply any necessary updates to help mitigate the risks.

Microsoft Releases Security Advisory 2501696

Microsoft has released Microsoft security advisory 2501696 indicating that it is investigating public reports of a vulnerability affecting Windows. This vulnerability is due to the way MHTML interprets MIME-formatted requests for content blocks within a document. Exploitation of this vulnerability may allow an attacker to obtain sensitive information.

RealNetworks, Inc. Releases Update for RealPlayer

RealNetworks, Inc. has released an update for Windows RealPlayer 14.0.1 and prior to address a vulnerability. Exploitation of this vulnerability may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the RealNetworks, Inc. security advisory and apply any necessary updates to help mitigate the risks.

This product is provided subject to this Notification and this Privacy & Use policy.