The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Cisco Releases Security Advisory for Unified MeetingPlace

Cisco has released a security advisory to address multiple vulnerabilities in Unified MeetingPlace. These vulnerabilities may allow a remote, unauthenticated attacker to obtain sensitive information, manipulate configuration data, create unauthorized accounts, operate with elevated privileges or cause a denial-of-service condition.

Google Releases Chrome 4.0.249.78

Google has released Chrome 4.0.249.78 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions, or cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 4.0.249.78 for Windows to help mitigate the risks.

RealNetworks, Inc. Releases Updates to Address Vulnerabilities

RealNetworks, Inc. has released updates to address multiple vulnerabilities in several versions of RealPlayer for Windows, Mac, and Linux and several versions of the Helix Player for Linux. These vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the RealNetworks, Inc. advisory and apply any necessary updates to help mitigate the risks.

Microsoft Releases Cumulative Security Update for Internet Explorer

Microsoft has released Security Bulletin MS10-002 as a Cumulative Security Update for Internet Explorer. This update addresses multiple vulnerabilities that when exploited, may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review Microsoft Security Bulletin MS10-002 and apply any necessary updates to help mitigate the risks.

Apple Releases Security Update 2010-001

Apple has released Security Update 2010-001 to address multiple vulnerabilities in a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

US-CERT encourages users and administrators to review Apple article HT4004 and apply any necessary updates to help mitigate the risks.

Adobe Releases Shockwave Player Update

Adobe has released an update for Shockwave Player to address multiple vulnerabilities. These vulnerabilities affect Adobe Shockwave Player 11.5.2.602 and earlier versions for Windows and Macintosh. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review Adobe Security Bulletin APSB10-03 and apply any necessary updates to help mitigate the risks.

This product is provided subject to this Notification and this Privacy & Use policy.

Technical Documents

Featured Articles

Related Resources