U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Adobe Releases Security Updates for Flash Player

Adobe has released security updates to address multiple vulnerabilities in Flash Player, one of which could allow a remote attacker to take control of an affected system.

Users and administrators are encouraged to review Adobe Security Bulletin APSB15-04 and apply the necessary updates.

Apple Releases Security Updates for OS X, Safari, iOS and Apple TV

Apple has released security updates for OS X, Safari, iOS and Apple TV to address multiple vulnerabilities, one of which could allow a remote attacker to take control of an affected system.

Updates available include:

  • OS X v10.10.2 and Security Update 2015-001 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10 and v10.10.1
  • Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.1
  • iOS 8.1.3 for iPhone 4s and later, iPod touch 5th generation and later, and iPad 2 and later
  • Apple TV 7.0.3 for Apple TV 3rd generation and later

US-CERT encourages users and administrators to review Apple security updates HT204244, HT204243HT204245 and HT204246, and apply the necessary updates.

Linux "Ghost" Remote Code Execution Vulnerability

The Linux GNU C Library (glibc) versions 2.2 and other 2.x versions before 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu, Red Hat, and Debian. The GNU C Library versions 2.18 and later are also available for experienced users and administrators to implement.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top