U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

Installer Hijacking Vulnerability in Android Devices

A vulnerability in Google's Android OS has been discovered that could allow an attacker to change or replace a seemingly safe Android application with malware during installation. An attacker exploiting this vulnerability could access and steal user data on compromised devices without user knowledge. Devices running Android version 4.4 or later are not vulnerable.

US-CERT advises users to ensure their devices are running an up-to-date version of Android and to use caution when installing software from third-party app stores.
 

Apple Releases Security Update for OS X Yosemite

Apple has released Security Update 2015-003 for OS X Yosemite v10.10.2 to address multiple vulnerabilities. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review Apple Security Update 2015-003 and apply the necessary updates.

Mozilla Releases Security Updates for Firefox, Firefox ESR, and SeaMonkey

The Mozilla Foundation has released security updates to address vulnerabilities in Firefox, Firefox ESR, and SeaMonkey. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system.

Available updates include:

  • Firefox 36.0.4
  • Firefox ESR 31.5.3
  • SeaMonkey 2.33.1

Users and administrators are encouraged to review the Security Advisories for Firefox, Firefox ESR, and SeaMonkey and apply the necessary updates.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top