The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Adobe has released a security update to address a vulnerability in Adobe Shockwave Player 184.108.40.206 and earlier versions for Windows and Macintosh operating systems. Exploitation of this vulnerability could allow an attacker to take control of the affected system.
US-CERT recommends that users and administrators review Adobe Security Bulletin APSB14-06 and follow best practice security policies to determine which updates should be applied.
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Microsoft Security Software, and Microsoft .NET Framework as part of the Microsoft Security Bulletin Summary for February 2014. These vulnerabilities could allow remote code execution, elevation of privilege, information disclosure, or a denial of service.
US-CERT encourages users and administrators to review the bulletin and follow best practice security policies to determine which updates should be applied.
The Mozilla Foundation has released updates for the following products to address multiple vulnerabilities:
- Firefox 27
- Firefox ESR 24.3
- Thunderbird 24.3
- Seamonkey 2.24
These vulnerabilities could allow a remote attacker to execute arbitrary code, bypass intended access restrictions, cause a denial-of-service condition, or obtain sensitive information.
US-CERT encourages users and administrators to review the Mozilla Foundation Advisory for Firefox 27, Firefox ESR 24.3, Thunderbird 24.3, and Seamonkey 2.24 and apply any necessary updates to help mitigate the risk.