U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

OpenSSL Releases Security Advisory

OpenSSL has released updates to address vulnerabilities in prior versions. Exploitation of some of these vulnerabilities may allow a remote attacker to obtain sensitive information. Updates available include:

  • OpenSSL 1.0.2g for 1.0.2 users
  • OpenSSL 1.0.1s for 1.0.1 users

Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary updates.

 

Apple Releases Security Update for Apple TV

Apple has released a security update for Apple TV to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected device.

US-CERT encourages users and administrators to review the Apple security update for Apple TV 7.2.1 (3rd generation) and apply the necessary update.

Drupal Releases Security Updates

Drupal has released updates to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website.

Available updates include:

  • Drupal core 6.38 for 6.x users
  • Drupal core 7.43 for 7.x users
  • Drupal core 8.0.4 for 8.0.x users

Users and administrators are encouraged to review Drupal's Security Advisory and apply the necessary updates.

FTC Shares Security Tips for ASUS Wireless Routers

The Federal Trade Commission (FTC) has provided network security tips for vulnerable ASUS-branded wireless routers. Major security flaws in these routers may have exposed customers' sensitive information to malicious actors.

FTC urges consumers to download the latest security updates for their routers and be cautious when setting up any personal cloud storage. Users and administrators are encouraged to visit FTC's blog for more information and review US-CERT's Tip on Securing Your Home Network ST15-002.

Microsoft Releases Update for EMET

US-CERT is aware of a vulnerability in Microsoft Enhanced Mitigation Experience Toolkit (EMET) versions prior to 5.5. Exploitation of this vulnerability may allow a remote attacker to bypass or disable EMET to take control of an affected system.

US-CERT recommends users and administrators visit the Microsoft Security TechCenter  and upgrade to EMET version 5.5. For additional information, please review the FireEye threat research blog.

Google Releases Security Update for Chrome

Google has released Chrome version 48.0.2564.116 to address a vulnerability for Windows, Mac, and Linux. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top