U.S. Flag Official website of the Department of Homeland Security

The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.

OpenSSL Patches Eight Vulnerabilities

OpenSSL has released updates patching eight vulnerabilities, one of which may allow an attacker to cause a Denial of Service condition.
 
The following updates are available: 

  • OpenSSL 1.0.1k for 1.0.1 users
  • OpenSSL 1.0.0p for 1.0.0 users
  • OpenSSL 0.9.8zd for 0.9.8 users

Users and administrators are encouraged to review the OpenSSL Security Advisory for additional information and apply the necessary updates.
 

Apple Releases Security Updates for OS X

Apple has released security updates for OS X Mountain Lion, Mavericks, and Yosemite to address multiple vulnerabilities in the Network Time Protocol daemon. Exploitation of these vulnerabilities may allow a remote attacker to take control of a vulnerable system.

US-CERT encourages users and administrators to review Apple Security Update HT6601 and Vulnerability Note VU#852879 for additional information, and apply the necessary updates.

oCERT Releases Advisory for Unpatched UnZip Vulnerability

The Open Source Computer Security Incident Response Team (oCERT) has released an advisory addressing vulnerabilities in all versions of UnZip. Exploitation of these vulnerabilities may allow a remote attacker to take control of an affected system if a user opens a specially crafted zip file.

US-CERT recommends users and administrators to review the oCERT Advisory for more details.

Pages

This product is provided subject to this Notification and this Privacy & Use policy.

Back to Top