The US-CERT Current Activity web page is a regularly updated summary of the most frequent, high-impact types of security incidents currently being reported to the US-CERT.
Adobe has released security updates to address multiple vulnerabilities in Flash Player, one of which could allow a remote attacker to take control of an affected system.
Users and administrators are encouraged to review Adobe Security Bulletin APSB15-04 and apply the necessary updates.
Apple has released security updates for OS X, Safari, iOS and Apple TV to address multiple vulnerabilities, one of which could allow a remote attacker to take control of an affected system.
Updates available include:
- OS X v10.10.2 and Security Update 2015-001 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10 and v10.10.1
- Safari 8.0.3, Safari 7.1.3, and Safari 6.2.3 for OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, and OS X Yosemite v10.10.1
- iOS 8.1.3 for iPhone 4s and later, iPod touch 5th generation and later, and iPad 2 and later
- Apple TV 7.0.3 for Apple TV 3rd generation and later
The Linux GNU C Library (glibc) versions 2.2 and other 2.x versions before 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
US-CERT recommends users and administrators refer to their respective Linux or Unix-based OS vendor(s) for an appropriate patch if affected. Patches are available from Ubuntu, Red Hat, and Debian. The GNU C Library versions 2.18 and later are also available for experienced users and administrators to implement.