Current Activity

View Current Activity Feed

Current Activity provides timely information on security risks to help you better protect your systems from malware campaigns and mitigate against new software vulnerabilities.

Microsoft Releases Advance Notification for December Security Bulletin

added Friday, December 7, 2012 at 10:02 am

Microsoft has issued a Security Bulletin Advance Notification indicating that its December release will contain seven bulletins. These bulletins will have a severity rating of critical and important and will be for Microsoft Windows, Internet Explorer, Office, and Server Software. Release of these bulletins is scheduled for Tuesday, December 11, 2012.

US-CERT will provide additional information as it becomes available.

Google Releases Google Chrome 23.0.1271.95

added Monday, December 3, 2012 at 01:02 pm

Google has released Google Chrome 23.0.1271.95 for Windows, Mac, and ChromeFrame to address multiple vulnerabilities. These vulnerabilities could result in a denial of service or allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update to Chrome 23.0.1271.95 to help mitigate the risk.

Google Releases Google Chrome 23.0.1271.91

added Tuesday, November 27, 2012 at 11:21 am

Google has released Google Chrome 23.0.1271.91 for Windows, Mac, Linux, and ChromeFrame to address multiple vulnerabilities. These vulnerabilities could result in a denial of service or allow an attacker to execute arbitrary code.

US-CERT encourages users and administrators to review the Google Chrome Release blog entry and update to Chrome 23.0.1271.91.

Mozilla Releases Multiple Updates

added Wednesday, November 21, 2012 at 11:40 am

The Mozilla Foundation has released updates to address multiple vulnerabilities for the following products:

  • Firefox 17.0
  • Firefox ESR 10.0.11
  • Thunderbird 17.0
  • Thunderbird ESR 10.0.11
  • SeaMonkey 2.14

These vulnerabilities may allow an attacker to execute arbitrary code, operate with elevated privileges, bypass safety restrictions, or perform a cross-site scripting attack.

US-CERT encourages users and administrators to review the Mozilla Foundation Advisories for Firefox 17.0, Firefox ESR 10.0.11, Thunderbird 17.0, Thunderbird ESR 10.0.11, and SeaMonkey 2.14 and apply any necessary updates to help mitigate the risk.

Adobe Releases Security Update for ColdFusion

added Tuesday, November 20, 2012 at 1:41 pm

Adobe has released a security hotfix for ColdFusion 10 Update 1 and above for Windows. This hotfix resolves a vulnerability affecting ColdFusion on Windows Internet Information Services (IIS), which could result in a denial of service.

US-CERT encourages users and administrators to review Adobe Security Bulletin APSB12-25 to determine which updates should be applied.

This product is provided subject to this Notification and this Privacy & Use policy.

Technical Documents