US CERT Current Activity

Syndicate content
A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.
Updated: 2 hours 18 min ago

Apple Releases Security Updates for iOS, Apple TV, and Xcode

Thu, 09/18/2014 - 13:01
Original release date: September 18, 2014

Apple released security updates for iOS devices, Apple TV, and Xcode to address multiple vulnerabilities, some of which could allow attackers to execute code with system privileges or cause an unexpected application termination.

Updates available include:

  • iOS 8 for iPhone 4s and later, iPod touch 5th generation and later, and iPad 2 and later
  • Apple TV 7 for Apple TV 3rd generation and later
  • Xcode 6.0.1 for OS X Mavericks v10.9.4 and later

Users and administrators are encouraged to review Apple security updates HT6441, HT6442, and HT6444 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Adobe Releases Security Updates for Adobe Reader and Acrobat

Tue, 09/16/2014 - 17:45
Original release date: September 16, 2014

Adobe has released security updates for Adobe Reader and Acrobat for Windows and Macintosh. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system.

US-CERT encourages users and administrators to review Adobe Security Bulletin APSB14-20 and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Cisco Integrated Management Controller Vulnerability

Thu, 09/11/2014 - 14:31
Original release date: September 11, 2014

Cisco has released an advisory to address a vulnerability in the Cisco Integrated Management Controller (Cisco IMC) SSH module of the Cisco Unified Computing System E-Series Blade servers that could allow an unauthenticated, remote attacker to cause a denial of service condition. Migration to release 2.3.1 is available for Cisco IMC Software versions 1.0.1, 1.0.2, 2.1.0, and 2.2.0.

Users and administrators are encouraged to review the Cisco Advisory and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Google Releases Security Update for Chrome

Wed, 09/10/2014 - 23:27
Original release date: September 10, 2014

Google has released Chrome 37.0.2062.120 for Windows, Mac and Linux. This update addresses multiple vulnerabilities one of which could potentially allow an attacker to cause a denial of service.

US-CERT encourages users and administrators to review the Google Chrome release blog and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Adobe Releases Security Updates for Flash Player and Air

Tue, 09/09/2014 - 23:57
Original release date: September 09, 2014

Adobe has released security updates to address multiple vulnerabilities in Adobe Flash Player and Air for Windows, Macintosh and Linux. Exploitation of these vulnerabilities could potentially allow an attacker to take control of the affected system.
 
Users and administrators are encouraged to review Adobe Security Bulletin APSB14-21 and apply the necessary updates.
 

 

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Microsoft Releases September 2014 Security Bulletin

Tue, 09/09/2014 - 15:54
Original release date: September 09, 2014

Microsoft released updates to address vulnerabilities in Windows, .NET Framework, Internet Explorer and Lync Server as part of the Microsoft Security Bulletin Summary for September 2014. Some of these vulnerabilities could allow remote code execution, elevation of privilege, or denial of service.

US-CERT encourages users and administrators to review the bulletin and apply the necessary updates.

 

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

WordPress Releases Security Update

Thu, 09/04/2014 - 15:35
Original release date: September 04, 2014

WordPress 3.9.2 has been released to address multiple vulnerabilities, one of which could allow a possible denial of service issue in PHP’s XML processing.  WordPress 3.7.3 or 3.8.3 users will be updated to 3.7.4 or 3.8.4. Users operating older, unsupported versions of WordPress are encouraged to upgrade to 3.9.2.

US-CERT recommends users and administrators review the WordPress Maintenance and Security Release blog   and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Mozilla Releases Security Updates for Firefox and Thunderbird

Wed, 09/03/2014 - 08:13
Original release date: September 03, 2014

The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox and Thunderbird. Exploitation of these vulnerabilities may allow an attacker to cause an exploitable crash or execute arbitrary code.

The following updates are available:              

  • Firefox 32
  • Firefox ESR 24.8
  • Firefox ESR 31.1
  • Thunderbird 31.1
  • Thunderbird 24.8

Users and administrators are encouraged to review the Security Advisories for Firefox, Firefox ESR and Thunderbird to determine which updates should be applied to mitigate these risks.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas

Google Releases Security Updates for Chrome

Wed, 08/27/2014 - 13:10
Original release date: August 27, 2014

Google has released Chrome 37.0.2062.94 for Windows, Mac and Linux. This update includes 50 security fixes some of which could allow a remote attacker to obtain unauthorized access or cause a denial of service.

US-CERT encourages users and administrators to review the Google Chrome release blog and apply the necessary updates.

This product is provided subject to this Notification and this Privacy & Use policy.


Categories: Alertas