| Mar 10, 2011 |
Apple Releases Safari 5.0.4 Apple has released Safari 5.0.4 to address multiple vulnerabilities in the ImageIO, libxml, and WebKit packages. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct cross-site scripting attacks. US-CERT encourages users and administrators to review Apple article HT4566 and apply any necessary updates to help mitigate the risks. |
| Mar 09, 2011 |
Apple Releases Java Updates for Mac OS X 10.5 and OS X 10.6 Apple has released Java for Mac OS X 10.5 Update 9 and Java for Mac OS X 10.6 Update 4 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4563 and HT4562 and apply any necessary updates to help mitigate the risks. |
| Mar 09, 2011 |
Google Releases Chrome 10.0.648.127 Google has released Chrome 10.0.648.127 for all platforms to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or bypass security restrictions. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks. |
| Mar 08, 2011 |
Microsoft Releases March Security Bulletin Microsoft has released updates to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for March 2011. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies to determine which updates should be applied. |
| Mar 03, 2011 |
Microsoft Releases Advance Notification for March Security Bulletin Microsoft has issued a Security Bulletin Advance Notification indicating its March release will contain three bulletins. One of these bulletins will have the severity rating of critical and will be for Microsoft Windows. The remaining two bulletins will be have the severity rating of important and will be for Microsoft Windows and Office. Release of these bulletins is scheduled for Tuesday, March 8, 2011. US-CERT will provide additional information as it becomes available. |
| Mar 03, 2011 |
Apple Releases iTunes 10.2 Apple has released iTunes 10.2 to address multiple vulnerabilities affecting the ImageIO, libxml, and WebKit packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4554 and apply any necessary updates to help mitigate the risks. |
| Mar 01, 2011 |
Mozilla Releases Thunderbird 3.1.8 Mozilla has released Thunderbird 3.1.8 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the relevant Mozilla Foundation Security Advisories and update to Thunderbird 3.1.8. |
| Mar 01, 2011 |
Google Releases Chrome 9.0.597.107 Google has released Chrome 9.0.597.107 for all platforms to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates to help mitigate the risks. |
| Feb 28, 2011 |
Cisco Releases Multiple Security Advisories Cisco has released six security advisories to address vulnerabilities in multiple Cisco products. Security advisory cisco-sa-20110223-asa, addresses multiple vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances. Successful exploitation of these vulnerabilities could cause a denial-of-service condition or allow unauthorized file system access. Security advisory cisco-sa-20110223-fwsm, addresses multiple vulnerabilities in Cisco Firewall Services Module (FWSM) for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers. Successful exploitation of this vulnerability could cause a denial-of-service condition. Security advisory cisco-sa-20110223-telepresence-cts, addresses multiple vulnerabilities in Cisco TelePresence Endpoint devices. Successful exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition or to take control of the affected device. Security advisory cisco-sa-20110223-telepresence-ctrs, addresses multiple vulnerabilities in Cisco TelePresence Recording Server. Successful exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, to take control of the affected device, or cause a denial-of-service condition. Security advisory cisco-sa-20110223-telepresence-ctsman, addresses multiple vulnerabilities in Cisco TelePresence Manager. Successful exploitation of these vulnerabilities may allow an attacker to bypass security restrictions or take control of the affected device. Security advisory cisco-sa-20110223-telepresence-ctms, addresses multiple vulnerabilities in Cisco TelePresence Multipoint Switch. Successful exploitation of these vulnerabilites may allow an attacker to execute arbitrary code, take control of the affected system or device, or cause a denial-of-service condition. US-CERT encourages users and administrators to review the Cisco advisories and apply any necessary updates of workarounds to mitigate the risks. |
| Feb 23, 2011 |
Internet System Consortium Releases BIND Advisory The Internet System Consortium has released an advisory to address a vulnerability affecting BIND versions 9.7.1 through 9.7.2-P3. This vulnerability may allow an attacker to cause a denial-of-service condition. US-CERT encourages users and administrators using the affected versions of BIND to upgrade to BIND 9.7.3 or check with their software vendor for updated versions. Additional information regarding this vulnerability can be found in US-CERT Vulnerability Note VU#559980. |