| Feb 12, 2010 |
Google Releases Chrome 4.0.249.89 Google has released Chrome 4.0.249.89 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or obtain sensitive information. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 4.0.249.89 for Windows to help mitigate the risks. |
| Feb 12, 2010 |
Adobe Releases Security Bulletins for Acrobat, Reader, and Flash Player Adobe has released two security bulletins to address vulnerabilities in Adobe Acrobat, Reader, and Flash Player. The first bulletin, APSB10-06, is a security update for Adobe Flash Player and Adobe AIR that addresses a critical vulnerability. Exploitation of these vulnerabilities may allow an attacker to make unauthorized cross-domain requests. The bulletin indicates that the update also addresses a potential denial-of-service issue. The second bulletin, APSB10-07, is a security advisory for Adobe Reader and Acrobat. This advisory indicates that Adobe is planning to release updates for Adobe Reader and Acrobat on February 16, 2010 to address critical security issues. US-CERT encourages users and administrators to review Adobe Bulletins APSB10-06 and APSB10-07 and apply any necessary updates to help mitigate the risks. US-CERT will provide additional information as it becomes available. |
| Feb 10, 2010 |
Cisco Releases Advisory for IronPort Encryption Appliance Cisco has released an advisory to address multiple vulnerabilities in IronPort Encryption Appliance. Exploitation of these vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information. US-CERT encourages users and administrators to review Cisco Security Advisory cisco-sa-20100210-ironport and apply any necessary workarounds to help mitigate the risks. Additional information regarding these vulnerabilities can be found in Cisco Applied Mitigation Bulletin 111668. |
| Feb 09, 2010 |
Microsoft Releases February Security Bulletin Microsoft has released an update to address vulnerabilities in Microsoft Windows and Office as part of the Microsoft Security Bulletin Summary for February 2010. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or operate with elevated privileges. US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied. |
| Feb 07, 2010 |
Oracle Releases Security Alert for WebLogic Server Vulnerability Oracle has released a security alert to address a vulnerability in Oracle WebLogic Server. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands on an affected system. US-CERT encourages users and administrators to review the Oracle security alert and apply any necessary updates to help mitigate the risks. |
| Feb 04, 2010 |
Microsoft Releases Advance Notification for February Security Bulletin Microsoft has issued a Security Bulletin Advance Notification, indicating that its February release cycle will contain 13 bulletins. Five of them will have a severity rating of Critical and will be for Microsoft Windows. The remaining eight bulletins have an Important rating and are for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, February 9, 2010. US-CERT will provide additional information as it becomes available. |
| Feb 04, 2010 |
Apple Releases iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod touch Apple has released iPhone OS 3.1.3 and iPhone OS 3.1.3 for iPod touch to address vulnerabilities in the CoreAudio, ImageIO, Recovery Mode and WebKit packages. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information. US-CERT encourages users and administrators to review Apple article HT4013 and apply any necessary updates to help mitigate the risks. |
| Feb 03, 2010 |
Microsoft Releases Security Advisory 980088 Microsoft has released Security Advisory 980088 to alert users of a vulnerability in Microsoft Internet Explorer. The advisory indicates that exploitation of this vulnerability may allow an attacker to harvest user credentials and other sensitive information by enticing users to visit a maliciously crafted web page. US-CERT encourages users and administrators to review Microsoft Security Advisory 980088 and apply the suggested workarounds of running Internet Explorer in Protected Mode and setting the Internet zone security setting to High to mitigate the risk of unwanted information disclosure. |
| Jan 28, 2010 |
Cisco Releases Security Advisory for Unified MeetingPlace Cisco has released a security advisory to address multiple vulnerabilities in Unified MeetingPlace. These vulnerabilities may allow a remote, unauthenticated attacker to obtain sensitive information, manipulate configuration data, create unauthorized accounts, operate with elevated privileges or cause a denial-of-service condition. US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100127-mp and apply any necessary updates to help mitigate the risks. |
| Jan 26, 2010 |
Google Releases Chrome 4.0.249.78 Google has released Chrome 4.0.249.78 for Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, bypass security restrictions, or cause a denial-of-service condition. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 4.0.249.78 for Windows to help mitigate the risks. |