| Jun 09, 2010 |
Google Releases Chrome 5.0.375.70 Google has released Chrome 5.0.375.70 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, conduct cross-site scripting attacks, bypass security restrictions, or obtain sensitive information. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 5.0.375.70 to help mitigate the security risks. |
| Jun 08, 2010 |
Microsoft Releases June Security Bulletin Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, SharePoint, and .NET Framework as part of the Microsoft Security Bulletin Summary for June 2010. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated privileges. US-CERT encourages users and administrators to review the bulletins and follow best-practice security policies to determine which updates should be applied. |
| Jun 08, 2010 |
Apple Releases Safari 5.0 and Safari 4.1 Apple has released Safari 5.0 and Safari 4.1 for Windows and Mac OS X to address multiple vulnerabilities in ColorSync, Safari, and WebKit. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, obtain sensitive information, or conduct cross-site scripting attacks. US-CERT encourages users and administrators to review Apple article HT4196 and apply any necessary updates to help mitigate the risks. |
| Jun 05, 2010 |
Adobe Releases Security Advisory for Flash Player, Reader, and Acrobat Adobe has released a security advisory to notify users of a vulnerability in Adobe Flash Player, Reader, and Acrobat. Exploitation of this vulnerability may allow an attacker to execute arbitrary code and take control of the affected system. The advisory indicates that Adobe is aware of active exploitation of this vulnerability. US-CERT encourages users and administrators to review Adobe security advisory APSA10-01 and apply any necessary workarounds until a fix is released by the vendor. US-CERT will provide additional information as it becomes available. |
| Jun 04, 2010 |
Microsoft Releases Advance Notification for June Security Bulletin Microsoft has issued a Security Bulletin Advance Notification, indicating that its June release will contain ten bulletins. Three of these bulletins will have the severity rating of critical and will be for Microsoft Windows and Internet Explorer. The remaining bulletins will have the severity rating of important and will be for Microsoft Windows, Microsoft Office, and Microsoft Sharepoint Services. Release of these bulletins is scheduled for Tuesday, June 8, 2010. US-CERT will provide additional information as it becomes available. |
| May 27, 2010 |
Cisco Network Building Manager Vulnerabilities Cisco has released a security advisory to address multiple vulnerabilities in Network Building Manager. The advisory indicates that the legacy Richards-Zeta Mediator products are also affected by these vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to operate with escalated privileges or obtain sensitive information. US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100526-mediator and apply any necessary updates to help mitigate the risks. |
| May 26, 2010 |
Google Releases Chrome 5.0.375.55 Google has released Chrome 5.0.375.55 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to bypass security restrictions, execute script in an unsafe context, or mislead users. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to Chrome 5.0.375.55 to help mitigate the risks. |
| May 19, 2010 |
Apple Releases Updates for Java Mac OS X 10.5 and 10.6 Apple has released Java for Mac OS X 10.5 Update 7 and Java for Mac OS X 10.6 Update 2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple Article HT4170 and HT4171 and apply any necessary updates to help mitigate the risks. |
| May 13, 2010 |
Cisco Releases Updates for PGW Softswitch Cisco has released updates to address multiple vulnerabilities in Cisco PGW Softswitch. These vulnerabilities may allow an attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review Cisco security advisory cisco-sa-20100512-pgw and apply any necessary updates to help mitigate the risks. |
| May 12, 2010 |
Adobe Releases Update for Shockwave Player Adobe has released a security update to address multiple vulnerabilities in Adobe Shockwave Player 11.5.6.606 and earlier versions for both Windows and Macintosh operating systems. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Adobe security bulletin APSB10-12 and update to Adobe Shockwave Player 11.5.7.609 to help mitigate the risks. |