4188 matches found
Adobe Releases Security Updates for Adobe Reader and Acrobat
Adobe has released security updates for Adobe Reader and Acrobat XI 11.0.05 and earlier versions for Windows and Macintosh to address multiple vulnerabilities affecting the following software versions: Adobe Reader XI 11.0.05 and earlier 11.x versions for Windows and Macintosh Adobe Reader X 10.1...
Microsoft Releases Advance Notification for January Security Bulletin
Microsoft has issued a Security Bulletin Advance Notification indicating its January release will contain four bulletins. These bulletins will have the severity rating of important and will be for Microsoft Office, Server Software, Windows, and Microsoft Dynamics AX, a multi-language,...
Microsoft Releases Security Advisory for Microsoft Windows Kernel
Microsoft has released Security Advisory 2914486 to address a vulnerability in a kernel component of Windows XP and Windows Server 2003. This vulnerability could allow an attacker to obtain elevation of privilege and then execute arbitrary code. Microsoft is aware of limited, targeted attacks tha...
Holiday Season Phishing Scams and Malware Campaigns
As the winter holidays approach, US-CERT reminds users to stay aware of seasonal scams and cyber campaigns, which may include: electronic greeting cards that may contain malware requests for charitable contributions that may be phishing scams and may originate from illegitimate sources claiming t...
Security Advisory for Microsoft Graphics Component
Microsoft has released a Security Advisory regarding a vulnerability in the Microsoft Graphics component that affects Microsoft Windows, Microsoft Office, and Microsoft Lync. An attacker could exploit this vulnerability by convincing a user to preview or open a specially crafted email message, op...
Oracle Releases October 2013 Security Advisory
Oracle has released its Critical Patch Update for October 2013 to address 127 vulnerabilities across multiple products. This update contains the following security fixes: 2 for Oracle Database Server 17 for Oracle Fusion Middleware 4 for Oracle Enterprise Manager Grid Control 1 for Oracle...
Cisco Releases Security Advisories
Cisco has released two security advisories to address multiple vulnerabilities. These vulnerabilities could allow an attacker to obtain elevation of privilege, bypass security controls, or cause a denial of service condition. US-CERT encourages users and administrators to review the following Cis...
Cisco Releases Multiple Security Advisories
Cisco has released two security advisories to address multiple vulnerabilities. These vulnerabilities may allow a remote attacker to execute arbitrary code on a vulnerable system or cause a denial-of-service condition. US-CERT encourages users and administrators to review the following Cisco...
Oracle Releases July 2013 Security Advisory
Oracle has released its Critical Patch Update for July 2013 to address 89 vulnerabilities across multiple products. This update contains the following security fixes: 6 for Oracle Database Server 21 for Oracle Fusion Middleware 1 for Oracle Hyperion 2 for Oracle Enterprise Manager Grid Control 7...
Security Hotfixes Available for Adobe ColdFusion
Adobe has released a security hotfix for ColdFusion 10 for Windows, Macintosh and Linux to address a vulnerability that could allow an attacker to cause an elevation of privilege condition. A security hotfix for Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 on JRun is available to address a vulnerabilit...
Oracle Releases April 2013 Security Advisory
Oracle has released its Critical Patch Update for April 2013 to address 128 vulnerabilities across multiple products. This update contains the following security fixes: 4 for Oracle Database Server 29 for Oracle Fusion Middleware 6 for Oracle E-Business Suite 3 for Oracle Supply Chain Products...
Recent Reports of DHS-Themed Ransomware (UPDATE)
US-CERT has received reports of increased activity concerning an apparently DHS-themed ransomware malware infection occurring in the wild. Users who are being targeted by the ransomware receive a message claiming that use of their computer has been suspended and that the user must pay a fine to...
Adobe Releases Security Update for ColdFusion
Adobe has released a security hotfix to address multiple vulnerabilities in Adobe ColdFusion versions 10, 9.0.2, 9.0.1 and 9.0 for Windows, Macintosh, and UNIX. These vulnerabilities could allow an attacker to bypass authentication controls. US-CERT recommends that users and administrators review...
Oracle Releases January 2013 Security Advisory
Oracle has released its Critical Patch Update for January 2013 to address 86 vulnerabilities across multiple products. This update contains the following security fixes: 6 for Oracle Database Server 7 for Oracle Fusion Middleware 13 for Oracle Enterprise Manager Grid Control 9 for Oracle E-Busine...
Microsoft Releases Security Advisory on Fraudulent Digital Certificates
Microsoft has released Security Advisory 2798897 in response to active attacks using fraudulent digital certificates issued by TURKTRUST Inc. These fraudulent certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This vulnerability affects al...
Cisco Releases Security Advisory for Cisco Secure Access Control Systems (ACS)
Cisco Secure Access Control Systems ACS contains a vulnerability that could allow an unauthenticated, remote attacker to bypass the TACACS+ based authentication service offered by the product. Cisco has released software updates that address this vulnerability. US-CERT encourages users and...
Security Updates Available for Adobe Flash Player
Adobe has released security updates for Adobe Flash Player. These updates address vulnerabilities that could cause a crash and potentially allow an attacker to take control of the affected system. Secure updates are available for the following versions of Adobe Flash Player: Adobe Flash Player...
Cisco Releases Security Advisory for WebEx Player
Cisco has released a security advisory to address vulnerabilities affecting the following products: Cisco WebEx Recording Format WRF Cisco Advanced Recording Format ARF These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages...
Adobe Releases Security Bulletin for Adobe Flash Player
Adobe has released a Security Bulletin for Adobe Flash Player to address vulnerabilities affecting the following software versions: Adobe Flash Player 11.2.202.235 and earlier versions for Windows, Macintosh, and Linux Adobe Flash Player 11.1.115.8 and earlier versions for Android 4.x Adobe Flash...
Apple Releases Flashback Malware Security Updates
Apple has released security updates to address Flashback malware in the following products: OS X Lion v10.7.3 OS X Lion Server v10.7.3 Mac OS X v10.6.8 Mac OS X Server v10.6.8 Apple has released a malware removal tool for the most common variant of the Flashback malware. If the malware is...
Microsoft Releases February Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, .Net Framework, Silverlight, Office, and Server Software as part of the Microsoft Security Bulletin Summary for February 2012. These vulnerabilities may allow an attacker to execute arbitrary code o...
Denial-of-Service Malware Campaign
US-CERT is aware of public reports of ongoing distributed denial-of-service attacks against entities in the government and private sector. According to the reports, these attacks are being attributed to the hacker group Anonymous. US-CERT encourages users and administrators to do the following to...
Personal Device Security During the Holiday Season
As the winter holiday travel season begins, US-CERT would like to remind users to be mindful of the security risks associated with portable devices such as smart phones, tablets, and laptops. US-CERT would like to encourage users to review the following US-CERT Cyber Security Tips. Following the...
Microsoft Releases September Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Microsoft Office, and Microsoft Server Software as part of the Microsoft Security Bulletin Summary for September 2011. These vulnerabilities may allow an attacker to execute arbitrary code or operate with elevated...
Cisco Releases Security Advisories
Cisco has released three security advisories to address vulnerabilities affecting the Cisco Unified Communications Manager, the Cisco Unified Presence Server, and the Cisco Intercompany Media Engine. These vulnerabilities may allow an attacker to disclose sensitive information or cause a...
Google Releases Chrome 13.0.782.215
Google has released Chrome 13.0.782.215 for Linux, Mac, Windows, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to...
Apple Releases Safari 5.1 and 5.0.6
Apple has released Safari 5.1 and 5.0.6 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, perform a cross-site scripting attack, or disclose sensitive information. US-CERT encourages users and administrators to review Apple Support Article...
Oracle Releases Critical Patch Update for July 2011
Oracle has released its Critical Patch Update for July 2011 to address 78 vulnerabilities across multiple products. This update contains the following security fixes: 13 for Oracle Database Server 3 for Oracle Secure Backup 7 for Oracle Fusion Middleware 18 for Oracle Enterprise Manager 1 for...
Apple Releases Java Updates for Mac OS X 10.5 and OS X 10.6
Apple has released Java for Mac OS X 10.5 Update 10 and Java for Mac OS X 10.6 Update 5 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review Apple articles HT4739 and HT4738 and apply any...
Google Chrome Releases 12.0.742.91
Google has released Chrome 12.0.742.91 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and update to...
Cisco Releases Security Advisory for Cisco Internet Streamer
Cisco has released a security advisory to address a vulnerability in the web server component of the Cisco Internet Streamer application, which is part of the Cisco Content Delivery System. This vulnerability may allow an attacker to cause a denial-of-service condition. US-CERT encourages users a...
Adobe Releases Flash Player and Flash Media Server Updates
Adobe has released updates for Flash Player and Flash Media Server to address multiple vulnerabilities. These vulnerabilities affect Adobe Flash Player 10.2.159.1 and earlier versions for Windows, Macintosh, Linux, and Solaris; Adobe Flash Player 10.2.157.51 and earlier versions for Android; Adob...
Microsoft Releases Advance Notification for May Security Bulletin
Microsoft has issued a Security Bulletin Advance Notification indicating its May release will contain two bulletins. One of these bulletins will have the severity rating of critical and will be for Microsoft Windows. The remaining bulletin will have the severity rating of important and will be fo...
Google Releases Chrome 11.0.696.57
Google has released Chrome 11.0.696.57 for Windows, Mac, Linux, and Chrome Frame to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or conduct cross-site scripting attacks. US-CERT encourages users and administrators to review the Google...
Adobe Releases Security Updates for Reader and Acrobat
Adobe has released updates for Adobe Reader and Acrobat for Windows and Macintosh. These updates address multiple vulnerabilities including the one described in the Flash Player security advisory APSA11-02. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code...
Apple Releases Security Updates
Apple has released the following security updates: Security Update 2011-002 addresses a vulnerability in the Certificate Trust Policy for Mac OS X v10.5.8, Mac OS X Server v10.5.8, Mac OS X v10.6.7, Mac OS X Sever v10.6.7. Exploitation of this vulnerability may allow an attacker to intercept user...
Microsoft Releases April Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, Internet Explorer, Office, Server Software, and Developer Tools as part of the Microsoft Security Bulletin Summary for April 2011. These vulnerabilities may allow an attacker to execute arbitrary code or operate with...
Google Releases Chrome 10.0.648.127
Google has released Chrome 10.0.648.127 for all platforms to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or bypass security restrictions. US-CERT encourages users and administrators t...
Adobe Releases Security Update for Flash Player
Adobe has released a security bulletin to address multiple vulnerabilities in Flash Player 10.1.102.64 and earlier versions for Windows, Macintosh, Linux, and Solaris. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition...
WordPress Releases Version 3.0.5
WordPress has released WordPress 3.0.5 to address multiple vulnerabilities. Execution of these vulnerabilities may allow an attacker to conduct cross-site scripting attacks or obtain sensitive information. US-CERT encourages users and administrators to review the WordPress Codex document for...
Google Releases Chrome 8.0.552.237
Google has released Chrome 8.0.552.237 for all platforms to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry a...
RIM Releases Security Advisory for BlackBerry Enterprise Server
RIM has released a security advisory to address a vulnerability in the PDF distiller of the BlackBerry attachment service for the BlackBerry Enterprise Server. The vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and...
Apple Releases Safari 5.0.3 and 4.1.3
Apple has released Safari 5.0.3 and 4.1.3 to address multiple vulnerabilities in the Safari and WebKit packages. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4455...
Microsoft Releases Advance Notification for November Security Bulletin
Microsoft has issued an Security Bulletin Advance Notification indicating that its November release will contain three bulletins. One of these bulletins will have the severity rating of critical and will be for Microsoft Office. The remaining two bulletins will have the severity rating of importa...
Adobe Releases Security Bulletin for Flash Player, Reader, and Acrobat
Adobe has released a security advisory to alert users of a vulnerability affecting the following applications: Adobe Flash Player 10.1.85.3 and earlier for Windows, Macintosh, Linux, and Solaris Adobe Flash Player 10.1.95.2 and earlier for Android Adobe Reader 9.4 and earlier 9.x versions for...
Microsoft Releases Advance Notification for Out-of-Band Security Bulletin
Microsoft has issued a Security Bulletin Advance Notification indicating that it will be releasing an out-of-band security bulletin to address a vulnerability affecting Windows. The Microsoft SharePoint Team blog indicates that this bulletin will address the recently reported vulnerability in...
Google Releases Chrome 6.0.472.59
Google has released Chrome 6.0.472.59 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates...
Apple Releases Safari 5.0.2 and 4.1.2
Apple has released Safari 5.0.2 and 4.1.2 to address multiple vulnerabilities in the Safari and WebKit packages. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4333...
RealNetworks Releases Update to Address Vulnerabilities in RealPlayer
RealNetworks, Inc. has released an update for RealPlayer to address multiple vulnerabilities. These vulnerabilities may allow a remote, unauthenticated attacker to execute arbitrary code or obtain sensitive information. US-CERT encourages users and administrators to review the RealNetworks, Inc...
Apple Releases Security Update 2010-005
Apple has released security update 2010-005 to address multiple vulnerabilities affecting the ATS, CFNetwork, ClamAV, CoreGraphics, libsecurity, PHP, and Samba applications. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, cause a...