Original release date: May 08, 2014 Cisco has released a security advisory to address multiple buffer overflow vulnerabilities in Cisco WebEx Recording Format and Advanced Recording Format Players. Successful exploitation of the vulnerabilities could cause an affected player to crash or allow a…
Original release date: May 01, 2014 Microsoft has released out-of-band updates to address a critical use-after-free vulnerability in Internet Explorer versions 6 through 11, including IE versions running on Windows XP. US-CERT recommends that users and administrators review Microsoft Security…
Original release date: April 29, 2014 The Mozilla Foundation has released security updates to address multiple vulnerabilities in Firefox, Thunderbird, and Seamonkey. Exploitation of these vulnerabilities may allow an attacker to obtain sensitive information, cause a denial-of-service condition,…
Original release date: April 28, 2014 US-CERT is aware of active exploitation of a vulnerability in versions of Flash Player which could potentially allow an attacker to take control of an affected system. Adobe has released security updates to address these vulnerabilities. The following updates…
Original release date: April 28, 2014 US-CERT is aware of active exploitation of a use-after-free vulnerability in Microsoft Internet Explorer. This vulnerability affects IE versions 6 through 11 and could allow unauthorized remote code execution. US-CERT recommends that users and administrators…
Original release date: April 25, 2014 Google has released security updates to address multiple vulnerabilities in Chrome. Some of these vulnerabilities may lead to memory corruption or arbitrary code execution. Updates available include: Chrome 34.0.1847.131 for Windows and Mac . Chrome…
Original release date: April 23, 2014 Apple has released firmware update 7.7.3 for AirPort Extreme and AirPort Time Capsule base stations with 802.11ac. The update addresses the OpenSSL "Heartbleed" vulnerability where an attacker may obtain memory contents. US-CERT recommends that users…
Original release date: April 23, 2014 Apple has released security updates for Mac OS X, iOS devices, and Apple TV to address multiple vulnerabilities, some of which could allow an attacker to execute arbitrary code, cause application termination, or expose users to covert eavesdropping. Updates…
A statement from Michaels: Dear Valued Customers: In January, we notified you that we might have experienced a data security incident. We wanted you to know quickly so you could take steps to monitor activity on your payment card account. Since that time, we have continued our extensive…
Original release date: April 17, 2014 Adobe has released a security update to address a vulnerability in Adobe Reader Mobile 11.1.3 and earlier versions for Android. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code via a crafted PDF document. US-CERT…
Original release date: April 17, 2014 Google has released Chrome 34.0.1847.120 for all Chrome OS devices, except HP Chromebook Pavillion, to address multiple bug fixes, security updates, and feature enhancements. Users and administrators are encouraged to review the Google Chrome release blog entry…
Unsolicited commercial email may be a privacy and/or security violation under the Federal Trade Commission of the United States of America. SPAM should be forwarded to uce@ftc.gov.