Security News

A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.
  1. Original release date: December 07, 2017

    Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. A remote attacker could exploit these vulnerabilities to take control of an affected system.

    US-CERT encourages users and administrators to review the Mozilla Security Advisory for Firefox 57.0.2 and ESR 52.5.2 and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  2. Original release date: December 07, 2017

    Microsoft has released updates to address a vulnerability in Microsoft Malware Protection Engine affecting multiple products. A remote attacker could exploit this vulnerability to take control of an affected system.

    US-CERT encourages users and administrators to review Microsoft's Advisory and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  3. Original release date: December 06, 2017

    Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

    US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:


    This product is provided subject to this Notification and this Privacy & Use policy.


  4. Original release date: December 06, 2017

    Google has released Chrome version 63.0.3239.84 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

    US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.


    This product is provided subject to this Notification and this Privacy & Use policy.


  5. Original release date: December 05, 2017

    As the holiday season begins, many people will travel with their mobile devices. Although these devices—such as smart phones, tablets, and laptops—offer a range of conveniences, users should be mindful of potential threats and vulnerabilities while traveling with them.

    US-CERT encourages users to review the US-CERT Tips on Holiday Traveling with Personal Internet-Enabled Devices and Cybersecurity for Electronic Devices. The suggested security practices in these tips will help travelers secure their portable devices during the holiday season and throughout the year.


    This product is provided subject to this Notification and this Privacy & Use policy.