Juniper Releases Out-of-band Security Advisory for ScreenOS

Original release date: December 17, 2015 Juniper has discovered unauthorized code in ScreenOS which could allow an attacker to take control of NetScreen devices and to decrypt VPN connections. US-CERT recommends that users and administrators review Juniper Security Bulletin 2015-12 and update all affected ScreenOS versions.   This product is provided subject to this Notification Read more about Juniper Releases Out-of-band Security Advisory for ScreenOS[…]

Securing Home and Small Business Routers

Original release date: December 15, 2015 Home and Small Business routers have become the ideal target for attackers seeking to gain control over a user’s gateway to the Internet. Router misconfigurations (e.g., default credentials, interfaces open to the Internet) or the lack of security precautions (e.g., absence of updates) may make users susceptible to exploitation. Read more about Securing Home and Small Business Routers[…]

Internet Systems Consortium (ISC) Releases Security Updates for BIND

Original release date: December 15, 2015 ISC has released security updates to address vulnerabilities in BIND. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Available updates include: BIND 9 version 9.9.8-P2 BIND 9 version 9.10.3-P2 BIND 9 version 9.9.8-S3 Users and administrators are encouraged to review ISC Knowledge Base Read more about Internet Systems Consortium (ISC) Releases Security Updates for BIND[…]

Information Security

Mozilla Releases Security Updates for Firefox and Firefox ESR

Original release date: December 15, 2015 The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Available updates include: Firefox 43 Firefox ESR 38.5 US-CERT encourages users and administrators to review the Read more about Mozilla Releases Security Updates for Firefox and Firefox ESR[…]

Symantec Releases Security Update

Original release date: December 15, 2015 Symantec has released an update to address vulnerabilities in Symantec Endpoint Protection version 12.1. Exploitation of this vulnerability may allow an attacker to take control of an affected system. US-CERT encourages users and administrators to review the Security Advisory from Symantec (link is external) and apply the necessary update. Read more about Symantec Releases Security Update[…]

Information Security

Joomla! Releases Security Update for CMS

Original release date: December 15, 2015 Joomla! has released version 3.4.6 of its Content Management System (CMS) software to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website. US-CERT encourages users and administrators to review the Joomla! Release News and US-CERT’s Alert on Read more about Joomla! Releases Security Update for CMS[…]

Information Security

Apple Releases Security Update for iTunes

Original release date: December 11, 2015 Apple has released a security update for Apple iTunes to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review information on iTunes 12.3.2 and apply the necessary update. This product is Read more about Apple Releases Security Update for iTunes[…]

Information Security

Apple Releases Multiple Security Updates

Original release date: December 08, 2015 Apple has released security updates for iOS 9.2, tvOS 9.1, OS X, watchOS 2.1, Safari 9.0.2, and Xcode 7.2 to address multiple vulnerabilities, one of which could allow a remote attacker to take control of an affected system. Updates available include: iOS 9.2 for iPhone 4s and later, iPod Read more about Apple Releases Multiple Security Updates[…]

Information Security

Microsoft Releases December 2015 Security Bulletin

Original release date: December 08, 2015 Microsoft has released 12 updates to address vulnerabilities in Microsoft software. Exploitation of some of these vulnerabilities could allow a remote attacker to take control of an affected system. US-CERT encourages users and administrators to review Microsoft Security Bulletins MS15-124 through MS15-135 and apply the necessary updates. This product Read more about Microsoft Releases December 2015 Security Bulletin[…]

Adobe Releases Security Updates for Flash Player

Original release date: December 08, 2015 Adobe has released security updates to address multiple vulnerabilities in Flash Player. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review Adobe Security Bulletin APSB15-32 and apply the necessary updates. This product is Read more about Adobe Releases Security Updates for Flash Player[…]