Network traffic encrypted using an RSA-based SSL certificate may be decrypted if enough SSLv2 handshake data can be collected. Exploitation of this vulnerability – referred to as DROWN in public reporting – may allow a remote attacker to obtain the private key of a server supporting SSLv2.
US-CERT encourages users and administrators to review Vulnerability Note VU#583776 and the US-CERT OpenSSL Current Activity for additional information and mitigation details.
OpenSSL has released updates to address vulnerabilities in prior versions. Exploitation of some of these vulnerabilities may allow a remote attacker to obtain sensitive information. Updates available include:
OpenSSL 1.0.2g for 1.0.2 users
OpenSSL 1.0.1s for 1.0.1 users
Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary updates.
Apple has released a security update for Apple TV to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected device.
US-CERT encourages users and administrators to review the Apple security update for Apple TV 7.2.1 (3rd generation) and apply the necessary update.
Drupal has released updates to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected website.
Available updates include:
Drupal core 6.38 for 6.x users
Drupal core 7.43 for 7.x users
Drupal core 8.0.4 for 8.0.x users
Users and administrators are encouraged to review Drupal’s Security Advisory and apply the necessary updates.
Original release date: February 23, 2016 | Last revised: February 24, 2016
The Federal Trade Commission (FTC) has provided network security tips for vulnerable ASUS-branded wireless routers. Major security flaws in these routers may have exposed customers’ sensitive information to malicious actors.
FTC urges consumers to download the latest security updates for their routers and be cautious when setting up any personal cloud storage. Users and administrators are encouraged to visit FTC’s blog for more information and review US-CERT’s Tip on Securing Your Home Network ST15-002.
US-CERT is aware of a vulnerability in Microsoft Enhanced Mitigation Experience Toolkit (EMET) versions prior to 5.5. Exploitation of this vulnerability may allow a remote attacker to bypass or disable EMET to take control of an affected system.
US-CERT recommends users and administrators visit the Microsoft Security TechCenter and upgrade to EMET version 5.5. For additional information, please review the FireEye threat research blog.
Google has released Chrome version 48.0.2564.116 to address a vulnerability for Windows, Mac, and Linux. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review the Chrome Releases page and apply the necessary update.
GNU glibc contains a buffer overflow vulnerability in the DNS resolver. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
Users and administrators are encouraged to review Vulnerability Note VU#457759 and the glibc Project Notification for additional details and to refer to their respective Linux or Unix-based OS vendor for an appropriate patch.
The Mozilla Foundation has released security updates to address vulnerabilities in Firefox and Firefox ESR. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.
Available updates include:
Firefox 44.0.2
Firefox ESR 38.6.1
US-CERT encourages users and administrators to review the Security Advisory for Firefox and Firefox ESR and apply the necessary updates.
Cisco has released a security update to address a vulnerability in its ASA software. Exploitation of this vulnerability could allow a remote attacker to take control of an affected system.
US-CERT encourages users and administrators to review the Cisco Security Advisory and apply the necessary update.