Security Bulletins

  • Critical Vulnerability in Microsoft HTTP.sys

    A critical vulnerability in Microsoft's HTTP.sys component may lead to remote code execution.

  • Adobe Flash Vulnerability Currently Being Exploited

    Adobe Flash is vulnerable to exploit that could allow an attacker to take control of the affected system.

  • Critical SSL Vulnerability: POODLE

    Vulnerability in SSL 3.0

  • Critical Bash Exploit: Shellshock

    Critical Bash Exploit: Shellshock

  • Vulnerability in some versions of OpenSSL

    Vulnerability in OpenSSL versions 1.0.1 before 1.0.1g

  • CryptoLocker

    New ransomware named CryptoLocker threatens to destroy data unless a payment is made.

  • Vulnerable Java versions being actively exploited

    Critical Java Vulnerability included in Exploit Kit

  • Vulnerabilities in Adobe ColdFusion

    This bulletin details four recently published, critical rated, vulnerabillies in Adobe ColdFusion and ways to mitigate the risk of them being exploited including the hotfix for supported versions.

  • Java Security Recommendations

    As the use of Java applets on websites continues to diminish and in light of the rash of recent vulnerability exploits, the implications of installing Java for use in web browsers should be considered carefully.

  • Zero Day Java 7 Vulnerability

    On January 10, 2013, security researchers reported a zeroday vulnerability in Oracle Java 1.7u10.

  • Subscribe to Bulletins

    Read the UISO Bulletins three different ways: HTML, RSS, and email.

    To subscribe via email, send an email message to list@indiana.edu with a body of:
    subscribe uiso-bulletins-l

    Security & Policy Blog Posts