Microsoft Release Patch for Windows 7 and Windows Server 2008 R2 Systems

Original release date: March 29, 2018

Microsoft has released security updates to address a vulnerability in Windows 7 x64 and Windows Server 2008 R2 x64 systems. Exploitation of this vulnerability may allow an attacker to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review Vulnerability Note VU#277400 and Microsoft’s Advisory for more information and apply the necessary updates.


This product is provided subject to this Notification and this Privacy & Use policy.


Apple Releases Multiple Security Updates

Original release date: March 29, 2018

Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

NCCIC/US-CERT encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:


This product is provided subject to this Notification and this Privacy & Use policy.


Apache Software Foundation Releases Security Update

Original release date: March 29, 2018

The Apache Software Foundation has released a security update to address a vulnerability in Struts 2. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

NCCIC/US-CERT encourages users and administrators to review the Apache Security Bulletin and make the necessary update.


This product is provided subject to this Notification and this Privacy & Use policy.


IC3 Issues Alert on Tech Support Fraud

Original release date: March 29, 2018

The Internet Crime Complaint Center (IC3) has released an alert on tech support fraud. Tech support fraud involves criminals claiming to provide technical support to fix problems that don't exist. Their methods include placing calls, sending pop-ups, engaging misleading lock screens, and sending emails to entice users to accept fraudulent tech support services. Users should not give control of their computers or mobile devices to any stranger offering to fix problems.

NCCIC/US-CERT encourages users and administrators to refer to the IC3 Alert and the NCCIC Tip on Avoiding Social Engineering and Phishing Attacks for more information. If you believe you are a victim of a tech support scam, file a complaint with the IC3 at www.ic3.gov.


This product is provided subject to this Notification and this Privacy & Use policy.