National Cyber Awareness System (NCAS)

  1. Original release date: January 20, 2022

    F5 has released its January 2022 Quarterly Security Notification addressing vulnerabilities affecting multiple versions of BIG-IP, BIG-IQ, and NGINX Controller API Management. A remote attacker could exploit these vulnerabilities to either deny service to, or take control of, an affected system.

    CISA encourages users and administrators to review the F5 security advisory and install updated software or apply the necessary mitigations as soon as possible.

    This product is provided subject to this Notification and this Privacy & Use policy.

  2. Original release date: January 20, 2022

    Drupal has released security updates to address vulnerabilities affecting Drupal 7, 9.2, and 9.3. An attacker could exploit these vulnerabilities to take control of an affected system.

    CISA encourages users and administrators to review the following Drupal security advisories and apply the necessary updates.

    This product is provided subject to this Notification and this Privacy & Use policy.

  3. Original release date: January 20, 2022

    Google has released Chrome version 97.0.4692.99 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

    CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as soon as possible.

    This product is provided subject to this Notification and this Privacy & Use policy.

  4. Original release date: January 20, 2022

    Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

    CISA encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

    This product is provided subject to this Notification and this Privacy & Use policy.

  5. Original release date: January 20, 2022

    CISA has released the final version of Internet Protocol version 6 (IPv6) Considerations for Trusted Internet Connections (TIC) 3.0. This guidance supports the federal government-wide deployment and use of the modernized network protocol. The final version includes feedback provided during the public comment period that ended in October 2021. See the fact sheet Response to Comments on Guidance: IPv6 Considerations for TIC 3.0 for a comprehensive analysis of comments received. This release is in accordance with Office of Management and Budget (OMB) Memorandum 21-07, which entrusts CISA with enhancing the TIC program to support IPv6 implementation in federal IT systems.

    CISA encourages IT decision-makers and administrators in all federal government agencies and organizations to review the Internet Protocol version 6 (IPv6) Considerations for Trusted Internet Connections (TIC) 3.0 for guidance in facilitating IPv6 implementation in federal IT systems.

    This product is provided subject to this Notification and this Privacy & Use policy.

Main Menu