|
Home > News > Tags > Security Update
|
|
30
Stories about: Security Update |
|
|
More: next 50 >>
Canonical announced a few hours ago, May 21st, in a security notice, that a new Linux kernel update for its Ubuntu 12.04 LTS (Precise Pangolin) operating system is now available, fixing two security vulnerabilities discovered in the Linux kernel packages by various developers. These are the two kernel vulnerabiliti... |
22 May 2012
03:15 GMT |
 |
|
Bitcoin has released a new variant of the peer-to-peer digital currency system to address a denial-of-service (DOS) vulnerability that could have been leveraged by an attacker to isolate a victim’s node and create blockchain forks. The security hole, considered to be critical, has been found by Forrest Voight,... |
18 May 2012
09:35 GMT |
|
|
Google Chrome 19 brings not only the new Open Tab sync feature, but also a number of important improvements in the security sector. Totaling 20, the list includes 5 low, 7 medium and 8 high severity bugs. The flaws cataloged as being low-severity were attributed to Aki Helin, Brett Wilson and Charlie Reis, both from... |
16 May 2012
06:01 GMT |
|
|
The update Avira sent out on May 14 turned out to be problematic for many users and even companies because the antivirus kept detecting critical system processes as being malicious. The incident occurred due to the ProActiv module present in Antivirus Premium, Professional Security and Internet Security, customers of... |
16 May 2012
03:34 GMT |
|
|
Not only has Apple strengthened Leopard with the release of a dedicated security update, but the Mac maker has also rolled out Flashback Removal Security Update v1.0 for Mac OS X v10.5.8. Affecting several Mac OS iterations, the Flashback botnet reported last month didn’t skip Mac OS X v 10.5 aka Leopard... P... |
15 May 2012
02:50 GMT |
|
|
After the first security update failed to properly address the PHP-CGI issue made public by mistake a few days ago, the PHP Group made another attempt to fix the source code disclosure and remote code execution vulnerabilities. PHP 5.4.3 and PHP 5.3.13 resolve CVE-2012-2311 and CVE-2012-1823, the CVEs associated wit... |
9 May 2012
10:21 GMT |
|
|
Even though the vulnerability leveraged by the Duqu malware was addressed five months ago, Microsoft found that the same piece of code was being utilized in other products. As a result, the May 2012 security bulletins issued by the company fix a number of applications that contained the code. The security hole exist... |
9 May 2012
07:00 GMT |
|
|
A new version of Silverlight 5 is now available for download for the users of computers running under Microsoft’s Windows platform. Released on Tuesday as Silverlight 5 Build 5.1.10411.0, the latest flavor of the free plug-in powered by the .NET framework also arrives with the latest security patches that Mic... |
9 May 2012
05:51 GMT |
|
|
On Tuesday, May 8th, Redmond-based software giant Microsoft issued a new security update for its users, addressing 23 vulnerabilities in various products. Seven bulletins were included in the update, three of which are rated Critical, while the other four are rendered Important. Following the Advanced Notificatio... |
9 May 2012
03:51 GMT |
|
|
Acunetix has released a security update for the Web Vulnerability Scanner 8 (WVS 8) to include not only a number of improvements in the features department, but also a new security check for the now-infamous PHP-CGI vulnerability. The updated version of Acunetix WVS 8 checks if PHP-CGI installations are vulnerable t... |
8 May 2012
11:00 GMT |
|
|
After the PHP-CGI bug was made public, PHP rushed to issue a patch, but as it later turned out, it didn’t completely address the problem. Researchers from De Eindbazen have added a new patch that should fix the vulnerability, but it only works if applied on top of the official PHP security update. PHP have alm... |
5 May 2012
05:15 GMT |
|
|
Next week, Microsoft will begin the roll-out of a new security update to users of its products, as part of the usual set of improvements that it is delivering each and every month. The new set of enhancements will be pushed out to users on May 8, 2012 and will include a number of seven bulletins, addressing various ... |
4 May 2012
07:52 GMT |
|
|
Owners of websites who fear they might suffer data breaches as a result of which their files may be altered with malicious code can now turn to File Inspection, a WordPress plugin that creates MD5 hashes from every file in their blogs.
By creating the hashes, in case the site is hacked, the admin can easily check wh... |
1 May 2012
06:31 GMT |
|
|
Malware that targets Mac OS X machines is becoming widespread and most major companies have come to realize that Apple products are not as safe from malicious viruses as they were once. As expected, Microsoft also came forward to provide an example of a Mac OS X threat.
This particular malware, identified as Exploit... |
1 May 2012
05:56 GMT |
|
|
In the April 2012 Critical Patch Update (CPU) released by Oracle, the company claimed to have addressed a TNS Listener issue that had affected the Oracle Database since 2008. However, the researcher who uncovered the flaw has learned that the patch is only applied to future variants of the application and not to exis... |
27 April 2012
11:01 GMT |
|
|
With the release of Firefox 12, Mozilla not only introduced the silent update feature, but also addressed a number of 14 security holes that exposed the web browser’s customers to malicious operations. Seven of the vulnerabilities that affected the previous versions of Firefox were considered to be critical. I... |
25 April 2012
07:05 GMT |
|
|
The Eastern European hacker known as Sepo found that the Victoria Commercial Bank of Kenya's website (victoriabank.co.ke ) and the ones of SwedBank from Lithuania (swedbank.lt ) and Ukraine contained some vulnerabilities that might have allowed cybercriminals to gain access to customer information.
After being... |
23 April 2012
06:36 GMT |
|
|
Check Point revealed the availability of GAiA, a unified secure operating system, and ThreatCloud, considered to be the first collaborative network purposed to aid organizations in the fight against cybercrime. With the release of its Software Blade Architecture, R75.40, the company introduces a 64 bit operating sys... |
18 April 2012
08:37 GMT |
|
|
Oracle is urging customers to apply the April 2012 Critical Patch Update (CPU), which addresses a number of 88 security holes that affect several products.
The affected pieces of software include versions of Oracle Database, Oracle Application Server, Oracle BI Publisher, Oracle DB UM Connector for Oracle Identity M... |
18 April 2012
07:42 GMT |
|
|
Mac OS X and Linux users who rely on Samba, the open source file and print service, are urged to update the software to ensure that they are protected against attacks that leverage a remote code execution vulnerability.
Samba 3.6.4, Samba 3.5.14 and 3.4.16, along with patches for older variants, have been released t... |
12 April 2012
07:25 GMT |
|
|
Vulnerability Lab researcher Shadab Siddiqui found multiple Blind SQL Injection flaws in four websites owned by Oracle. Steve Meert, part of Oracle’s security team, worked closely with Benjamin Kunz Mejri to address the issues. The security holes were identified by Siddiqui at the end of March. One day after ... |
12 April 2012
02:46 GMT |
|
|
The latest batch of updates for Windows computers and other products from Microsoft brought along a series of security patches for Internet Explorer as well, to fix a series of flaws discovered to affect all versions of the application following IE6.A total of five vulnerabilities were patched with this update; the m... |
11 April 2012
10:51 GMT |
|
|
Adobe released Reader 10.1.3 and Acrobat 10.1.3 to address a number of vulnerabilities that could cause the applications to crash and maybe even allow an attacker to execute arbitrary code.
The list of fixed weaknesses includes an integer overflow in True Type Font handling, a memory corruption flaw in JavaScript ha... |
11 April 2012
10:06 GMT |
|
|
On Tuesday, April 10th, 2012, Microsoft released a new security patch for its products, as part of the monthly updates it has been pushing out for the past years. The new security release includes no less than six bulletins, just as announced last week in an advance notification, and patches a total of eight Critic... |
11 April 2012
05:49 GMT |
|
|
Among the 6 security bulletins released by Microsoft as part of the April 2012 updates, there’s one that addresses a vulnerability that’s already being leveraged to launch a limited number of targeted attacks. Because of the current attacks, this update is considered to be the most important of this month... |
11 April 2012
04:12 GMT |
|
|
The April 2012 security updates from Microsoft address a number of vulnerabilities, among which a critical remote code execution issue in the .NET Framework. The security hole could allow an attacker to remotely execute arbitrary code.
The flaw can be exploited if the attacker can convince the victim to open a speci... |
11 April 2012
03:03 GMT |
|
|
On April 10th, 2012, Microsoft will deliver a new software update for its products as part of the usual monthly update rollout.
A total number of six bulletins will be included in the update, four of which are rated critical, and which are meant to patch several security holes that were discovered in various produ... |
7 April 2012
05:57 GMT |
|
|
The Beta and Stable channels of Chrome, Google’s popular browser, have been updated to version 18.0.1025.151. With this latest update, a number of improvements in the security sector were also rolled out.
Some of the security experts that uncovered the vulnerabilities, including miaubiz, Arthur Gerkis, and Sła... |
6 April 2012
08:12 GMT |
|
|
The Joomla Project released Jomla 2.5.4. The latest variant contains 3 new features and a large number of fixes that address problems which affected the previous variants.
The new features include the option to show full CMS version number in the generator tag, access level for content languages, and an improvement ... |
4 April 2012
09:20 GMT |
|
|
MyBB 1.6.7 was released not only as a maintenance and security update, but also as one that addresses a few vulnerabilities which in certain circumstances may have allowed cybercriminals to cause some serious damage to affected forums.
In this variant, 70 bugs were fixed and 5 new feature updates were made. However,... |
2 April 2012
05:52 GMT |
|
|
A total of 9 vulnerabilities were resolved by Google with the release of the new stable variant of the Chrome web browser. It turns out that some of the security holes that were addressed in Chrome 18 rely on the studies performed by the company during the Pwnium competition. So what was fixed? In the high severi... |
29 March 2012
05:37 GMT |
|
|
Adobe released Flash Player 11.2 not only to provide customers with some new features for gaming, but also to address a couple of critical memory corruption vulnerabilities that affected the earlier versions of the product.
The update addresses a memory corruption flaw related to URL security domain checking and one... |
29 March 2012
05:04 GMT |
|
|
The founder and CEO of Vulnerability Lab Benjamin Kunz Mejri, with the aid of researchers Alexander Fuchs and Ucha Gobejishvili, identified a number of high risk vulnerabilities that affected Skype, the popular instant messaging application. As the experts demonstrated, Skype 5.8.0.156 for Windows, Skype 5.5.2340 fo... |
29 March 2012
03:16 GMT |
|
|
The release of Opera 11.62 is catalogued by the company as being a “recommended security and stability update” in which not only vulnerabilities are addressed, but also a number of functionality issues.
The improvements made in the security sector are important because most of them are made to prevent cy... |
27 March 2012
05:29 GMT |
|
|
Vanilla 2.18.4 was released to address a security hole that exposed forums to cross-site scripting (XSS) attacks, along with other minor bugs.
A Vanilla community member informs that the update also fixes an unauthorized database manipulation issue.
“When posting a form, client can tamper with the form values... |
27 March 2012
04:11 GMT |
|
|
The Apache Software Foundation released Apache Traffic Server 3.0.4 Stable and Apache Traffic Server 3.1.3 Developer to address a heap overflow vulnerability that affected the previous versions of the product. The security hole was reported to Apache by CERT-FI, being discovered by the Codenomicon CROSS project. CE... |
23 March 2012
05:53 GMT |
|
|
Google rolled out a new stable variant of the popular web browser not only to address a Flash issue, but also to patch up a number of security holes that could have exposed users to malicious operations.
A total of $5,000 (3,750 EUR) was awarded to the researchers who identified the high-risk vulnerabilities that we... |
22 March 2012
06:27 GMT |
|
|
VLC 2.0.1 was released not only to address functionality bugs, but also a couple of security holes that may have been exploited by an attacker to execute arbitrary code. All previous versions of the popular media player were affected by a stack overflow vulnerability present in the MMS access plug-in (libaccess_mms_... |
19 March 2012
11:32 GMT |
|
|
A security update has been released to address a couple of cross-site scripting (XSS) vulnerabilities that affected IP.Board 3.2.0, 3.2.1, 3.2.2 and the latest variant 3.2.3. Initially, a patch was made available on March 9 to address one of the issues, but a few days later another fix was released to resolve the se... |
16 March 2012
06:31 GMT |
|
|
Gretech released GOM Player 2.1.39.5101 to address the vulnerabilities identified by Georgian security researcher Ucha Gobejishvili a couple of days ago.
The Vulnerability Lab expert made a proof-of-concept video to demonstrate how an attacker could locally or remotely exploit a security hole present in the popular ... |
14 March 2012
11:50 GMT |
|
|
Pidgin 2.10.2, the latest version of the popular instant messaging application, not only brings functionality improvements, but also some security fixes. The bugs that existed may have caused the application to crash, potentially allowing a remote attacker to execute arbitrary code.
A possible MSN remote crash, iden... |
14 March 2012
09:14 GMT |
|
|
The March 2012 security update is now available for download from Microsoft’s servers, bringing along fixes for no less than 7 breaches found in them.
Just as announced last week, Microsoft issued a number of six bulletins to address the various issues that Windows and other products were affected by.
The ... |
14 March 2012
07:51 GMT |
|
|
Adobe identified a major security hole, ranked as priority 2, in the Windows, Mac, and UNIX versions of ColdFusion 9.0.1 and earlier variants.
To ensure that customers are not affected by the potential denial-of-service (DOS) attack that can be launched by cybercriminals who rely on this flaw, a hotfix has been rele... |
14 March 2012
05:28 GMT |
|
|
Even though initially Mozilla revealed that Firefox 11’s release might be delayed due to some security concerns, the company managed to keep on schedule. The latest variant of the popular web browser comes with 5 critical and 3 moderate severity security improvements.
The critical vulnerabilities could be lev... |
14 March 2012
04:23 GMT |
|
|
The security bulletins released by Microsoft as part of the March 2012 updates address a couple of vulnerabilities that affect the Remote Desktop Protocol (RDP). Even though the security holes have been reported privately and there is no known exploitation in the wild, customers are advised to immediately update the... |
14 March 2012
03:52 GMT |
|
|
Since hackers started targeting computers via the web browser and its add-ons, Microsoft fitted Internet Explorer(IE) 10 with some sophisticated mechanisms to ensure that memory-related vulnerabilities were impossible, or highly difficult, to exploit.
Web browsers are usually targeted with buffer overflow attacks or... |
13 March 2012
11:40 GMT |
|
|
Apple recently released Safari 5.1.4, the latest version of the popular browser, bringing not only improvements in the feature department, but also some updates that address security holes that could allow an ill-intended hacker to cause some serious damage. One of the more important issues was identified by Matt Co... |
13 March 2012
04:44 GMT |
|
|
A few hours before the Pwnium competition ended, a security enthusiast known as Pinkie Pie earned himself a prize of $60,000 (45,000 EUR) for identifying three zero-day vulnerabilities present in Chrome. Google almost immediately released an update for the browser’s stable channel to address the issues. Pinki... |
12 March 2012
06:18 GMT |
|
|
Vulnerability Lab experts identified a number of web vulnerabilities in Barracuda’s CudaTel Phone Application 2.0.029.1, which is part of the CudaTel Communication Server, an easy-to-use audio-video communication system that’s used by businesses worldwide.
Benjamin Kunz Mejri, aka Rem0ve, the founder an... |
9 March 2012
03:48 GMT |
|
|
While many of the vulnerabilities found in Google Wallet have been addressed at some point, the possibility of a brute force attack against the application's PIN on rooted phones still haunted the company. In response to this issue, Google decided to ditch support for rooted devices.
In the past period numerous... |
6 March 2012
08:50 GMT |
|
More: next 50 >> |
|
|
Find us on Google+
