|
Home > News > Tags > Vulnerability
|
|
30
Stories about: Vulnerability |
|
|
More: next 50 >>
Customers already running the latest iteration of the Windows client, Windows 7, along with the Internet Explorer 8 are safe from potential exploits targeting a zero-day vulnerability in older releases of Internet Explorer, according to Microsoft. In an email message to Softpedia, Alan Wallace, security response... |
24 November 2009
03:44 GMT |
 |
|
Details on a zero-day vulnerability affecting Internet Explorer are currently available in the wild, having been published to the BugTraq mailing list last week. So far, Microsoft has not commented on the exploit code made available in the wild, but security company Symantec has confirmed that it is fully functional... |
23 November 2009
07:56 GMT |
|
|
Microsoft has released a patch for a Critical Windows kernel vulnerability affecting both Windows Vista RTM/SP1 and SP2 and Windows XP SP2 and SP3. Therefore, customers are advised to apply the update immediately. Earlier this week, the Redmond company gave green light to the distribution process of no less than six ... |
12 November 2009
07:11 GMT |
|
|
A hefty 143MB download is required on behalf of those who wish only to address the latest security holes found in Mac OS X. Incorporated in the Mac OS X 10.6.2 update as well, Security Update 2009-006 delivers a whopping 44 code corrections on its own.Among almost four dozen vulnerabilities, discovered with the help ... |
10 November 2009
05:45 GMT |
|
|
Windows customers will need to get ready and deploy security patches come next week, with the exception of users that have already upgraded to the latest iteration of the client. Microsoft is readying a total of six security bulletins for release on November 10, 2009, no less than four of them targeting Windows rele... |
6 November 2009
07:17 GMT |
|
|
On October 13th, 2009, Microsoft started serving to Windows users patches for no less than 34 vulnerabilities, releasing the most security bulletins in the company’s history. The 13 security bulletins made available are designed to offer fixes for a range of security issues affecting Windows, Internet Explorer,... |
14 October 2009
12:11 GMT |
|
|
Microsoft has made available five security bulletins that affect the latest iteration of the Windows client, nine days away from the official general availability deadline of the product. Windows 7 was released to manufacturing on July 22nd, and is scheduled to hit the shelves next week, on October 22nd. October 13th... |
14 October 2009
09:36 GMT |
|
|
Microsoft will, for the first time ever, release updates designed to fix security vulnerabilities in the gold version of its latest Windows client. Throughout the development process, early adopters and testers of Windows 7 Beta Build 7000 and Release Candidate (RC) Build 7100 have been able, on more than one occasio... |
9 October 2009
09:03 GMT |
|
|
A total of five security bulletins designed to patch no less than eight vulnerabilities impacting various Windows releases was made available via Windows Update on September 8th, 2009. As it is customary, Microsoft also bundled the patches for security holes in Windows operating systems in a single package and made i... |
11 September 2009
10:58 GMT |
|
|
Security Update 2009-005 is recommended for all Mac OS X Leopard and Tiger users, as it improves the security of Mac OS X. The release, which patches a total of 16 vulnerabilities, incorporates previous security updates as well. The update is aimed at users of Mac OS X Leopard and Tiger, Client and Server versions, I... |
11 September 2009
04:22 GMT |
|
|
Microsoft has added protection against exploits targeting a vulnerability in the Server Message Block (SMB) implementation in mere hours. However, only customers running the Forefront TMG Network Inspection System can breathe easy. The Redmond-based company informed that the protection against the Critical zero-day v... |
10 September 2009
04:35 GMT |
|
|
Microsoft has confirmed that a zero-day vulnerability in Server Message Block (SMB) Protocol could allow for remote code execution in the eventuality of successful attacks. Various Windows releases are affected, the company informed; however, this is not the case of Windows 7 RTM Build 6.1.7600.16385, or the gold mil... |
9 September 2009
09:52 GMT |
|
|
A Web worm that spreads by exploiting a vulnerability in older versions of WordPress has put the blogosphere in alert mode. Once it compromises a vulnerable installation, the worm begins to taint older blog entries with malicious links and, in some cases, it can even destroy data. Reports of hacked, WordPress-powere... |
8 September 2009
04:56 GMT |
|
|
In tandem with the release of Java for Mac OS X 10.5 Update 5, Apple has posted two additional Support articles outlining the versions it patches, as well as the exact issues it addresses. This release of J2SE 5.0 and J2SE 1.4.2 supports all Intel and PowerPC-based Macs, according to Apple. “Java for Mac OS X ... |
4 September 2009
03:51 GMT |
|
|
The bugs addressed in the latest Java update have been fixed on PCs a month ago, but Apple is only now issuing its own Java update, patching holes long known to exist in the software. Granted, Apple makes its own Java patches, but, as security companies point out, the company that touts its OS as highly secure has no... |
4 September 2009
03:36 GMT |
|
|
Renowned security expert Sophos has discovered that Apple is downgrading Mac OS X 10.6 users to an old, vulnerable version of Adobe Flash Player (10.0.23.1), which is susceptible to attacks, according to the company. "Mac users are not informed that Snow Leopard has downgraded their version of Flash without permissi... |
3 September 2009
03:02 GMT |
|
|
Microsoft has offered official confirmation of a new zero-day vulnerability impacting various releases of Internet Information Services (IIS). The security flaw resides in the FTP service, explained Alan Wallace, senior communications manager for the security response communications team at Microsoft, noting that in ... |
2 September 2009
10:01 GMT |
|
|
Website administrators using the Parallels Plesk Panel, a web-hosting tool, should be very careful when thinking about activating the shortname authentication feature for all web services. If turned on, attackers could gain access to all shortname authenticated processes, including the SMTP server and use it to relay... |
22 August 2009
05:25 GMT |
|
|
On the heels of releasing the August 2009 security bulletins via Windows Update and as standalone downloads, Microsoft has also made available the patches targeting supported Windows releases packaged as an ISO image. Now, all administrators have the possibility to leverage automated solutions for patch deployment su... |
13 August 2009
11:58 GMT |
|
|
eBay developer accounts may have been compromised by an unknown security flaw. On August 10, 2009, in an announcement from Kumar Kandaswamy, manager of the eBay Developer Program, the e-commerce giant revealed that a dangerous security flaw had been discovered in the Developer Program.According to Mr. Kandaswamy, no ... |
13 August 2009
08:26 GMT |
|
|
When it launched Windows Vista back in January 2007, Microsoft made sure to emphasize added security as part of the Wow. The company has yet to unveil its marketing strategy for Windows 7, although the evolution of user protection is bound to be a strong selling point, but the operating system has already passed an i... |
12 August 2009
13:05 GMT |
|
|
Microsoft released no less than eight security bulletins for the various supported releases of Windows client and server operating systems, including for the latest service packs of Windows Vista and Windows XP. Out of the total of patch packages impacting Windows, half feature a maximum severity rating of Critical, ... |
12 August 2009
11:43 GMT |
|
|
With the release of Safari 4.0.3 yesterday, Apple not only improved stability and compatibility with the software, but also included a number of security fixes, detailed in a Support document on the company’s official web site. Affecting Safari 4 for Windows and Mac (Tiger and Leopard), a total of 6 vulnerabil... |
12 August 2009
06:13 GMT |
|
|
After the release of the new 2.8.3 security update, WordPress faces a dangerous vulnerability that can lock out blog owners from their admin account. Using the online password reset function, hackers can remotely reset the admin password.This issue was first reported by Laurent Gaffie on August 11 in a mailing l... |
11 August 2009
05:55 GMT |
|
|
Researchers from Finnish security testing company Codenomicon warn that most open source XML parsing libraries suffer from vulnerabilities that can be exploited to generate denial of service conditions or execute hostile code. This research could have huge implications as there are a big number of applications that u... |
6 August 2009
06:12 GMT |
|
|
Earlier today, Softpedia reported the availability of GarageBand 5.1, a highly recommended update for users of GarageBand '09 (iLife '09). Besides addressing general compatibility issues, while improving the stability of the software, Apple has also disclosed (in a detailed Support piece), that the GarageBa... |
4 August 2009
02:50 GMT |
|
|
Slashdot reports that Apple keyboards are vulnerable to hackers' attacks due to the complexity of their inner workings, which include RAM and flash memory. According to the report, the hack can potentially place keyloggers and malware directly into the device's firmware. To make matters even worse, the auth... |
3 August 2009
08:49 GMT |
|
|
The security bulletin released for Visual Studio Active Template Library is an integral part of a package of patches made available out-of-band, namely outside of the normal monthly update cycle, by Microsoft. The Microsoft Security Bulletin MS09-035 was released in conjunction with MS09-034 for Internet Explorer, an... |
29 July 2009
12:17 GMT |
|
|
Microsoft made an out-of-band security update for Internet Explorer on July 28th, 2009. The move, which is an exception to the Redmond company's monthly patch cycle, is designed to bulletproof IE users against potential attacks designed to exploit vulnerabilities in Microsoft Active Template Library (ATL). Micro... |
29 July 2009
10:55 GMT |
|
|
Internet Systems Consortium (ISC), the maintainer of BIND, advises that a critical vulnerability allows attackers to perform denial of service attacks by sending malformed dynamic update messages to DNS servers using the software. Administrators are urged to deploy patches for their operating system immediately, if a... |
29 July 2009
04:57 GMT |
|
|
Microsoft is cooking a security refresh for Internet Explorer 8, and earlier supported versions of the browser, that will be released tomorrow, July 28th, 2009. According to the Redmond company, the IE update will be accompanied by a security bulletin for Visual Studio. The software giant underlined that, although tw... |
27 July 2009
05:52 GMT |
|
|
A hacker has published details about a zero-day vulnerability found in the popular DD-WRT open source firmware for wireless routers. Exploiting the flaw is rather trivial and allows an attacker to execute arbitrary commands as root. DD-WRT is a Linux-based firmware that can be installed on more than 200 wireless rou... |
22 July 2009
09:52 GMT |
|
|
The July 2009 Security Release ISO Image is now available for download from Microsoft, having been offered concomitantly with the company's monthly patch cycle releases. In addition to serving each month's security bulletins through Windows Update, the software giant is also packaging the patches aimed for ... |
17 July 2009
11:15 GMT |
|
|
On July 14th, as an integral part of the monthly patch release cycle, Microsoft made available a total of six security bulletins impacting Windows platforms, Office Publisher, ISA Server, and Virtual PC and Virtual Server. Three of the patch packages affect various releases of the Windows client and server operating ... |
15 July 2009
11:45 GMT |
|
|
Customers running various releases of the Office System will need to take the necessary precautions in order to bulletproof their computers against exploits targeting a zero-day vulnerability affecting Office Web Components, Microsoft warned. According to the Redmond company, limited, active attacks have been detecte... |
13 July 2009
10:45 GMT |
|
|
Come July 14, Microsoft is gearing up to release six security patches for various software products, including the latest service packs available for its Windows clients. Half of the security bulletins coming next week target the Windows client and server platforms, with the rest designed to patch vulnerabilities in ... |
10 July 2009
06:29 GMT |
|
|
Microsoft has confirmed that it is aware of what Christopher Budd, security response communications lead for the company, referred to as limited, active attacks that exploited a zero-day Critical vulnerability affecting Video ActiveX control. Budd pointed out that only users running Windows XP and Windows Server 2003... |
7 July 2009
08:38 GMT |
|
|
Charlie Miller, the winner of two consecutive editions of the Pwn2Own hacking contest, is signaling that a critical vulnerability exists in the way iPhones handle their text messages. According to the security expert, an attacker could exploit the hole even to turn on the phone's microphone to eavesdrop on a con... |
2 July 2009
10:33 GMT |
|
|
It is nothing short of ironic that game password stealing malware is being associated with an exploit designed to target a vulnerability in DirectX. But Microsoft officially confirmed that malicious code designed to harvest account credentials for online games had been detected bundled with exploits targeting the Dir... |
26 June 2009
10:43 GMT |
|
|
Upon releasing the latest version of the iPhone OS, Apple posted a Support document outlining some of the security issues the update addresses, including CoreGraphics, Exchange, Mail and Safari bugs. In total, Apple has patched 38 holes in the operating system, some of which are detailed below. Exchange Available f... |
18 June 2009
05:25 GMT |
|
|
Concomitantly with this month's security bulletin releases, Microsoft has also made available for download the June 2009 Security Release ISO Image. The ISO image is designed as a package containing all the patches released by Microsoft on June 9th, 2009, but only those plugging vulnerabilities in Windows client... |
12 June 2009
11:41 GMT |
|
|
Microsoft has released the first security update for the latest version of its browser. Internet Explorer 8 downloads became available to the public in mid-March 2009, and in parallel the successor of IE7, running on Windows 7 no less, was hacked by a security researcher participating in the CanSecWest Vancouver 2009... |
10 June 2009
13:01 GMT |
|
|
On June 9th, as an integral part of its monthly patch cycle, Microsoft made available no less than 10 security bulletins resolving 31 vulnerabilities across a range of products. Out of the 10 patch packages no less than six impact releases of Windows client and server operating systems. Microsoft also issued a cumula... |
10 June 2009
09:04 GMT |
|
|
As an integral part of this month's release of security bulletins, Microsoft has made available the IE Cumulative Security Update for June 2009 through its Windows Update or Microsoft Update distribution channels. The cumulative refresh for Internet Explorer contains patches for no less than eight vulnerabilitie... |
10 June 2009
05:20 GMT |
|
|
Come June 9, 2009, Microsoft plans to release no less than 10 security bulletins for various supported releases of Internet Explorer, Windows client and server operating systems and the Office System. The majority of the patch packages impact Windows OSes, the Redmond company explains; however, users of operating sys... |
5 June 2009
10:02 GMT |
|
|
Apple has disclosed that both iTunes 8.2 and QuickTime 7.6.2 have been suffering from a few security issues, with QuickTime alone being in need of some ten patches. Two of these ten security holes recently plugged by Apple have been confirmed as Windows-specific. In a Support document detailing the security content ... |
2 June 2009
10:28 GMT |
|
|
Windows 7 RC, as well as its precursor, Windows Vista, and the R2 and RTM/SP1 releases of Windows Server 2008 are immune to a zero-day vulnerability affecting DirectX on older versions of Windows. The security hole makes Windows 2000 Service Pack 4, Windows XP (including SP2 and SP3), and Windows Server 2003 vulnerab... |
29 May 2009
07:19 GMT |
|
|
Apple has reportedly left aside a critical vulnerability in Sun's Java platform, for which it develops its own software updates. The company has released the latest batch of updates for Mac users just last week and is now getting fire from security researchers and the Mac blogosphere for failing to issue a patch... |
21 May 2009
07:03 GMT |
|
|
Information on a new 0-day vulnerability affecting Microsoft server is available in the wild, the Redmond company has confirmed. The software giant has informed that it is investing public reports of a security hole in various versions of Internet Information Services (IIS). The Redmond company has published a prelim... |
19 May 2009
04:08 GMT |
|
|
Although May 2009 initially appeared to be a slow month for Microsoft on the security updates front, the company ended up releasing no less than 14 patches for just as many vulnerabilities affecting various versions of Office PowerPoint. However, Microsoft Security Bulletin MS09-017 is rated Critical because of a sin... |
13 May 2009
07:35 GMT |
|
More: next 50 >> |
|
|
