|
Home > News > Tags > security update
|
|
30
Stories about: security update |
|
|
More: next 50 >>
Today, Microsoft started to deliver a new security update for its users, solving a total of 21 vulnerabilities that have been reported in its products.
The new security update includes a number of no less than 9 bulletins, four of which are deemed Critical, while the other five are rated Important.
On February 9... |
15 February 2012
05:39 GMT |
 |
|
Not long after zvelo researchers discovered that the Google Wallet's PIN is vulnerable to brute-force attacks that could be launched to guess the passcode, another issue was identified, the latter being treated by Google with much more care. The second issue identified was not new, and it couldn’t even be... |
15 February 2012
05:01 GMT |
|
|
Microsoft’s February 2012 bulletins, totaling a number of nine, address 21 security holes that were identified in a few products, some of which may have allowed an attacker to remotely execute malicious code if certain circumstances were met.
Kaspersky Securelist experts reveal that the vulnerabilities discov... |
15 February 2012
03:23 GMT |
|
|
Canonical announced the other day, in a security notice, that a new kernel update for its Ubuntu 11.10 (Oneiric Ocelot) operating system is now available, fixing four security vulnerabilities discovered in the Linux kernel packages by various developers. These are the kernel vulnerabilities found in the kernel packag... |
15 February 2012
02:19 GMT |
|
|
Adobe released the 11.6.4.634 variant of Shockwave Player to patch a number of nine security holes that were identified in the previous versions of the product, for both Windows and Mac operating systems.
If exploited, the vulnerabilities could allow an attacker to execute malicious code on the affected system, whic... |
14 February 2012
10:55 GMT |
|
|
The open-source forum script’s developers released the MyBB 1.6.6 security update for the 1.6 series to address one major and fourteen low risk issues that may have exposed their customers. A non-critical security hole that was resolved refers to the ability to import a non-CSS stylesheet. Prior to this update... |
10 February 2012
03:35 GMT |
|
|
The latest variant of the popular web browser, Chrome 17, not only brings new malicious file scanning technologies and page preloading features, but also patches some major security vulnerabilities found by researchers as part of Google’s bug bounty program.
A number of 20 security holes were identified in the... |
9 February 2012
08:15 GMT |
|
|
Superb Mini Server, a Linux operating system based on Slackware 13.37 and manageable through the Webmin web-based interface, is now at version 1.6.4. Superb Mini Server 1.6.4 is a minor update, as it mostly brings security updates to 2.6.39 kernels for CVE-2012-0056 local root exploit. A local user could gain root p... |
9 February 2012
03:22 GMT |
|
|
All RealPlayer variants contain a number of seven highly critical remote code execution vulnerabilities and as a result RealNetworks released the 15.02.71 version to address the issues. According to Secunia, unspecified errors exist in rvrender when processing RMFF flags. Other similar errors affect the products whe... |
8 February 2012
07:53 GMT |
|
|
The security researcher and the developer of the Suhosin PHP Extension, Stefan Esser, found a serious arbitrary remote code execution vulnerability and reported it to the PHP Group. As a result, PHP 5.3.10 was released to address the issue. It’s not certain if the older versions are affected, but the latest st... |
3 February 2012
02:52 GMT |
|
|
A security update, targeting users of Mac OS X 10.6 Snow Leopard, has been released by Apple alongside OS X 10.7.3, the newest version of OS X Lion.
Over 50 vulnerabilities are listed on Apple’s Support site, some of which are pretty serious. For example in areas like SquirrelMail and Webmail, security researc... |
2 February 2012
04:32 GMT |
|
|
The release notes for the latest stable variant of Firefox were made public, and we learned that a total of eight security flaws were patched up, five of which could have allowed an attacker to run arbitrary code and install software without any interaction from the user.
Firefox 10 addresses a potential memory corr... |
1 February 2012
07:36 GMT |
|
|
After recommending pcAnywhere customers to temporarily disable their products in order to prevent potential hack attacks, Symantec began releasing patches for all the affected versions to make sure users are protected.
On January 23, they released a patch for the 12.5 variant of pcAnywhere and now they made availabl... |
31 January 2012
07:28 GMT |
|
|
An authentication bypass vulnerability that existed in German Volksbank bank’s online Zinsuniversum (ZU) system has been fixed. A researcher from the Vulnerability Lab discovered the critical flaw in the bank’s website portal back in February 2011 and the financial institution responded and fixed the iss... |
20 January 2012
14:21 GMT |
|
|
After yesterday we’ve learned that the international airport in Dusseldorf patched up some serious vulnerabilities that could have allowed a remote attacker to execute arbitrary code, today researchers publicly disclose that another major German airport patched up the same types of flaws. Multiple blind SQL in... |
20 January 2012
09:34 GMT |
|
|
Stefan Esser, the developer of Suhosin, the advanced protection system for PHP installations, revealed the availability of Suhosin Extension 0.9.33 that addresses a stack buffer overflow issue that exists in the transparent cookie encryption.
The medium risk vulnerability can be exploited by an attacker to execute a... |
20 January 2012
05:03 GMT |
|
|
Oracle released the January Critical Patch Update (CPU) which addresses a number of 78 new security flaws across a large number of product families.
This quarter’s CPU resolves some important vulnerabilities, some of which may allow an attacker to remotely exploit a system.
Oracle Database, Oracle Outside, O... |
18 January 2012
05:09 GMT |
|
|
Oracle revealed the security vulnerabilities that are about to be addressed with the release of the January 2012 Critical Patch Update.
The 78 weaknesses currently affect hundreds of Oracle products which is why it’s important that users update their software to make sure they’re protected against cyber... |
13 January 2012
05:55 GMT |
|
|
After researchers showed how some programing language implementations and platforms were susceptible to hash collision attacks, PHP being among them, the PHP Group released PHP 5.3.9 which resolves the issue.
So far, the max_input_vars directive that mitigated hash collision attacks was present in PHP 5.4.0 RC4, but... |
13 January 2012
03:13 GMT |
|
|
Canonical announced today, January 11th, that several more security vulnerabilities were discovered in the Linux kernel packages by various developers, this time affecting the Ubuntu 8.04 LTS (Hardy Heron) operating system. These are the kernel vulnerabilities found recently in the Linux kernel packages: CVE-2011-116... |
11 January 2012
12:11 GMT |
|
|
On January 10th, 2012, Microsoft released a new security update for its Windows products, as well as for Microsoft Developer Tools And Software, in an attempt to patch a number of eight vulnerabilities discovered in these products.
As announced in the advance notification for the January security bulletin release,... |
11 January 2012
08:35 GMT |
|
|
Since Adobe’s Reader X (10.1.1) and Acrobat X (10.1.1) could be protected against the recently discovered vulnerabilities that allowed an attacker to take control of an affected system by using them in Protected Mode and Protected View, the company released security updates for the products only on January 10, ... |
11 January 2012
03:29 GMT |
|
|
Microsoft released a number of seven security bulletins for January 2012 that address vulnerabilities found in Windows Media, Windows ClickOnce application installer, Windows Object Packager, the operating system’s Kernel, and the now famous SSL/TLS protocol weakness dubbed BEAST. The vulnerability in the SSL ... |
11 January 2012
02:56 GMT |
|
|
Tomorrow, Microsoft will push to its customers a new software update as part of its monthly schedule, and will have a number of seven bulletins included in the release.
The Microsoft Security Bulletin Advance Notification for January 2012 that was issued today offers some info on tomorrow’s update, though th... |
9 January 2012
08:17 GMT |
|
|
With the release of the new beta version of Chrome 17, Google also released the 16.0.912.75 stable version which comes with three major security bug fixes. Mozilla’s Boris Zbarsky found a high-priority use-after-free flaw in animation frames for which he was rewarded with $1,000 (700 EUR). The same amount of b... |
6 January 2012
15:01 GMT |
|
|
Recent research reveals that some series of HP printers have firmware issues that can cause major information leaks, especially when we're thinking about printers in large networks. While especially-devised documents can be infected with malicious code, printing them can give a hacker complete access over the r... |
6 January 2012
09:30 GMT |
|
|
The latest events surrounding HP LaserJet printers caused a lot of waves and many owners are desperately trying to update their firmware to protect their devices against hackers. Since the firmware is not easy to find on HP’s site, our Drivers Department is offering you easy-to-find download links for your HP L... |
6 January 2012
07:31 GMT |
|
|
Canonical updated the AFPL Ghostscript packages, an interpreter for the PostScript language and for PDF, for the Ubuntu 10.10, Ubuntu 10.04 LTS, and Ubuntu 8.04 LTS OSes. It was discovered that Ghostscript did not correctly handle memory allocation when parsing certain malformed JPEG-2000 images, did not correctly ha... |
4 January 2012
10:58 GMT |
|
|
A couple of Indian security researchers, Aditya Modha and Samir Shah, found an easy-to-exploit cross-site scripting (XSS) weakness that affected all WordPress 3.3 websites, but version 3.3.1 was quickly released to fix the issue. The researchers showed that by posting a comment on a targeted site using a special scr... |
4 January 2012
02:38 GMT |
|
|
On December 29th, 2011, Microsoft released an out-of-band security update for all Windows flavors starting with Windows XP, in an attempt to fix a number of vulnerabilities discovered in Microsoft .NET Framework 1.1 and later. Four security holes were patched with this update, one of which was rated critical. Whil... |
30 December 2011
03:11 GMT |
|
|
Microsoft rushed to release an out-of-band security update to resolve a denial-of-service (DoS) issue that affected ASP.NET versions 1.1 and later on all supported variants of the .NET framework. A large number of web platforms are affected by the hash collision problem, but the Redmond company was among the first to... |
30 December 2011
01:44 GMT |
|
|
A couple of researchers showed how a common flaw in the implementation of the most popular web programming languages and applications can be used to force servers to use their CPU at full capacity for several minutes, causing a denial-of-service (DoS) condition. Julian Wälde and Alexander Klink made a presentat... |
29 December 2011
07:16 GMT |
|
|
A couple of researchers found that a critical vulnerability affects most web application frameworks, allowing a cybercriminal to launch denial-of-service (DoS) attacks. Since Apache Tomcat web server is among the ones affected, the Tomcat security team came forward with a workaround for the issue. Apache Tomcat is v... |
29 December 2011
05:14 GMT |
|
|
A serious vulnerability that could allow a cybercriminal to issue a denial-of-service (DoS) attack on Ruby was found. The attack is possible with the aid of a specially crafted series of strings that collide their hash values. The deterministic hash function used to hash a string in the 1.8 series of Ruby, which mak... |
29 December 2011
04:17 GMT |
|
|
On December 29, 2011, at 10:00 AM Pacific Time Microsoft will release an out-of-band security update to address a critical security flaw found in ASP.NET, that affects all supported versions of the .NET framework, which could allow for an unauthenticated denial-of-service (DoS) attack on servers that serve ASP.NET we... |
29 December 2011
02:40 GMT |
|
|
Simple Machines Forum (SMF) project released SMF 1.1.16 and SMF 2.0.2 critical security patches to make sure the Internet users who rely on the forum script are completely protected against potential cyberattacks.
Among the resolved issues we find sorting the memberlist by online status, which caused an error in Pos... |
28 December 2011
04:55 GMT |
|
|
After Columbia University researchers Ang Cui and Salvatore Stolfo found a vulnerability in HP LaserJet printers that could allow a hacker to remotely control it to launch cyberattacks, steal information and in some scenarios even set it on fire, HP released a firmware update to mitigate the issue.
“HP has bui... |
27 December 2011
08:22 GMT |
|
|
A few days back we saw how security researcher Billy Rios got angry at Siemens after the company claimed that no authorization bypass flaws were present in their SIMATIC systems. Now, Siemens came forward with a statement reporting that they’re planning to fix the vulnerabilities next month.
Rios became upset ... |
27 December 2011
07:35 GMT |
|
|
The 3.4.9 variant of the popular open source database administration tool, phpMyAdmin, comes with a couple of security fixes which patch up some flaws that could have allowed a cybercriminal to launch cross-site scripting attacks.
According to the release notes, an XSS flaw existed in the setup interface if special... |
27 December 2011
04:37 GMT |
|
|
WordPress users who don’t want to wait for the next core release to fix bugs, can now turn to this latest unofficial plugin for upgrading their WP core.
The 0.8 release of the Hotfix plugin resolves an issue in which plugins and theme styles bled into the dashboard. This means that if the patch is applied them... |
23 December 2011
05:20 GMT |
|
|
The latest variant of the popular email client, Thunderbird 9, fixes one critical and five moderate security flaws which in certain conditions could allow a hacker to take advantage of them and compromise a computer.
According to the security advisory that came with the new release, an issue due to which the applica... |
22 December 2011
10:02 GMT |
|
|
The security advisory that comes with the release of the latest version of the popular web browser, Firefox 9, reveals that a number of four critical, a high and a moderate impact security vulnerabilities were fixed.
A critical one refers to the fact that the application crashes when a video is scaled to extreme siz... |
21 December 2011
05:04 GMT |
|
|
Multiple reflective cross-site scripting (XSS) vulnerabilities were found in the 3.1.5 version of Fork CMS, the open-source PHP and MySQL content management system.
The flaws, tested on Windows XP and Windows Vista using Internet Explorer 9, were present in both the front end and the administrator panel.
In the 3.1... |
21 December 2011
04:31 GMT |
|
|
After they came across some serious zero-day vulnerabilities in some of their products, Adobe released a security update to patch up Adobe Reader 9.4.6 and earlier 9.x versions and Adobe Acrobat 9.4.6 and earlier 9.x versions. Since the X (10.1.1) variants can be protected by using them in Protected Mode and Protec... |
19 December 2011
08:35 GMT |
|
|
The 0.3.0.5 variant of the Advanced Onion Router, a piece of software designed as an improved alternative for the Tor+Vidalia+Privoxy bundle, fixes bugs that affected its functionality, but it also resolves an important buffer overflow error which could have allowed a hacker to remotely exploit a device. The buffer ... |
16 December 2011
08:24 GMT |
|
|
The latest variant of the popular open source instant messaging application, Pidgin 2.10.1, comes with several functionality bug fixes, but also with some important ones that resolve flaws which could have allowed an attacker to launch a malicious operation.
One of the issues, reported by Evgeny Boger, could have be... |
16 December 2011
04:47 GMT |
|
|
On December 13th, Microsoft announced the release of a new set of security updates for its Windows platform and for other products, and one of these was aimed at patching vulnerabilities found in Internet Explorer. Three vulnerabilities have been recently found in Internet Explorer, the most severe of which could ... |
15 December 2011
05:45 GMT |
|
|
Some serious vulnerabilities that could have allowed an attacker to launch a cross-site scripting (XSS) attack on Adobe’s ColdFusion customers were patched up with the latest hotfix.
Shawn Gorrell and Howard Fore of the Federal Reserve Bank of Atlanta, and Oren Hafif from Hacktics ASC, Ernst & Young were the o... |
14 December 2011
09:54 GMT |
|
|
On December 13th, 2011, Microsoft released a number of 13 security bulletins to address various flaws that its Windows platform and other products were found to have.
Among these, we can count a number of no less than three rated Critical in severity, while the rest of 10 are rated Important. The company recommend... |
14 December 2011
06:41 GMT |
|
|
The latest stable variant of Google’s Chrome web browser not only comes with some great new features, but also with some highly welcomed security fixes. With this release, Google handed out $6,000 (4,200 EUR) to the individuals who contributed to finding and fixing the issues. URL bar spoofing with view-sour... |
14 December 2011
06:34 GMT |
|
More: next 50 >> |
|
|
Find us on Google+
