|
Home > News > Tags > security update
|
|
30
Stories about: security update |
|
|
More: << previous 50 | next 50 >>
The Joomla Project has made available a new version of the popular content management system to address a couple of security holes that may have exposed users to malicious operations.
A high priority issue found in the Core refers to an SQL Injection vulnerability reported on February 29, 2012, which affects Joomla ... |
6 March 2012
03:39 GMT |
 |
|
Adobe released a priority 2 security update for Flash Player after discovering certain vulnerabilities that in theory could allow an attacker to take control of an affected system.
According to Adobe’s advisory, Flash Player 11.1.102.62 and earlier versions for all platforms, Adobe Flash Player 11.1.115.6 and... |
6 March 2012
03:22 GMT |
|
|
Wanting to make sure that its web browser is one of the safest on the market, Google released a new variant of Chrome Stable 17 to address some important vulnerabilities that may have affected the safety of users.
Chrome Stable 17.0.963.65 addresses a number of 14 high-severity flaws which include use-after-free iss... |
5 March 2012
05:25 GMT |
|
|
Website administrators who fear that their assets may be targeted by hackers can now turn to 6Scan, a plugin prepackaged for common web frameworks that secures a site against destruction, data theft, defacements, and more. 6Scan comes with three plans: Watchtower, Fortress, and Enterprise. The first is completely fr... |
28 February 2012
08:36 GMT |
|
|
The PostgreSQL Global Development Group released security updates for all the active versions of their open source object-relational database system. Among the updated variants, 9.1.3, 9.0.7, 8.4.11 and 8.3.18 are the ones worth mentioning.
The security updates address 45 issues that affected the 9.1 variant, inclu... |
28 February 2012
06:44 GMT |
|
|
The developer of Invision Power Board (IP.Board) revealed that it identified a cross-site scripting (XSS) issue that affects all the IP.Board 3.x variants, and as a result a simple one file patch was released to address the vulnerability.
“It has come to our attention that a XSS (Cross Site Scripting) attack i... |
20 February 2012
08:36 GMT |
|
|
A few days after it released Firefox 10.0.1 to address some major issues, Mozilla already made available the 10.0.2 variant of both the popular web browser and Thunderbird to resolve a vulnerability that exists in the libpng graphics library. The libpng library contains an exploitable integer overflow bug that an a... |
18 February 2012
06:59 GMT |
|
|
On February 14th, Microsoft released a new set of security patches for some of its products, including a Cumulative Security Update for Internet Explorer.
The update is now available for download via Windows Update, meant to resolve no less than 5 privately reported vulnerabilities in Internet Explorer.
As part o... |
16 February 2012
10:42 GMT |
|
|
The latest stable version of the popular Google Chrome web browser has been updated to the 17.0.963.56 version to address a total of 13 security holes, 7 of which were considered to be high risk.
These high-risk vulnerabilities include an integer overflow in PDF codecs, a possible user-after-free in database handlin... |
16 February 2012
04:32 GMT |
|
|
A zero-day vulnerability that exists in Adobe Flash Player 11.1.102.55 and earlier for Windows is currently being exploited by cybercriminals who social engineer users into clicking on malicious links sent via email. In response to the flaw that apparently affects only Internet Explorer customers, Adobe released Flas... |
16 February 2012
03:48 GMT |
|
|
Today, Microsoft started to deliver a new security update for its users, solving a total of 21 vulnerabilities that have been reported in its products.
The new security update includes a number of no less than 9 bulletins, four of which are deemed Critical, while the other five are rated Important.
On February 9... |
15 February 2012
05:39 GMT |
|
|
Not long after zvelo researchers discovered that the Google Wallet's PIN is vulnerable to brute-force attacks that could be launched to guess the passcode, another issue was identified, the latter being treated by Google with much more care. The second issue identified was not new, and it couldn’t even be... |
15 February 2012
05:01 GMT |
|
|
Microsoft’s February 2012 bulletins, totaling a number of nine, address 21 security holes that were identified in a few products, some of which may have allowed an attacker to remotely execute malicious code if certain circumstances were met.
Kaspersky Securelist experts reveal that the vulnerabilities discov... |
15 February 2012
03:23 GMT |
|
|
Canonical announced the other day, in a security notice, that a new kernel update for its Ubuntu 11.10 (Oneiric Ocelot) operating system is now available, fixing four security vulnerabilities discovered in the Linux kernel packages by various developers. These are the kernel vulnerabilities found in the kernel packag... |
15 February 2012
02:19 GMT |
|
|
Adobe released the 11.6.4.634 variant of Shockwave Player to patch a number of nine security holes that were identified in the previous versions of the product, for both Windows and Mac operating systems.
If exploited, the vulnerabilities could allow an attacker to execute malicious code on the affected system, whic... |
14 February 2012
10:55 GMT |
|
|
The open-source forum script’s developers released the MyBB 1.6.6 security update for the 1.6 series to address one major and fourteen low risk issues that may have exposed their customers. A non-critical security hole that was resolved refers to the ability to import a non-CSS stylesheet. Prior to this update... |
10 February 2012
03:35 GMT |
|
|
The latest variant of the popular web browser, Chrome 17, not only brings new malicious file scanning technologies and page preloading features, but also patches some major security vulnerabilities found by researchers as part of Google’s bug bounty program.
A number of 20 security holes were identified in the... |
9 February 2012
08:15 GMT |
|
|
Superb Mini Server, a Linux operating system based on Slackware 13.37 and manageable through the Webmin web-based interface, is now at version 1.6.4. Superb Mini Server 1.6.4 is a minor update, as it mostly brings security updates to 2.6.39 kernels for CVE-2012-0056 local root exploit. A local user could gain root p... |
9 February 2012
03:22 GMT |
|
|
All RealPlayer variants contain a number of seven highly critical remote code execution vulnerabilities and as a result RealNetworks released the 15.02.71 version to address the issues. According to Secunia, unspecified errors exist in rvrender when processing RMFF flags. Other similar errors affect the products whe... |
8 February 2012
07:53 GMT |
|
|
The security researcher and the developer of the Suhosin PHP Extension, Stefan Esser, found a serious arbitrary remote code execution vulnerability and reported it to the PHP Group. As a result, PHP 5.3.10 was released to address the issue. It’s not certain if the older versions are affected, but the latest st... |
3 February 2012
02:52 GMT |
|
|
A security update, targeting users of Mac OS X 10.6 Snow Leopard, has been released by Apple alongside OS X 10.7.3, the newest version of OS X Lion.
Over 50 vulnerabilities are listed on Apple’s Support site, some of which are pretty serious. For example in areas like SquirrelMail and Webmail, security researc... |
2 February 2012
04:32 GMT |
|
|
The release notes for the latest stable variant of Firefox were made public, and we learned that a total of eight security flaws were patched up, five of which could have allowed an attacker to run arbitrary code and install software without any interaction from the user.
Firefox 10 addresses a potential memory corr... |
1 February 2012
07:36 GMT |
|
|
After recommending pcAnywhere customers to temporarily disable their products in order to prevent potential hack attacks, Symantec began releasing patches for all the affected versions to make sure users are protected.
On January 23, they released a patch for the 12.5 variant of pcAnywhere and now they made availabl... |
31 January 2012
07:28 GMT |
|
|
An authentication bypass vulnerability that existed in German Volksbank bank’s online Zinsuniversum (ZU) system has been fixed. A researcher from the Vulnerability Lab discovered the critical flaw in the bank’s website portal back in February 2011 and the financial institution responded and fixed the iss... |
20 January 2012
14:21 GMT |
|
|
After yesterday we’ve learned that the international airport in Dusseldorf patched up some serious vulnerabilities that could have allowed a remote attacker to execute arbitrary code, today researchers publicly disclose that another major German airport patched up the same types of flaws. Multiple blind SQL in... |
20 January 2012
09:34 GMT |
|
|
Stefan Esser, the developer of Suhosin, the advanced protection system for PHP installations, revealed the availability of Suhosin Extension 0.9.33 that addresses a stack buffer overflow issue that exists in the transparent cookie encryption.
The medium risk vulnerability can be exploited by an attacker to execute a... |
20 January 2012
05:03 GMT |
|
|
Oracle released the January Critical Patch Update (CPU) which addresses a number of 78 new security flaws across a large number of product families.
This quarter’s CPU resolves some important vulnerabilities, some of which may allow an attacker to remotely exploit a system.
Oracle Database, Oracle Outside, O... |
18 January 2012
05:09 GMT |
|
|
Oracle revealed the security vulnerabilities that are about to be addressed with the release of the January 2012 Critical Patch Update.
The 78 weaknesses currently affect hundreds of Oracle products which is why it’s important that users update their software to make sure they’re protected against cyber... |
13 January 2012
05:55 GMT |
|
|
After researchers showed how some programing language implementations and platforms were susceptible to hash collision attacks, PHP being among them, the PHP Group released PHP 5.3.9 which resolves the issue.
So far, the max_input_vars directive that mitigated hash collision attacks was present in PHP 5.4.0 RC4, but... |
13 January 2012
03:13 GMT |
|
|
Canonical announced today, January 11th, that several more security vulnerabilities were discovered in the Linux kernel packages by various developers, this time affecting the Ubuntu 8.04 LTS (Hardy Heron) operating system. These are the kernel vulnerabilities found recently in the Linux kernel packages: CVE-2011-116... |
11 January 2012
12:11 GMT |
|
|
On January 10th, 2012, Microsoft released a new security update for its Windows products, as well as for Microsoft Developer Tools And Software, in an attempt to patch a number of eight vulnerabilities discovered in these products.
As announced in the advance notification for the January security bulletin release,... |
11 January 2012
08:35 GMT |
|
|
Since Adobe’s Reader X (10.1.1) and Acrobat X (10.1.1) could be protected against the recently discovered vulnerabilities that allowed an attacker to take control of an affected system by using them in Protected Mode and Protected View, the company released security updates for the products only on January 10, ... |
11 January 2012
03:29 GMT |
|
|
Microsoft released a number of seven security bulletins for January 2012 that address vulnerabilities found in Windows Media, Windows ClickOnce application installer, Windows Object Packager, the operating system’s Kernel, and the now famous SSL/TLS protocol weakness dubbed BEAST. The vulnerability in the SSL ... |
11 January 2012
02:56 GMT |
|
|
Tomorrow, Microsoft will push to its customers a new software update as part of its monthly schedule, and will have a number of seven bulletins included in the release.
The Microsoft Security Bulletin Advance Notification for January 2012 that was issued today offers some info on tomorrow’s update, though th... |
9 January 2012
08:17 GMT |
|
|
With the release of the new beta version of Chrome 17, Google also released the 16.0.912.75 stable version which comes with three major security bug fixes. Mozilla’s Boris Zbarsky found a high-priority use-after-free flaw in animation frames for which he was rewarded with $1,000 (700 EUR). The same amount of b... |
6 January 2012
15:01 GMT |
|
|
Recent research reveals that some series of HP printers have firmware issues that can cause major information leaks, especially when we're thinking about printers in large networks. While especially-devised documents can be infected with malicious code, printing them can give a hacker complete access over the r... |
6 January 2012
09:30 GMT |
|
|
The latest events surrounding HP LaserJet printers caused a lot of waves and many owners are desperately trying to update their firmware to protect their devices against hackers. Since the firmware is not easy to find on HP’s site, our Drivers Department is offering you easy-to-find download links for your HP L... |
6 January 2012
07:31 GMT |
|
|
Canonical updated the AFPL Ghostscript packages, an interpreter for the PostScript language and for PDF, for the Ubuntu 10.10, Ubuntu 10.04 LTS, and Ubuntu 8.04 LTS OSes. It was discovered that Ghostscript did not correctly handle memory allocation when parsing certain malformed JPEG-2000 images, did not correctly ha... |
4 January 2012
10:58 GMT |
|
|
A couple of Indian security researchers, Aditya Modha and Samir Shah, found an easy-to-exploit cross-site scripting (XSS) weakness that affected all WordPress 3.3 websites, but version 3.3.1 was quickly released to fix the issue. The researchers showed that by posting a comment on a targeted site using a special scr... |
4 January 2012
02:38 GMT |
|
|
On December 29th, 2011, Microsoft released an out-of-band security update for all Windows flavors starting with Windows XP, in an attempt to fix a number of vulnerabilities discovered in Microsoft .NET Framework 1.1 and later. Four security holes were patched with this update, one of which was rated critical. Whil... |
30 December 2011
03:11 GMT |
|
|
Microsoft rushed to release an out-of-band security update to resolve a denial-of-service (DoS) issue that affected ASP.NET versions 1.1 and later on all supported variants of the .NET framework. A large number of web platforms are affected by the hash collision problem, but the Redmond company was among the first to... |
30 December 2011
01:44 GMT |
|
|
A couple of researchers showed how a common flaw in the implementation of the most popular web programming languages and applications can be used to force servers to use their CPU at full capacity for several minutes, causing a denial-of-service (DoS) condition. Julian Wälde and Alexander Klink made a presentat... |
29 December 2011
07:16 GMT |
|
|
A couple of researchers found that a critical vulnerability affects most web application frameworks, allowing a cybercriminal to launch denial-of-service (DoS) attacks. Since Apache Tomcat web server is among the ones affected, the Tomcat security team came forward with a workaround for the issue. Apache Tomcat is v... |
29 December 2011
05:14 GMT |
|
|
A serious vulnerability that could allow a cybercriminal to issue a denial-of-service (DoS) attack on Ruby was found. The attack is possible with the aid of a specially crafted series of strings that collide their hash values. The deterministic hash function used to hash a string in the 1.8 series of Ruby, which mak... |
29 December 2011
04:17 GMT |
|
|
On December 29, 2011, at 10:00 AM Pacific Time Microsoft will release an out-of-band security update to address a critical security flaw found in ASP.NET, that affects all supported versions of the .NET framework, which could allow for an unauthenticated denial-of-service (DoS) attack on servers that serve ASP.NET we... |
29 December 2011
02:40 GMT |
|
|
Simple Machines Forum (SMF) project released SMF 1.1.16 and SMF 2.0.2 critical security patches to make sure the Internet users who rely on the forum script are completely protected against potential cyberattacks.
Among the resolved issues we find sorting the memberlist by online status, which caused an error in Pos... |
28 December 2011
04:55 GMT |
|
|
After Columbia University researchers Ang Cui and Salvatore Stolfo found a vulnerability in HP LaserJet printers that could allow a hacker to remotely control it to launch cyberattacks, steal information and in some scenarios even set it on fire, HP released a firmware update to mitigate the issue.
“HP has bui... |
27 December 2011
08:22 GMT |
|
|
A few days back we saw how security researcher Billy Rios got angry at Siemens after the company claimed that no authorization bypass flaws were present in their SIMATIC systems. Now, Siemens came forward with a statement reporting that they’re planning to fix the vulnerabilities next month.
Rios became upset ... |
27 December 2011
07:35 GMT |
|
|
The 3.4.9 variant of the popular open source database administration tool, phpMyAdmin, comes with a couple of security fixes which patch up some flaws that could have allowed a cybercriminal to launch cross-site scripting attacks.
According to the release notes, an XSS flaw existed in the setup interface if special... |
27 December 2011
04:37 GMT |
|
|
WordPress users who don’t want to wait for the next core release to fix bugs, can now turn to this latest unofficial plugin for upgrading their WP core.
The 0.8 release of the Hotfix plugin resolves an issue in which plugins and theme styles bled into the dashboard. This means that if the patch is applied them... |
23 December 2011
05:20 GMT |
|
More: << previous 50 | next 50 >> |
|
|
Find us on Google+
