|
Home > News > Tags > zero-day vulnerability
|
|
30
Stories about: zero-day vulnerability |
|
|
The US. Computer Emergency Readiness Team (US-CERT) and the National Institute of Standards and Technology (NIST) found two critical vulnerabilities in the latest version of Adobe’s Flash Player which could allow remote attackers to execute arbitrary code with the use of a maliciously crafted SWF file. Accordi... |
9 December 2011
10:18 GMT |
 |
|
Skype announces that a patch for a vulnerability in its Mac client that could be used to remotely execute code has been available since April 14th, despite users not being automatically notified.
Gordon Maddern, a senior security consultant at Australian security vendor Pure Hacking, publicly reported the existenc... |
7 May 2011
03:00 GMT |
|
|
Adobe warns that Flash Player is affected by a new 0-day critical vulnerability that is being actively exploited in the wild to compromise computers.The flaw affects Flash Player 10.2.153.1 and earlier for Windows, Mac, Linux and Solaris, as well as Flash Player 10.2.156.12 and earlier for Android.The authplay.dll Fl... |
12 April 2011
03:57 GMT |
|
|
Adobe has released a new version of Flash Player in order to address a critical vulnerability actively exploited in the wild since the beginning of last week.Last Monday, Adobe issued a security advisory warning users of attacks targeting a previously unknown vulnerability in Flash Player.The attacks used maliciously... |
22 March 2011
04:18 GMT |
|
|
Microsoft has published a security advisory to warn users about a new zero-day vulnerability in the Windows Graphics Rendering Engine that could allow attackers to execute arbitrary code remotely.The problem stems from an error in the way the Graphics Rendering Engine processes thumbnail images and can trigger a stac... |
5 January 2011
05:17 GMT |
|
|
2011 is already shaping up to be a busy year for Microsoft from a security standpoint, as a reputed researcher warns that Internet Explorer might be suffering from a critical vulnerability already known to third parties.On January 1, Michal Zalewski aka "lcamtuf," a well known browser security researcher who currentl... |
3 January 2011
05:01 GMT |
|
|
Exploit code for an unpatched remote code execution vulnerability in Internet Explorer has been added to the popular Metasploit open source penetration testing framework.The flaw was originally reported as a denial of service condition on the Full Disclosure mailing list on December 8.However, vulnerability research ... |
22 December 2010
12:18 GMT |
|
|
Microsoft plans to release 17 security updates that fix 40 vulnerabilities next Tuesday, including an actively exploited vulnerability in Internet Explorer and a still unpatched privilege escalation flaw leveraged by the notorious Stuxnet worm.Next week’s Patch Tuesday will be the last of this year and will cov... |
10 December 2010
12:38 GMT |
|
|
Various security vendors warned today about the public availability of exploit code for a previously unknown Windows privilege escalation vulnerability that can be used to bypass UAC. The vulnerability was disclosed on a programming portal called CodeProject, but the page has since been removed by the site's... |
25 November 2010
05:54 GMT |
|
|
Hackers have released proof-of-concept exploit code for an yet unpatched Windows Vista and 7 privilege escalation vulnerability leveraged by the infamous Stuxnet worm.Stuxnet is a highly complex threat designed for industrial espionage and sabotage, which is widely considered to be the most sophisticated piece of mal... |
22 November 2010
02:54 GMT |
|
|
Security researchers feel that Microsoft should release an out-of-band patch to address an actively exploited Internet Explorer vulnerability, after an exploit for it has been added to the Eleonore drive-by download toolkit.The vulnerability, identified as CVE-2010-3962, was discovered in the wild at the beginning o... |
17 November 2010
04:50 GMT |
|
|
Microsoft is prepping three security bulletins for next Tuesday, that cover vulnerabilities in Microsoft Office and Forefront Unified Access Gateway, but don't address the recently reported zero-day Internet Explorer vulnerability.Two bulletins, one of which is rated critical, contain patches for remote code exe... |
5 November 2010
11:55 GMT |
|
|
Two remote code execution vulnerabilities affecting a popular Japanese word processor called Ichitaro, have been exploited to infect users for the past two months.Ichitaro, which dates back to the DOS era, is the most popular word processing application on the Japanese market after Microsoft Office.It is developed by... |
5 November 2010
07:26 GMT |
|
|
Adobe is still investigating reports of a new code execution vulnerability in Adobe Reader and Acrobat, but recommends blacklisting the affected JavaScript function in the meantime.The flaw was reported as a zero-day on Wednesday, when someone posted a proof-of-concept exploit on the Full Disclosure mailing list.Howe... |
5 November 2010
04:27 GMT |
|
|
French security research company VUPEN confirmed that an Adobe Reader and Acrobat vulnerability reported as a zero-day earlier today, can be exploited to execute arbitrary code.According to the reputed vulnerability intelligence vendor, the flaw is caused by a heap corruption error in the EScript.api plugin, which ca... |
4 November 2010
12:57 GMT |
|
|
Symantec warns that a 0-day vulnerability, affecting stable versions of Internet Explorer, is being exploited in a sophisticated attack, which targets key people in various organizations.The attack begins with fake emails posing as hotel reservation notifications. "About the hotel room, please take the attached list ... |
4 November 2010
05:33 GMT |
|
|
Adobe has released an update for its Shockwave Player application addressing critical vulnerabilities, including a zero-day one, which is actively exploited in the wild.The new Shockwave Player 11.5.9.615 version contains fixes for a total of eleven vulnerabilities that could lead to arbitrary code execution.Six of t... |
29 October 2010
02:45 GMT |
|
|
Adobe has confirmed that a new critical vulnerability affects Flash Player, Adobe Reader and Acrobat, and plans to release patches in the second and third week of November, respectively.Rumors of the zero-day vulnerability emerged earlier today, with researcher Mila Parkour revealing some details about an attack that... |
28 October 2010
10:54 GMT |
|
|
According to the preliminary findings of some security researchers, a new zero-day vulnerability in Adobe Flash Player might be exploited in the wild to infect users with a trojan.The alert comes from independent security researcher Mila Parkour, who maintains the Contagio Malware Dump blog. Ms. Parkour was also cred... |
28 October 2010
04:16 GMT |
|
|
Mozilla has released security updates from Firefox, Thunderbird and SeaMonkey in order to address a critical vulnerability already exploited in the wild to infect users with malware.The vulnerability, identified as CVE-2010-3765, was reported by Morten Kråkvik from the security division (SOC) of Norwegian telec... |
28 October 2010
02:12 GMT |
|
|
Security researchers from Norman have come accross a drive-by download attack exploiting an unpatched Firefox vulnerability in order to infect users with a new trojan.The attack was launched from the Nobel Peace Prize website, which appears to have been compromised and had rogue code injected into its pages.According... |
26 October 2010
11:53 GMT |
|
|
Adobe has confirmed the existence of an unpatched critical remote code execution vulnerability in Shockwave Player, which was publicly disclosed yesterday.The issue was identified by an outfit called Abyssec Security Research, which notes that it can be exploited by opening a specially crafted DIR or DCR file."A crit... |
22 October 2010
02:30 GMT |
|
|
Adobe has released Flash Player 10.1.85.3 in order to address a critical remote code execution vulnerability that was being actively exploited in the wild.Last Monday, on September 13, Adobe warned customers that a previously unknown vulnerability has been identified in the latest version of Flash Player for all oper... |
21 September 2010
02:09 GMT |
|
|
Adobe has announced that a new batch of Flash Player security updates are expected to land on Monday, September 20, and will include a fix for an actively exploited critical vulnerability.At the beginning of the week, the company revealed that a new arbitrary code execution has been discovered in Flash Player 10.1.82... |
18 September 2010
07:25 GMT |
|
|
Android mobile phone users might find themselves vulnerable if having Flash Player 10.1 installed on their devices, as a new security issue with the solution was discovered recently. According to Adobe, the vulnerability in question is a zero-day one, meaning that it was discovered while being exploited into the wil... |
15 September 2010
05:34 GMT |
|
|
Adobe warns that a critical and previously undisclosed vulnerability in Flash Player is actively being exploited in the wild to compromise computers."A critical vulnerability exists in Adobe Flash Player 10.1.82.76 and earlier versions for Windows, Macintosh, Linux, Solaris, and Adobe Flash Player 10.1.92.10 for Andr... |
14 September 2010
03:18 GMT |
|
|
Adobe announced that the upcoming out-of-band security updates, which will address several critical security issues in its Reader and Acrobat products, are expected to land tomorrow.Back in July, at the Black Hat security conference, reputed security researcher and Apple hacker Charlie Miller disclosed a previously u... |
18 August 2010
08:02 GMT |
|
|
Adobe has confirmed a zero-day remote code execution vulnerability revealed by a security researcher during the Black Hat security conference last week. The company has yet to decide if it needs to break out of its quarterly update cycle in order to patch it.The Adobe bug was disclosed by renowned hacker and security... |
4 August 2010
03:24 GMT |
|
|
|
|
Find us on Google+
