Vulnerabilities Vulnerabilities

Continuous news on hardware and software vulnerabilities from proof of concept to zero day, the dangerous to the novel. Follow the patching topic to narrow your news to emerging fixes.

Removing admin rights can stem Microsoft exploits

Removing admin rights can stem Microsoft exploits

More than four out of five remote code vulnerabilities that were addressed last year by Microsoft patches could avoid being exploited by simply stripping users' administrator rights, a new study has found.
Angela Moscaritolo Feb 6 2009 10:39AM Security
IBM urges rethink on vulnerability assessments

IBM urges rethink on vulnerability assessments

The security industry needs to reprioritise its response to disclosed software vulnerabilities in order to determine more effectively when emergency patching is most needed, according to the latest annual security trends report from IBM.
Phil Muncaster Feb 3 2009 6:43AM Security
Google working on fix for clickjacking vulnerability in Chrome

Google working on fix for clickjacking vulnerability in Chrome

A researcher has shown that the Google Chrome web browser can succumb to clickjacking.
Angela Moscaritolo Feb 2 2009 11:03AM Security
Apple updates QuickTime to fix vulnerabilities

Apple updates QuickTime to fix vulnerabilities

Apple has released QuickTime 7.6 that includes several enhancements and fixes seven critical security vulnerabilities.
SC Australia Staff Jan 23 2009 10:41AM Security
Patches issued for Oracle products are "critical"

Patches issued for Oracle products are "critical"

The 41 patches issued earlier this week by Oracle include several that earned the most severe rating under the database giant's scoring system.
Angela Moscaritolo Jan 15 2009 10:51AM Security
New phishing ploy exploits secure sessions to hijack data

New phishing ploy exploits secure sessions to hijack data

Researchers have discovered a new way for attackers to phish for credentials without the need to send emails or trick users into visiting a malicious website.
Dan Kaplan Jan 14 2009 10:49AM Security
Vulnerability fixed in OpenSSL

Vulnerability fixed in OpenSSL

A vulnerability discovered in OpenSSL could enable a remote attacker to bypass signature checks and launch spoofing attacks.
Angela Moscaritolo Jan 9 2009 11:00AM Security
XSS vulnerabilities discovered in Facebook, closed quickly

XSS vulnerabilities discovered in Facebook, closed quickly

Researchers this week released proof-of-concept code for a number of cross-site scripting flaws on Facebook, but the social networking site said it closed the vulnerabilities within hours.
Angela Moscaritolo Dec 17 2008 9:34AM Security
Firefox tops app vulnerability list

Firefox tops app vulnerability list

Mozilla's open-source Firefox browser recorded the highest number of severe vulnerabilities among popular consumer applications this year, according to new research from whitelisting firm Bit9 released today.
Phil Muncaster Dec 13 2008 1:16AM Security
Firefox tops app vulnerability list

Firefox tops app vulnerability list

Bit9 research reports 40 known severe vulnerabilities this year for the popular browser.
Phil Muncaster Dec 12 2008 10:34AM Security
Eight patches, 28 vulnerabilities for festive Patch Tuesday

Eight patches, 28 vulnerabilities for festive Patch Tuesday

Microsoft has closed out the year with a mammoth security update -- fixing 28 vulnerabilities, many of them Office and web flaws.
Dan Kaplan Dec 11 2008 10:00AM Security
Worm exploiting Microsoft vulnerability developing into botnet

Worm exploiting Microsoft vulnerability developing into botnet

Since Microsoft's Windows Server Service vulnerability was patched in late October, exploits have continually surfaced.
Angela Moscaritolo Dec 3 2008 10:03AM Security
Hot or not: Software update vulnerabilities

Hot or not: Software update vulnerabilities

The automatic update features in many software applications are proving to be vulnerable to attack. Hackers are taking notice. You should, too.
Amol Sarwate, Nov 20 2008 1:56PM Security
Adobe's AIR 1.5 update addresses Flash Player vulnerabilities

Adobe's AIR 1.5 update addresses Flash Player vulnerabilities

The new AIR update includes Flash Player 10, Adobe's newest version of Flash Player which closed up vulnerabilities that left users open to clickjacking and other exploits.
Angela Moscaritolo Nov 19 2008 9:27AM Security
Microsoft-only patchers will be hit by the Adobe vulnerability

Microsoft-only patchers will be hit by the Adobe vulnerability

Shavlik Technologies has claimed that organisations that rely on patch management solutions limited to Microsoft-only applications will be hit by the Adobe vulnerability.
Dan Raywood Nov 10 2008 10:36AM Security
Microsoft reports new malware attacking vulnerability

Microsoft reports new malware attacking vulnerability

Microsoft has reported 'strong deployments' of the MS08-067 Security Bulletin.
SC Australia Staff Nov 10 2008 10:36AM Security
Microsoft to deliver a pair of November fixes

Microsoft to deliver a pair of November fixes

Microsoft is preparing to release a pair of updates next Tuesday.
Shaun Nichols Nov 10 2008 1:15AM Security
Vulnerability discovered in WPA encryption

Vulnerability discovered in WPA encryption

German researchers have found a way to decrypt packets from a WPA-protected network.
Angela Moscaritolo Nov 7 2008 9:54AM Security
Opera patches vulnerabilities

Opera patches vulnerabilities

Opera has patched a vulnerability which is has deemed to be ‘highly critical'.
Staff Writers Nov 6 2008 2:22PM Security
Adobe patches for critical vulnerabilities in Adobe Reader

Adobe patches for critical vulnerabilities in Adobe Reader

Adobe on Tuesday shipped a fix for its Reader and Acrobat products to eliminate critical flaws.
Dan Kaplan Nov 6 2008 10:35AM Security

Log In

  |  Forgot your password?