Vulnerabilities Vulnerabilities

Continuous news on hardware and software vulnerabilities from proof of concept to zero day, the dangerous to the novel. Follow the patching topic to narrow your news to emerging fixes.

Vulnerability patched in Google's Android-powered phone

Vulnerability patched in Google's Android-powered phone

Google and T-Mobile late last week began rolling out a patch to users of the G1 phone to address a security vulnerability in the Android operating system.
Angela Moscaritolo Nov 5 2008 9:45AM Security
New worm exploiting Microsoft vulnerability

New worm exploiting Microsoft vulnerability

A worm, exploiting the emergency Microsoft patch, turns infected computers into bots that can launch DDoS attacks.
Angela Moscaritolo Nov 5 2008 9:45AM Security
Javascript to be next core malware language

Javascript to be next core malware language

The demand that the development of web 2.0 has placed on browsers to become more interactive and act as a portal rather than just a viewing platform is opening up new vulnerabilities to unsuspecting users, Itzik Kotler, team leader of the Security Operation Center at Radware, has warned.
Ian Williams Oct 31 2008 12:10AM Security
Patched Opera browser faces new vulnerability

Patched Opera browser faces new vulnerability

Security researchers have already discovered security vulnerability in Opera Software's 9.61 browser version that was released last week.
Angela Moscaritolo Oct 30 2008 9:36AM Security
OpenOffice releases patches for two vulnerabilities

OpenOffice releases patches for two vulnerabilities

The open-source alternative to Microsoft Office has released patches to rectify two critical flaws.
Dan Kaplan Oct 30 2008 9:36AM Security
Security group: Vulnerability disclosure is impractical

Security group: Vulnerability disclosure is impractical

An advisory group contends that the scramble over Dan Kaminsky's DNS flaw discovery proves that full disclosure is simply not feasible.
Mark Mayne Oct 30 2008 9:36AM Security
Microsoft issues new security alert

Microsoft issues new security alert

Microsoft is issuing a critical fix for Windows users. The company issued the alert following reports of targeted attacks against a vulnerability in the server component for all currently supported versions of Windows and Windows Server.
Shaun Nichols Oct 24 2008 3:03PM Security
Frame injection exploits Google flaw

Frame injection exploits Google flaw

The login page for Google Mail can be spoofed so that an attacker can steal a user's credentials.
Angela Moscaritolo Oct 14 2008 11:04AM Security
Clickjacking exploits enable hackers to hijack webcams

Clickjacking exploits enable hackers to hijack webcams

Using Flash Player and clickjacking techniques, webcams and microphones can be hijacked, prompting Adobe to issue a workaround as users await a fix.
Angela Moscaritolo Oct 9 2008 9:44AM Security
Spammer campaign exploits email read receipts

Spammer campaign exploits email read receipts

A new wave of malicious spam relies on requests for delivery confirmations for unsolicited emails.
Dan Raywood Oct 8 2008 9:43AM Security
Adobe vulnerability exploits are mounting

Adobe vulnerability exploits are mounting

A new and previously unknown exploit toolkit exclusively targets Adobe's PDF format.
Chuck Miller Sep 29 2008 12:36PM Security
Cisco patches 12 vulnerabilities

Cisco patches 12 vulnerabilities

In an advisory, Cisco Systems notified users of 12 security patches to fix vulnerabilities in its Internet Operating System (IOS) Software and Unified Communications Manager.

Staff Writers Sep 29 2008 12:32PM Security
Apple fixes another DNS vulnerability

Apple fixes another DNS vulnerability

Apple released a security update for its Mac OS X to fix several security issues, most notably for the notorious DNS cache poisoning problem and a vulnerability within PostScript font names.
Sue Sep 18 2008 12:53PM Security
Microsoft patches eight critical flaws

Microsoft patches eight critical flaws

Microsoft on Tuesday pushed out four patches to correct eight vulnerabilities in its operating systems and related components.
Dan Kaplan Sep 10 2008 8:17AM Security
Fighting fire with fire

Fighting fire with fire

The Web is a pretty nasty place, according to reverse engineer and privacy advocate Mike Perry -- and he should know.
Liz Tay Sep 4 2008 12:52PM Security
Browser security plug-in protects against DNS flaw

Browser security plug-in protects against DNS flaw

Researchers have developed a browser security system that protects against the recently-revealed DNS vulnerability and other Man-in-the-Middle (MitM) attacks.
Liz Tay Aug 27 2008 11:39AM Security
Red Hat warns of Fedora, OpenSSH compromises

Red Hat warns of Fedora, OpenSSH compromises

Hackers compromised Red Hat's Fedora servers, which prompted the open source software company to issue a critical update Friday for its OpenSSH packages.
Dan Kaplan Aug 25 2008 9:59AM Security
Opera patches for seven vulnerabilities

Opera patches for seven vulnerabilities

Alternative web browser Opera has delivered an update to address seven critical vulnerabilities.
Dan Kaplan Aug 22 2008 10:25AM Security
Microsoft looks into Visual Studio bug

Microsoft looks into Visual Studio bug

Microsoft is investigating a zero-day vulnerability in Visual Studio.
Dan Kaplan Aug 18 2008 10:07AM Security
Vulnerability assessment

Vulnerability assessment

The environments in which we all work have become more complicated as the years have passed, and one of the outcomes is that they are far more difficult to test for vulnerabilities.
Peter Stephenson, Aug 15 2008 11:43AM Security

Log In

  |  Forgot your password?