Vulnerabilities Vulnerabilities

Continuous news on hardware and software vulnerabilities from proof of concept to zero day, the dangerous to the novel. Follow the patching topic to narrow your news to emerging fixes.

Is there a fifth zero-day vulnerability in Microsoft Word?

Is there a fifth zero-day vulnerability in Microsoft Word?

Microsoft today shot down reports that a fifth zero-day vulnerability was targeting Word.
Dan Kaplan Feb 1 2007 8:06AM Security
Review: Passive Vulnerability Scanner

Review: Passive Vulnerability Scanner

The Tenable Passive Vulnerability Scanner (PVS) is a most interesting product. It is truly passive in that it does not perform active scans of any kind. It is, simply, a very smart sniffer. The product depends for its usefulness on the way that it collects and reports vulnerability data. Since the PVS is always listening, it constantly collects information from the normal data flows on the network. This is superior to active scanners in two important ways.
Peter Stephenson,CeRNS, Jan 29 2007 12:00AM Security
Microsoft advisory warns exploits targeting newest Word vulnerability

Microsoft advisory warns exploits targeting newest Word vulnerability

Microsoft is warning Word users of attackers exploiting a newly discovered - and "extremely critical" - vulnerability.
Frank Washkuch Jan 26 2007 11:28PM Security
Trojan horse exploits European storms

Trojan horse exploits European storms

It never rains but it pours.
Iain Thomson Jan 22 2007 9:37AM Security
Google cross-site scripting vulnerability found, patched

Google cross-site scripting vulnerability found, patched

A Google cross-site scripting vulnerability within a web-hosting service has been discovered by security researchers, the third such problem identified in recent weeks.
Fiona Raisbeck Jan 18 2007 7:01AM Security
New Java exploits brewing

New Java exploits brewing

Malicious code targets runtime software and development kits.
Shaun Nichols Jan 15 2007 3:08PM Security
Vista contest offers cash for exploits

Vista contest offers cash for exploits

Security vendor offers US$8,000 for reports of Vista and IE7 flaws.
Shaun Nichols Jan 15 2007 3:08PM Software
VeriSign iDefense offers US$48,000 for Vista, Internet Explorer 7 vulnerabilities

VeriSign iDefense offers US$48,000 for Vista, Internet Explorer 7 vulnerabilities

VeriSign's iDefense Labs is offering a total of US$48,000 in awards for remotely exploitable vulnerabilities in the new Windows Vista operating system and Internet Explorer 7.0.
Ericka Chickowski Jan 12 2007 6:10AM Security
Yet another Adobe Reader vulnerability discovered

Yet another Adobe Reader vulnerability discovered

A new vulnerability in Adobe Reader was reported today, joining a handful of other recently-discovered flaws affecting the popular software used to read PDF files.
Dan Kaplan Jan 10 2007 4:50PM Security
Vulnerability found in tool used to fix Apple bugs

Vulnerability found in tool used to fix Apple bugs

A vulnerability has been discovered in a tool used to patch bugs found in Apple software.
Fiona Raisbeck Jan 10 2007 3:07PM Security
Microsoft critical vulnerability boom persists

Microsoft critical vulnerability boom persists

Vulnerability marketplace sparks hike in critical Microsoft flaws.
Shaun Nichols Dec 19 2006 9:17AM Security
Microsoft critical vulnerability boom persists

Microsoft critical vulnerability boom persists

Vulnerability marketplace sparks hike in critical Microsoft flaws.
Shaun Nichols Dec 18 2006 2:59PM Software
Exploits target second Microsoft Word flaw found in a week

Exploits target second Microsoft Word flaw found in a week

Microsoft has confirmed a new zero-day vulnerability affecting Word, the second in a week, as well as targeted exploits exploiting the flaw.
Dan Kaplan Dec 12 2006 9:47AM Security
Experts warn of Media Player vulnerability

Experts warn of Media Player vulnerability

Specially crafted Media Player .asx file could be used to gain control.
Shaun Nichols Dec 12 2006 9:46AM Security
Adobe working on Reader, Acrobat vulnerabilities

Adobe working on Reader, Acrobat vulnerabilities

Adobe said it is working on a fix for multiple vulnerabilities in its Reader and Acrobat programs that could be exploited by hackers to take control of an affected system.
Dan Kaplan Nov 30 2006 7:51PM Security
Apple super-patch fixes 31 vulnerabilities,

Apple super-patch fixes 31 vulnerabilities,

Apple fixed 31 vulnerabilities in the seventh Mac OS X security update of the year, including a fix for a dangerous wireless driver flaw that could lead to arbitrary code execution.
Dan Kaplan Nov 30 2006 4:37PM Security
Exploits in the wild for Microsoft Workstation Service flaw

Exploits in the wild for Microsoft Workstation Service flaw

Two in-the-wild exploits for the Microsoft Workstation Service vulnerability appeared today, two days after the dangerous flaw was patched as part of the software giant's monthly fix cycle, researchers said.
Dan Kaplan Nov 16 2006 10:47PM Security
AOL patches ICQ vulnerability

AOL patches ICQ vulnerability

TippingPoint researchers warned AOL ICQ users this week about a vulnerability that allows attackers to execute malicious code onto a vulnerable PC without user interaction.
Frank Washkuch Nov 7 2006 6:53PM Security
Windows hit by "extremely critical" 0-day vulnerability

Windows hit by "extremely critical" 0-day vulnerability

Vulnerability in XMLHTTP 4.0 ActiveX control opens the door to attackers.
Tom Sanders Nov 7 2006 11:38AM Security
New Apple AirPort vulnerability surfaces

New Apple AirPort vulnerability surfaces

Proof-of-concept code has been posted for a new vulnerability in Apple's AirPort wireless networking hardware. The company said that it is investigating the issue.
Shaun Nichols Nov 3 2006 9:50AM Security

Log In

  |  Forgot your password?