disclosure hole
RSS disclosure holeSort by: Relevance | Date
Microsoft's Patch Tuesday unleashes record number of updates
News Microsoft has released 10 security updates fixing a record number of Patch Tuesday holes, including one for a critical hole in Internet Explorer 8 that was exploited as part of a hacking contest at CanSecWest conference... [10 Jun 2009]
Android security hole gets patched up
News Earlier, Google appealed for what it called "responsible disclosure" of security vulnerabilities - in other words, a grace period to fix problems before they're made public to reduce the likelihood an attacker will get a... [03 Nov 2008]
Cotton Traders' site hacked: Thousands of details stolen
News The company claims it notified its customers within days of it happening, flagged up the breach with banks immediately and closed the hole within hours of the attack. Security groups say the attack highlights the need... [11 Jun 2008]
Editor's Blog: Lords above!
Comment I fear that few chief executives realise the capacity of a data breach to hole their business below the waterline. It's been another week where silicon.com's Full Disclosure campaign has loomed large,... [27 Feb 2008]
Google fixes Gmail address book flaw
News Google has fixed a security hole in several of its services that exposed the address books of Gmail users. Adkins said: "Responsible disclosure allows companies like Google to keep users safe by fixing... [03 Jan 2007]
OpenOffice patches trio of holes
News The second hole enables hackers to inject executable code into OpenOffice documents using a macro, which runs when that document is opened. Driga denied the disclosure of the vulnerabilities would damage... [05 Jul 2006]
File-pinching security hole punctures Firefox and IE
News Microsoft and Mozilla have acknowledged that a security hole in their web browsers could let an intruder nab files but say it is tough to exploit and so not that high a risk. A Microsoft representative said in an emailed... [09 Jun 2006]
Oracle patch is holey, says security researcher
News However, the update for Oracle 10g Release 2 does not plug a hole that allows published attack code to run, according to a message sent to the Full Disclosure security list on Wednesday by David... [27 Apr 2006]
Windows worm holes plugged
News Microsoft on Tuesday issued fixes for 14 flaws in Windows, including a security hole that one expert says is ripe for exploitation by a major worm. This security hole is also found in Windows 2000 and... [12 Oct 2005]
Symantec security hole puts systems at risk
News The security hole lies in the web-based administrative interface of the Symantec Antivirus Scan Engine, the company said. Disclosure of the Symantec issue is further evidence that researchers are... [06 Oct 2005]
Bug bounty hunters recruited by security firm
News David Endler, director of security research at TippingPoint, said in an interview: "We want to reward and encourage independent security research, promote and ensure responsible disclosure of vulnerabilities and provide... [25 Jul 2005]
Are vulnerable times responsible times?
Comment They know a way in and there's no way to stop them; no patch for the security hole because your software supplier doesn't know it exists. Any company that joins must sign a non-disclosure agreement, so... [02 Mar 2005]
Google plugs desktop search hole
News The disclosure of this flaw comes just days after analyst firm Gartner warned businesses to steer clear of Google's desktop search tool until a more robust, enterprise-ready version is released. Google has fixed a flaw... [20 Dec 2004]
Does Microsoft patch policy create more problems than it solves?
News If a hole is found in the wild [Microsoft] should respond in a timely manner regardless of their patch cycle," he explained. Industry sources anticipate the disclosure of multiple vulnerabilities in the... [11 Nov 2003]
Bug alert firm fights critics with new guidelines
News The company faced loud complaints last April after it released news of a security hole in the popular open-source web server software Apache, having given the application's developers only a few hours to respond. [03 Dec 2002]
