security flaw
RSS security flawFive critical Windows updates arrive on Microsoft's Patch Tuesday
News Greenbaum noted that Microsoft has yet to issue a patch for a zero-day flaw in Internet Information Services that was made public last week. There are already some attacks being seen based on that flaw. [09 Sep 2009]
Windows 7: Unaffected by latest zero-day flaw
News Microsoft issued a formal security advisory late on Tuesday on a reported zero-day flaw in Windows Vista and Windows Server 2008. However, the software maker also said that the flaw does... [09 Sep 2009]
Microsoft IIS flaw being exploited in attacks
News Microsoft disclosed the Internet Information Services (IIS) vulnerability on Monday and said on Friday it's still working on a security update to fix the problem. FTP 7.5 is not vulnerable to any of these exploits," said... [07 Sep 2009]
Microsoft issues advisory for IIS flaw
News Microsoft on Tuesday issued a security advisory for a web server flaw that was made public on Monday. The flaw affects certain versions of Microsoft Internet Information Services... [02 Sep 2009]
Microsoft IIS 'at risk from FTP flaw'
News Microsoft on Monday said it is looking into a report of a flaw in some versions of its Internet Information Services (IIS) product that could allow an attacker to gain control of a system. Once it's done with its... [01 Sep 2009]
Open source hack could make mobiles vulnerable to prying ears
News We're not creating a vulnerability but publicising a flaw that's already being exploited very widely," he said in a phone interview on Monday. Security researcher Karsten Nohl is launching an... [26 Aug 2009]
Microsoft Office, Windows get critical flaw fixes in latest patch batch
News At the time, Microsoft said it was already seeing attacks based on the flaw, which affects Office XP, Office 2003, Internet Security and Acceleration Server 2004 and 2006, as well as Office Small... [12 Aug 2009]
New Firefox versions released to plug two critical holes
News The second vulnerability, disclosed last week, involves a flaw in certificate authentication technology that could potentially let an attacker gain access to encrypted information or issue a bogus update to Firefox. [04 Aug 2009]
Apple plugs iPhone SMS flaw
News Apple has plugged an SMS flaw that could enable an attacker to take complete control over an iPhone. Researchers Charlie Miller and Collin Mulliner said at the Black Hat security conference that an... [03 Aug 2009]
MI5 plugs website flaw that left site open to hack attack
News MI5 has closed up a flaw on its website that could have opened up visitors to malicious attacks, the UK intelligence agency said. The flaw was not maliciously exploited and had been limited to that... [30 Jul 2009]
Linux flaw bypasses security
News A security researcher has released zero-day code for a flaw in the Linux kernel, saying that it bypasses security protections in the operating system. It also uses arbitrary code... [21 Jul 2009]
Google fixes up Chrome flaw gruesome twosome
News New versions of Google Chrome are out, fixing bugs and patching security holes in both the stable build and the beta build. Two serious security flaws have been plugged. Found by the Google... [20 Jul 2009]
Mozilla unearths critical Firefox 3.5 Just-in-time hole
News The zero-day flaw lies in Firefox 3.5's Just-in-time (JIT) JavaScript compiler. Proof-of-concept code to exploit the vulnerability has been posted online by a security research group, Mozilla said in a... [16 Jul 2009]
Oracle plugs 33 holes that affect hundreds of products
News A flaw in the network foundation layer component, which establishes and maintains network connections, received a CVSS score of 9, for the Windows version of the software. Oracle has released fixes for 33... [16 Jul 2009]
Windows Video ActiveX Control at risk from flaw
News Antivirus vendor Symantec said it was seeing the flaw being exploited in China and other parts of Asia and cited reports that indicate thousands of websites are hosting the exploit. There have been limited attacks... [07 Jul 2009]
