software flaw
RSS software flawFive critical Windows updates arrive on Microsoft's Patch Tuesday
News Greenbaum noted that Microsoft has yet to issue a patch for a zero-day flaw in Internet Information Services that was made public last week. There are already some attacks being seen based on that flaw. [09 Sep 2009]
Windows 7: Unaffected by latest zero-day flaw
News However, the software maker also said that the flaw does not affect the final version of Windows 7, contrary to earlier reports. Microsoft issued a formal security advisory late on Tuesday on a reported... [09 Sep 2009]
Microsoft IIS flaw being exploited in attacks
News A vulnerability in Microsoft's software for housing websites is now being used for "limited attacks" on the servers it's running on, the company said on Friday. Microsoft disclosed the Internet Information Services (IIS)... [07 Sep 2009]
Open source hack could make mobiles vulnerable to prying ears
News We're not creating a vulnerability but publicising a flaw that's already being exploited very widely," he said in a phone interview on Monday. Participants download the software and three months later... [26 Aug 2009]
Microsoft Office, Windows get critical flaw fixes in latest patch batch
News At the time, Microsoft said it was already seeing attacks based on the flaw, which affects Office XP, Office 2003, Internet Security and Acceleration Server 2004 and 2006, as well as Office Small Business Accounting 2006. [12 Aug 2009]
Oracle plugs 33 holes that affect hundreds of products
News A flaw in the network foundation layer component, which establishes and maintains network connections, received a CVSS score of 9, for the Windows version of the software. In its security advisory,... [16 Jul 2009]
SMS flaw leaves iPhone vulnerable to attack
News That is because the iPhone doesn't support Adobe Flash and Java, only runs software digitally signed by Apple, includes hardware protection for data stored in memory, and runs applications in a sandbox, he said. [03 Jul 2009]
ATM hack talk pulled from security conference
News Juniper Networks says it pulled a talk about a flaw in ATM software that one of its researchers was scheduled to give at the security conferences, after the ATM vendor complained. Rarely do we see any... [02 Jul 2009]
iPhone 3.0 patches 46 security holes
News Some of the vulnerabilities are more unusual, such as a flaw in Mail that makes it possible for an outsider to initiate a phone call without needing the user to do anything. The software, first shown off... [19 Jun 2009]
RIM's BlackBerry Enterprise Server hit by critical bugs
News An interim patch available from RIM's website fixes the flaw. RIM has warned of critical bugs in its BlackBerry Enterprise Server and BlackBerry Professional Software that could be used to shut down a... [01 Jun 2009]
Hackers get cracking on unpatched PowerPoint flaw
News Hackers have launched attacks targeting an unpatched flaw in Microsoft PowerPoint, Microsoft warned on Thursday. While there is currently no fix for the PowerPoint flaw, Microsoft said that it may... [03 Apr 2009]
Web Application Security: Too Costly to Ignore
White Paper A major retailer's website is hacked, and thousands of customer records, including credit card numbers, are stolen; a single flaw on the web page of a federal agency has leaked Social Security numbers onto the Internet. [23 Mar 2009]
Google working on browser patch for Android flaw
News Miller has reportedly not yet publicised the technical details of the problem but has said the flaw in the browser used in Android means a visit to a malicious website could lead to software being... [28 Oct 2008]
Virtual worlds under siege from cyber crime
News A virtual illness wiped out entire servers of users in World of Warcraft in 2005 when a design flaw allowed the disease to spread throughout low level players. Also increasing in number and frequency are data-stealing... [28 Aug 2008]
Firefox extension to protect from wireless hacks
News Perspectives also protects against attacks that exploit a recently exposed flaw in the DNS system, which translates web addresses into numerical IP addresses, said Dave Andersen, a computer science professor at Carnegie... [27 Aug 2008]
