March 19th, 2008 by Shanmuga
"Known as APPLE-SA-2008-03-18 Security Update 2008-002, it contains more than 40 specific fixes for versions of Mac OS X. The most significant updates include Apache, ClamAV, Emacs, OpenSSH, PHP, and X11. To get the update, go to the Software Update pane in System Preferences, or Apple’s Software Downloads Web site. The update "is recommended for all users and improves the security of Mac OS X," according to the Apple Downloads page.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Security, Vulnerabilities |
No Comments »
March 19th, 2008 by Shanmuga
"A flaw in the widely-used open-source VLC media player could allow an attacker to execute harmful code on a PC. The problem stems from a buffer overflow that can occur when the player processes subtitle files used for movies, according to a security advisory.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Vulnerabilities |
2 Comments »
March 14th, 2008 by Shanmuga
"Microsoft released its March 2008 security bulletin, which includes four bulletins, all deemed critical by Microsoft. The most serious of these affects Microsoft Excel, which alone has six specific "Common Vulnerablities and Exposures" vulnerabilities noted, one of which has been exploited in the wild.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Vulnerabilities |
1 Comment »
March 14th, 2008 by Shanmuga
"Mozilla released the latest beta of Firefox 3, including some 900 bug fixes and highlighting for users that it is for testing purposes only. The release comes less than a week after Microsoft showed off the next version of its browser – Internet Explorer 8 – at its annual Mix show for developers.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Security, Vulnerabilities |
1 Comment »
February 15th, 2008 by Shanmuga
"Adobe released patches for its Reader and Acrobat programs last Wednesday, but there’s reason to suspect that the company has closed the barn door long after the cattle fled. According to a blog entry at the SANS Internet Storm Center, this particular vulnerability has been exploited in the wild for several weeks. In this case, hackers use malicious banner ads as a host for an infected PDF. The PDF then installs the Zonebac Trojan, which sets to work deactivating antivirus products, modifying search results, and changing banner ads.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Vulnerabilities |
No Comments »
February 13th, 2008 by Shanmuga
"Microsoft on Tuesday rolled out 11 security updates that patch 17 vulnerabilities in Windows, Office, Internet Explorer, Internet Information Server (IIS) and several other components and technologies. It was the most patch bulletins Microsoft’s has issued since February 2007, even though it yanked one expected update — scheduled last week to fix problems in VBScript and JScript — at the last minute. Five of the 11 were ranked "critical," Microsoft’s highest rating in its four-step threat-scoring system. The others were pegged as "important," the second-highest rating.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Vulnerabilities |
1 Comment »
February 13th, 2008 by Shanmuga
"Mozilla Corp. late yesterday patched Firefox to quash 11 bugs, including one from three weeks ago that posed a threat to users who had installed any of the more than 600 add-ons for the open-source browser. Firefox 2.0.0.12 fixed four vulnerabilities that Mozilla ranked "critical," one it pegged "high" and three each rated as "moderate" and "low," according to the security advisory posted Thursday.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Vulnerabilities |
No Comments »
February 8th, 2008 by Shanmuga
"A researcher over at the Internet Storm Center has created a powerful GUI that will set the kill-bits on vulnerable ActiveX controls used in Facebook, Myspace, and Yahoo apps. These popular apps came under attack on Monday after researchers Elazar Broad and Krystian Kloskowski disclosed their findings to a online security newsgroup.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Software, Vulnerabilities |
No Comments »
February 8th, 2008 by Shanmuga
"A wave of bugs in the plug-in technology used by Microsoft Corp.’s Internet Explorer browser has some security experts, including those at US-CERT, recommending that users disable all ActiveX controls.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Vulnerabilities |
No Comments »
February 8th, 2008 by Shanmuga
"Bugs in the ActiveX controls on popular social networking sites Facebook and MySpace can be used by hackers to snatch control of Windows PCs, security experts said today. Initially made public by researcher Elazar Broad on the Full Disclosure security mailing list, the vulnerabilities are in a pair of ActiveX controls that Facebook and MySpace provide to users for uploading images to their pages via Microsoft’s Internet Explorer (IE) browser.
Read the rest of this entry »
If you enjoyed this post, make sure you subscribe to my RSS feed!
Category: Vulnerabilities |
No Comments »
