Previous
Flaw harbours Slammer potential
News Core Security Technologies discovered that the Windows Workstation vulnerability announced by Microsoft last month could be exploited using the same type of data used by the SQL Slammer worm to spread across the Internet in just minutes.
[December 10, 2003, 7:30]
Sendmail flaw tests new security body
News The DHS's Directorate of Information Analysis and Infrastructure Protection (IAIP) worked with security company Internet Security Systems, which discovered the flaw, and Sendmail to create a patch while keeping news of the issue from leaking to...
[March 4, 2003, 7:36]
Microsoft exposes serious IE vulnerability
News Redmond has released Microsoft Security Advisory 911302, which reveals that the company is investigating reports of a serious vulnerability in Internet Explorer. Redmond is finally addressing a not-so-new vulnerability in Internet
[November 29, 2005, 16:45]
Microsoft releases November security bulletin
News Graphics Rendering Engine vulnerability Enhanced Metafile vulnerability Internet, Microsoft reports that it hasn't received any notification of actual attacks based on this vulnerability. Windows Metafile vulnerability
[November 16, 2005, 16:00]
Apple readies patch for iPhone SMS flaw
News Apple expects to have a fix later this month for a vulnerability in the iPhone that could allow an attacker to gain control of the device remotely via SMS, a security researcher said on Thursday. Miller said that under an agreement with Apple, he...
[July 3, 2009, 8:36]
Windows XP SP2 flaw complex but dangerous
News Researchers at Danish security company Secunia have labelled the vulnerability as "highly critical" because it allows hackers to access local resources and bypass security features in Windows XP SP2. The problem is that by exploiting this...
[December 1, 2004, 11:55]
Microsoft acts on 'download warning' flaw
News However, the spokesperson said the problem was not a security vulnerability but actually a clever use of social engineering. It is important to note that this is not the exploitation of a security vulnerability, but an attempt by an attacker to use...
[November 23, 2004, 7:50]
Government says Finnish with IE 6
News A government agency in Finland is urging the country's citizens to avoid use of Internet Explorer until Microsoft has patched the Bofra vulnerability. The Finnish Communications Regulatory Authority (FICORA) said users should adopt a different...
[November 26, 2004, 12:35]
Linux open to backdoor password
News The vulnerability was discovered by researchers at Internet Security Systems earlier this month; it has since been fixed by Red Hat, but any user running Red Hat's most recent Linux distribution should download and install the fix, the company said.
[April 25, 2000, 13:15]
Mac patch fails to fix problem
News This, in my mind, is the first critical vulnerability on OS X," said Richard Forno, a security researcher and the former chief of security for domain registrar Network Solutions. Security information company Secunia raised its rating of the...
[May 26, 2004, 8:35]
Worm wriggles through Yahoo mail flaw
News At the time of the advisory, there was no patch for the vulnerability. It takes advantage of a JavaScript vulnerability, so the user doesn't even have to click on an attachment to get infected. A new worm that targets Yahoo email users is on the...
[June 13, 2006, 9:25]
Flash Player allows attacks on Windows, Linux
News The file-execution vulnerability, discovered by EEye Digital Security, uses a modified header in a SWF movie file to create a buffer overrun in Flash Player. Macromedia has warned that its Flash Player, a ubiquitous application for playing...
[August 12, 2002, 12:50]
ActiveX 'feature' puts Office at risk
News The vulnerability was reported by researcher Debasis Mohanty. The issue relates to the ability to load ActiveX controls in an Office document and is not a vulnerability but an Office feature, a Microsoft representative said.
[June 23, 2006, 8:55]
Microsoft Windows XP (64-bit) Unchecked Buffer Vulnerability Patch
Downloads A security vulnerability results because it is possible for a malicious user to mount a buffer overrun attack and attempt to exploit this flaw. An attacker could seek to exploit this vulnerability by creating an MP3 or a WMA file that contains a...
[December 20, 2002, 5:33]
Mac OS X vulnerable to critical Java bug
News The vulnerability affects multiple implementations of Java, including OpenJDK, GIJ and icedtea, as well as Sun's own implementation, security researchers said. This one is a pure Java vulnerability," Tinnes wrote in the post.
[May 20, 2009, 17:15]
More Windows exploit code published
News Microsoft provided a patch in November with security bulletin MS05-053 and warned that the vulnerability could create an opening for spyware and Trojan horse attacks. Microsoft is aware that detailed exploit code has been published on the Internet...
[November 30, 2005, 8:20]
Cisco quells 'dictionary attack'
News But the problem with LEAP let hackers greatly reduce the number of possible password matches, thus making the dictionary attacks faster and easier, said Joshua Wright, a security expert who alerted Cisco to the vulnerability.
[April 15, 2004, 9:00]
Adobe Acrobat security hole discovered
News Adobe has issued a patch for the vulnerability at its Web site and says that to its knowledge no users have been targeted using the exploit. Cormack believes, however, that the vulnerability may not immediately inspire a barrage of new viruses or...
[August 8, 2000, 10:40]
Music file flaws could threaten traders
News A security firm on Wednesday warned that people using Windows XP or popular music player WinAmp could fall prey to a vulnerability, enabling a modified music file to take control of a person's PC. The vulnerability does not affect the Windows Media...
[December 19, 2002, 7:51]
FreeBSD rushes out zero-day root patch
News The security team for the open-source FreeBSD operating system has rushed out a patch for a zero-day local root vulnerability. The vulnerability gives local users administrative privileges which allow them to run any code they choose.
[December 1, 2009, 15:55]
