Previous
Apache issues anti-DoS patch
News The Apache Software Foundation has released a patch for its Apache 2.0 HTTP Server to thwart a "significant" denial-of-service vulnerability. The vulnerability in version 2.0.44 affects all operating systems, according to the advisory.
[April 4, 2003, 10:12]
Flaws found in Cisco, Juniper and IBM kit
News Cisco, Juniper and IBM are suffering embarrassment today as a Home Office agency announced details of a software vulnerability that affects the vendors' products. The National Infrastructure Co-Ordination Centre (NISCC) has published details of a...
[April 12, 2005, 17:40]
Sendmail breached by new flaw
News A serious security vulnerability has been found in the ubiquitous Sendmail software, which processes 60 percent to 70 percent of the world's email messages. US-based vulnerability coordination centre CERT claimed most companies are likely to be...
[March 31, 2003, 8:30]
VeriSign: Major internet security update by 2011
News VeriSign has said a significant outstanding internet security vulnerability will be closed by 2011, after delays caused by technical aspects of the implementation. Kane said that the DNS vulnerability publicised by researcher Dan Kaminsky in August...
[November 16, 2009, 4:00]
Hackers whack ColdFusion users
News Last week, L0pht, a site that devotes itself to discussions on computer security, posted a warning about a vulnerability in the remote administration features of Allaire Corp.s ColdFusion Application Server.
[April 30, 1999, 8:05]
Norton AV flaw may put PCs at risk of virus attack
News Symantec has admitted its flagship consumer security application, Norton AntiVirus 2005, has a security vulnerability that allows certain types of malicious script to infect a user's personal computer with a virus.
[November 9, 2004, 9:28]
July will be 'month of browser bugs'
News Each day this month, a prominent security expert will highlight a new vulnerability found in one of the major Internet browsers. This blog will serve as a dumping ground for browser-based security research and vulnerability disclosure," Moore said...
[July 6, 2006, 10:55]
Linux applet bug was false alarm
News The only reason the vulnerability appeared to exist was because the user executed the program as root to begin with. We have since removed this vulnerability from our database. A spokesperson from Bug Traq explains the error saying, "We have...
[October 21, 1999, 9:17]
'Swiss Army knife' virus appears in a weekend
News A new 'Swiss Army' worm initially thought to be MyDoom is exploiting a vulnerability discovered just five days ago. This must be the fastest turnaround yet between finding a vulnerability and a full blown worm.
[November 9, 2004, 13:53]
Flash Player allows attacks on Windows, Linux
News Macromedia has warned that its Flash Player, a ubiquitous application for playing multimedia files, has a vulnerability that could allow attackers to run malicious code on Windows and Unix-based operating systems.
[August 12, 2002, 12:50]
FreeBSD rushes out zero-day root patch
News The security team for the open-source FreeBSD operating system has rushed out a patch for a zero-day local root vulnerability. The vulnerability gives local users administrative privileges which allow them to run any code they choose.
[December 1, 2009, 15:55]
NERC gets Aurora slap on the wrist
Blog A major US energy overseer has been boxed around the ears by a US policy maker over its handling of a vulnerability in US critical national infrastructure security. US Representative James Langevin, chair of the House Subcommittee on cybersecurity...
[May 28, 2008, 16:49]
Microsoft complains about 'irresponsible' security revelation
News Microsoft has slammed the people responsible for publishing details of the vulnerability that has lead to the creation of the bofra virus. The software giant, which has yet to release a patch for the flaw, said that the vulnerability was not...
[November 10, 2004, 11:28]
Security Update for Word 2002 (KB934394)
Downloads A security vulnerability exists in Microsoft Word 2002 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability. This version is the first release on CNET Download.com.
[September 18, 2007, 10:12]
Security Update for Office Multilingual User Interface 2003 (KB921585)
Downloads A security vulnerability exists in the Microsoft Office 2003 Multilingual User Interface Portuguese Grammar Checker that could allow remote code execution. This update resolves that vulnerability. This version is the first release on CNET Download...
[September 20, 2007, 12:33]
Security Update for Office XP (KB934705)
Downloads A security vulnerability exists in Microsoft Office XP that could allow remote code execution. This update resolves that vulnerability. This version is the first release on CNET Download.com.
[September 18, 2007, 10:26]
Paranoid Android
Downloads A new vulnerability in the way Mac OS X handles strong document bindings can lead to documents opening in a different application when being double clicked. Paranoid Android has been updated to address this new vulnerability.
[February 22, 2006, 7:00]
Security Update for Office 2000 (KB914797)
Downloads A vulnerability exists in Microsoft Office 2000 that could allow an attacker to run arbitrary code on a users system. This update resolves that vulnerability. This version is the first release on CNET Download.com.
[September 17, 2007, 9:53]
Microsoft Windows 2000 Patch: Indexing Service File Enumeration
Downloads This update resolves the "Indexing Service File Enumeration" vulnerability in Indexing Service 3.0 and is discussed in Microsoft Security Bulletin MS00-098. For more information about this vulnerability, read Microsoft Security Bulletin MS00-098.
[December 20, 2000, 7:00]
Microsoft Windows NT 4.0 Patch: NTLMSSP Privilege Elevation
Downloads This update resolves the "NTLMSSP Privilege Elevation" security vulnerability present in Windows NT® 4.0, and is discussed in Microsoft Security Bulletin MS01-008. This vulnerability exists because the NTLM Security Support Provider (NTLMSSP...
[February 7, 2001, 7:00]
