Previous
Anti-virus experts issue HP hole alert
News Anti-virus experts are warning IT administrators to be ahead of the game with a new HP OpenView and NetView vulnerability, which was reported on Wednesday, in order to prevent a repeat of the Code Red fiasco.
[August 16, 2001, 12:37]
Office users face new macro risk
News A new vulnerability has been detected in systems running Microsoft Excel and PowerPoint, which allows a specially crafted macro to avoid detection and run malicious code on a victim's machine. Microsoft added warnings giving the user an option to...
[October 10, 2001, 12:48]
Symantec admits to LiveUpdate security hole
News A group of German hackers have exposed a new vulnerability in Symantec's LiveUpdate 1.4, which could be used to download and run hostile code from an unauthorised server. Despite admitting to the vulnerability of its product, Symantec is refusing...
[October 11, 2001, 12:15]
Gmail exploit may let attackers forward email
News A security vulnerability in Gmail may allow attackers to set up filters on users' email accounts without their knowledge, according to a proof-of-concept exploit posted on the Geek Condition website on Sunday.
[November 24, 2008, 11:51]
Apple fixes iPhone call-hijack flaw
News A serious security vulnerability has been discovered in the iPhone, but Apple said it has fixed the flaw in its latest firmware update for the handset. The vulnerability could allow users to be tricked, via a link in an email, into opening webpages...
[November 21, 2008, 12:19]
Windows attack code released
News Computer code that exploits a "critical" Windows 2000 vulnerability has been released on the internet, increasing the likelihood of attacks, experts warned on Thursday. While Windows 2000 is an older operating system, it is still broadly used...
[November 17, 2006, 9:29]
eEye issues temporary patch for Windows cursor flaw
News Security vendor eEye has issued a temporary workaround for a zero-day exploit which takes advantage of a vulnerability in the Windows cursor. An attacker could exploit the vulnerability through a web page or email message with rigged computer code...
[April 2, 2007, 12:05]
Security hole hits patched Internet Explorer
News A new vulnerability has been detected in Microsoft's Internet Explorer (IE) that could allow the execution of malicious code on systems running IE 5.5 and 6.0 of the browser. The vulnerability effects versions 5.5 and 6.0 that have been patched...
[January 4, 2002, 8:48]
Cisco patches Security Manager flaw
News Cisco has released an out-of-cycle patch for a vulnerability in its Security Manager product. The vulnerability affects the 3.1, 3.1.1, 3.2 and 3.2.1 versions of Security Manager. A link to a patch for the vulnerability is provided on the Cisco...
[January 22, 2009, 12:46]
Dangerous CVS hole identified
News A critical vulnerability has been found in the Concurrent Versions System (CVS), which is used by the vast majority of open-source projects to update and maintain source code. Stefan Esser of E-Matters, a European technology company, discovered the...
[January 23, 2003, 8:54]
US Government warns of Apple flaw
News The US Government has added its weight to warnings about a vulnerability in Apple's Mac OS X. CNET News.com first reported the vulnerability on Tuesday. According to US-CERT, the vulnerability in OS X may allow an attacker using malformed DMG files...
[November 24, 2006, 16:01]
Kaminsky reveals details and extent of DNS flaw
News Security researcher Dan Kaminsky has given details of a fundamental flaw in the Domain Name System, and the extent of the vulnerability. This vulnerability can be exploited by using multiple vectors of attack, according to Kaminsky.
[August 7, 2008, 14:46]
Porn Trojan exploits old Microsoft hole
News A new Trojan horse is redirecting Internet users to pornographic Web sites by exploiting an old vulnerability in Microsoft Internet Explorer (IE). The security vulnerability that Seeker attacks is in the Microsoft virtual machine ActiveX component.
[January 4, 2002, 12:43]
VMware patches hypervisor bugs
News A patch is available for a buffer overflow vulnerability in VMware's flagship ESX 3.5 and ESXi 3.5 hypervisors. The vulnerability lies in the Openwsman system management platform, which implements VMware's web services management protocol.
[September 19, 2008, 16:54]
Yahoo patches IM security hole
News Yahoo issued a security patch to fix a potential vulnerability in its latest instant messaging software, the company said on Friday. The site pointed specifically to a warning issued last week by the United States Computer Emergency Readiness Team...
[August 16, 2004, 10:30]
Mac OS X glitch published after patch 'delay'
News Details of an as-yet-unpatched security vulnerability in Apple's OS X software have been published on the Web. The researcher who found the vulnerability, William Carrel, claims he was forced to release his advisory to the public before the...
[November 27, 2003, 8:40]
Patch slip-up raises security questions
News The questionable handling of a fix for a recent widespread software vulnerability has some administrators worried that developers can't be trusted to make security a top priority. However, rather than replying to email requests sending the patch...
[November 21, 2002, 13:43]
Security firm discovers Chrome 'SaveAs' flaw
News A company in Vietnam has turned up the latest vulnerability in Chrome, according to a story posted to Information Week's website. BKIS says it has reported the vulnerability to Google. BKIS explained the security flaw: "The vulnerability is caused...
[September 8, 2008, 9:19]
Hackers take advantage of Windows WMF flaw
News Hackers are stepping up their attempts to exploit the WMF vulnerability that was discovered within Microsoft Windows last year, experts warned on Tuesday. Security experts say the vulnerability is potentially very dangerous as conventional...
[January 3, 2006, 17:20]
Security flaw threatens Cisco Web site
News Securiteam.com, an online security portal, have found a Cross-Site Scripting (XSS) vulnerability in the cisco.com Web site, according to an advisory. The vulnerability would allow attackers to cause users to view third-party malicious JavaScript or...
[December 20, 2002, 9:17]
