Previous
New Outlook bug can sting with spam
News The only defence against the vulnerability is installing the Microsoft patch, which will be available shortly on the Microsoft.com security Web site. The vulnerability in Microsoft's Outlook email program has widespread implications: Until now...
[July 19, 2000, 9:05]
Cursor flaw throws doubt on Vista security
News The SDL was never meant to catch every single vulnerability, period. Still, Microsoft's Vista security promise doesn't fall apart because of this single vulnerability. In the case of the cursor vulnerability, even though something may look similar...
[April 4, 2007, 16:27]
New security hole found in MS Word
News Microsoft is readying a security update for Word that repairs this vulnerability, a company representative said in an emailed statement. When the document is opened by the user the vulnerability is triggered.
[May 22, 2006, 9:45]
Why open-source DNS is 'internet's dirty little secret'
News And Nominum has not had a single known vulnerability in its software. It's easy to say you've not had a single vulnerability if you're not widely deployed. Nominum is targeting these new services at enterprises and tier-two ISPs, the traditional...
[September 22, 2009, 14:35]
Cisco flaw presentation spreads across the Web
News Security expert Richard Forno, founder of the infowarrior.org Web site, said that Cisco's "heavy-handed tactics" have helped publicise the vulnerability. This is because an individual vulnerability could be exploited, on each network device, to...
[August 1, 2005, 16:00]
Cisco squashes one bug
News As reported earlier by ZDNet UK sister site CNET News.com, the vulnerability found in TCP -- the Transmission Control Protocol -- allows for what's known as a reset attack. The vulnerability, which was introduced through a previous version of a...
[April 22, 2004, 8:40]
Oracle moves to monthly patches
News The most important aspect here is that information technology groups can schedule updates and rollouts and you don't have a surprise patch-of-the-day," said Gerhard Eschelbeck, chief technology officer of vulnerability assessment firm Qualys.
[August 20, 2004, 9:10]
MS Passport reveals credit card details
News The simplicity of the attack and the high value of the data frequently stored in Passport accounts combined to make the vulnerability critical. It is hardly an exploit or even vulnerability; it's just a flaw, in their Web-application logic," the...
[May 8, 2003, 9:09]
Vital intrusion detection
News Intrusion detection is vital because it is impossible to keep pace with every threat and vulnerability in a network, yet 60 percent of respondents to a recent NetAdmin poll said they have yet to implement one.
[May 15, 2002, 14:49]
Threat from TCP hole 'small' - researcher
News Although large Internet service providers are vulnerable "to a very low degree," large and medium-sized businesses should make sure they have assessed their vulnerability to the issue, said Sean Hernan, senior member of the technical staff for US...
[April 22, 2004, 9:05]
Pity...
Talkback So "Nominum has not had a single known vulnerability in its software" - it's a bit of a pity they had to publish http://www.nominum.com/asset_upload_file741_2661.pdf for example.
[September 23, 2009, 9:42]
Excite@Home IP flaw exposed
News Excite@Home -- an Internet service run in Australia by Cable & Wireless Optus -- has warned it will take action against anybody who attempts utilise an IP vulnerability that allows a single user to block up to 127 IP addresses, effectively...
[August 4, 2000, 9:50]
Implementing Enterprisewide Network Admission Control
White Papers This security vulnerability has meant that even the most trustworthy user could inadvertently expose everyone else on the network to damaging and costly risks with a single noncompliant device. Until now authenticating the security profile of a...
[August 4, 2006, 0:00]
Microsoft Internet Explorer 5.5 SP2 Cumulative Patch
Downloads In addition, it eliminates the following six newly discovered vulnerabilities: A cross-site scripting vulnerability in a Local HTML Resource. One of these files contains a cross-site scripting vulnerability that could allow a script to execute as...
[May 16, 2002, 8:00]
Microsoft Internet Explorer 5.5 SP1 Cumulative Patch
Downloads In addition, it eliminates the following six newly discovered vulnerabilities: A cross-site scripting vulnerability in a Local HTML Resource. One of these files contains a cross-site scripting vulnerability that could allow a script to execute as...
[May 16, 2002, 8:00]
Vista receives more security updates
Blog The Vista update is perhaps not "critical" as it was a single "privately reported vulnerability" about potential Denial of Service problem rather than something that was in active use by hackers or easy to carry out.
[October 11, 2007, 9:38]
Microsoft warns of rise in scareware, PDF exploits
News The most frequently exploited holes in Office were also some of the oldest, with more than 91 percent of attacks exploiting a single vulnerability for which a security fix had been available for more than two years.
[April 8, 2009, 15:54]
IE flaw introduces new form of infection
News An independent researcher warned that an Internet Explorer vulnerability could turn drag-and-drop into drag-and-infect, even on computers updated with Microsoft's latest security patch. Secunia rated the flaw as "highly critical," its second...
[August 23, 2004, 8:15]
Open-source flaw database opens its doors
News The Open Source Vulnerability Database (OSVDB) has launched a free Web site that catalogues security flaws in Internet-related software. It will, say its creators, promote more open collaboration between companies and individuals "and reduce...
[April 2, 2004, 14:00]
Flaw leaves work PCs and Internet cafes open
News Applications that run with system privileges but don't follow Microsoft's recommended security practices allow the vulnerability to be exploited. Because the vulnerability requires that a user on the system run the attack code, many people...
[July 14, 2003, 7:36]
