Previous
Flaws Found In BSD, Linux Software Updaters
News An attacker can replay the correctly signed packages or metadata from a previous release and your computer will install software with flaws that the attacker can exploit. The attacks work because of flaws in the system of secure signatures for...
[July 14, 2008, 17:08]
Browser Flaws Biggest Software Security Risk
News The most common software flaws are now cross-site scripting (XSS) vulnerabilities, according to US Government organisation Mitre. XSS flaws have accounted for 21.5 percent of the vulnerabilities found in 2006 so far according to Mitre statistics.
[September 15, 2006, 18:00]
HP Software Update Flaws Threaten Data Leakage
News HP's Software Update tool has been found to contain flaws which can lead to remote code execution or the leakage of sensitive information stored on a PC. The offending component of the HP Software Update application is the HPeDiag ActiveX control...
[April 29, 2008, 10:20]
Browser Flaws Biggest Software Security Risk
Talkback Copy and paste the following line into your address bar. If it doesn't work, it may be fixed by then.http://www.zdnet.co.uk/search/? query=%27%3Balert%28String.fromCharCode%2888%2C83%2C83%29%29%2F%2F%5C%27%3Balert%28String.fromCharCode%2888%2C83...
[September 22, 2006, 17:47]
Symantec Software Flaws
Forum This years upgrade of Norton Internet Security cost me 20 hours of connecting with techsupport personel which do not speak English (they are using very low quality translation software and cut and pasting answers) before I finially figured out the...
[July 5, 2006, 18:29]
Browser Flaws Biggest Software Security Risk
Talkback http://www.darkreading.com/document.asp? doc_id=104313 There ARE many XSS exploits on high profile sites as this article shows. It's just that us good guys are disclosing them. The problem isn't that there are many of them, but that they can be...
[September 22, 2006, 17:44]
CERT To Disclose Software Flaws
News It may herald the end of a fight that has inflamed the security community for more than a decade: the Computer Emergency Response Team, or CERT, has endorsed a policy of open flaws in software that could affect security.
[October 9, 2000, 8:38]
Reporting Software Flaws Safely
News Especially when we're talking about software where millions of users are potentially at risk. There's the case of Mike Lynn, who discovered some stuff a few years ago with Cisco; there were two researchers who discovered some vulnerabilities in the...
[June 8, 2007, 18:02]
Microsoft Leaves Its Wallet Wide Open
News Software flaws in the security of Microsoft's Passport authentication system left consumers' financial data wide open, causing the software giant to remove a key service from the Internet to protect people from having their data stolen, a company...
[November 5, 2001, 8:55]
Fed-up Customers Want Faster Bug Alerts
News Corporate customers are sick and tired of software flaws. A study of more than 300 companies published last week found that nearly 80 percent of companies support security consultants and hackers releasing information about software vulnerabilities...
[July 4, 2002, 7:35]
Group Looks To Rein In Security Experts
News Eleven software makers and security firms announced on Thursday the formation of a group that intends to set down rules regarding how the security community should responsibly release information on software flaws.
[September 27, 2002, 8:22]
Group To Set Bug-reporting Standards
News Microsoft and other software makers met with several computer-security companies Thursday to hash out the last details of a group that will set guidelines for reporting software flaws that affect Internet security.
[February 22, 2002, 10:56]
Libsafe Guards Against Linux Hijackers
News The attacks can be quite difficult to guard against since they usually involve software flaws. However, Libsafe offers another way to deal with these dangerous flaws. Buffer overflows can also crash a program or even cause system instability due to...
[August 7, 2002, 8:52]
Ubuntu Creator Wants To Squash 'upstream' Bugs
News The founder of the Ubuntu open-source operating system, Mark Shuttleworth, has called for Ubuntu developers to fix all software flaws found in the operating system, including, crucially, those in inherited source code.
[June 30, 2008, 16:20]
22 New Microsoft Security Holes Revealed
News Microsoft published 10 new software security advisories on Tuesday, warning Windows users and corporate administrators of 22 new flaws that affect the company's products. Microsoft's highest severity rating for software flaws is its "critical...
[October 13, 2004, 8:55]
The Eye Of Oracle's Security Storm
News David Litchfield, managing director of UK security software firm Next-Generation Security Software, found himself in the eye of a media storm after he pointed out some security flaws in Oracle's core database software at the Black Hat Security...
[August 4, 2004, 14:55]
FBI Names 20 Most-wanted Security Flaws
News The Systems Administration, Networking and Security (SANS) Institute unveiled a list of 20 software flaws this week that the group, along with the FBI, recommends be given special attention by corporate data managers.
[October 3, 2001, 8:55]
Patching 'still Too Difficult'
News Top security officers warned on Tuesday that patching software flaws is still far too difficult, with many companies left vulnerable because they are lagging behind on applying critical updates. The data and concerns spotlight a constant source of...
[February 25, 2004, 8:10]
Bugs Bust Open 'unbreakable' Oracle 9i
News A security researcher will detail a bevy of software flaws in Oracle's flagship database at the Black Hat Windows Security Briefings in New Orleans this week, busting up the company's promise that the program is "unbreakable.
[February 7, 2002, 10:21]
New Flaws Expose Net To Attacks
News A network protection firm on Tuesday revealed three new flaws in the software on which the Internet's domain name system relies. The flaws occur in the popular Berkeley Internet Name Domain (BIND) software.
[November 14, 2002, 8:04]
