Neowin News Feed for: Vulnerability

After 6 months, Apple finally patches App Store vulnerability

Max Slater-Robins — Sun, 10 Mar 2013 12:19:13 +0000

Apple has plugged a gap in their App Store security, 6 months after a Google security researcher alerted them to the problem which could allow hackers access to sensitive information. Read more...

Two more zero-day vulnerabilities in Java, seemingly

Paul Ferson — Thu, 28 Feb 2013 10:02:49 +0000

Oracle's most famous product, Java, has a few more woes to add to its past week after a Polish security firm discovered two more potential weaknesses hackers could use in future attacks. Read more...

PC component company Syba seemingly compromised

Paul Ferson — Mon, 11 Feb 2013 17:12:41 +0000

It seems that Syba, a fairly well-known PC components manufacturer, has been compromised by a bit of JavaScript based trickery capable of rerouting data and generally messing up your time online. Read more...

Less than a week after fix, Java is broken yet again

Christopher White — Sun, 20 Jan 2013 19:01:10 +0000

Another day, another Java security flaw. To quote the movie Wargames, "the only winning move is not to play." In this case, that means to constantly update Java and use it only if absolutely necessary Read more...

Microsoft testing fix for SMS bug that disables Windows Phones

Steven Parker — Thu, 29 Dec 2011 13:35:32 +0000

The nice person who discovered, and then reported without giving away too many details on how to reproduce the flaw, has confirmed that Microsoft are already working on a fix. Read more...

LulzSec warn NHS over security vunerability

Tom Dwyer — Thu, 09 Jun 2011 21:13:09 +0100

Lulz Security (LulzSec), a security group who are quickly gaining ground for some of their antics have warned the British NHS (National Health Service) that its network infrastructure is at risk and has the potential... Read more...

Cookie hijacking vulnerability discovered in Internet Explorer

Denis Wong — Fri, 27 May 2011 08:06:03 +0100

A security researcher has discovered a vulnerability in all versions of Internet Explorer, including IE9, on all versions of Windows. This vulnerability allows hackers to steal login information for any sites requiring passwords. The theft... Read more...

Red Robin forces phone number as password, says not to share

Christopher White — Fri, 06 May 2011 06:23:43 +0100

It seems that companies are losing our data left and right, making it difficult for consumers to protect their identity. Most web site logins consist of nothing more than a username/password combination, and many... Read more...

Adobe fixes critical vulnerability in Acrobat and Reader as exploits begin

Denis Wong — Fri, 22 Apr 2011 11:36:21 +0100

Adobe has released updates to Adobe Acrobat and Reader, fixing a critical vulnerability discovered last week in Adobe Flash 10.2. The vulnerability, which has since been fixed in a Flash update, could potentially allow an... Read more...

Major Dropbox security flaw discovered

Christopher White — Wed, 13 Apr 2011 05:24:48 +0100

Dropbox is a popular tool used to sync files between multiple computers and devices that a user owns. A user installs the software, designates a folder to keep syncronized, and is able to access those... Read more...

Patch Tuesday: whopping 64 vulnerabilities, 17 bulletins

Andrew Lyle — Fri, 08 Apr 2011 16:35:05 +0100

Microsoft is set to release a record breaking Patch Tuesday that contains 17 bulletins, fixing 64 vulnerabilities, according to the advanced notification. Microsoft patches security holes and vulnerabilities in all of their software products on... Read more...

Pwn2own day 2: iPhone 4 successfully hacked

Andrew Lyle — Fri, 11 Mar 2011 01:05:04 +0000

On the second day of the pwn2own competition in Vancouver B.C., hackers took to their devices and showed off what they have secretly been working on. After a successful first day, where we saw Safari... Read more...

Blogger vulnerability allows an attacker to gain admin rights

Andrew Lyle — Thu, 10 Mar 2011 17:42:36 +0000

A blog post and video surfaced today showing how an attacker could quickly and easily gain administrative privileges to your Blogger account. The video does show off some complex techniques, but could easily be duplicated... Read more...

Patch Tuesday: March 2011 edition

Andrew Lyle — Fri, 04 Mar 2011 20:11:01 +0000

Microsoft has issued an advanced security notification for the month of March 2011. Patch Tuesday, as nicknamed by Microsoft, where the company releases the latest security patches for Windows, Office, Internet Explorer and other Microsoft... Read more...

Patch Tuesday: IE CSS and MHTML fixes

Andrew Lyle — Fri, 04 Feb 2011 00:34:06 +0000

Microsoft has just issued an advanced security notification for the month of February 2011. Patch Tuesday, as nicknamed by Microsoft, where the company releases the latest security patches for Windows, Office, Internet Explorer and other... Read more...

Microsoft warns of Windows vulnerability that impacts all supported editions

Brenton Currie — Sun, 30 Jan 2011 08:56:49 +0000

Microsoft has warned of a vulnerability found across the range of desktop and server Windows offerings that could potentially allow an attacker to run malicious scripts through a web page. The vulnerability, which was first reported... Read more...

Microsoft patched 247 exploits in 2010

Andrew Lyle — Tue, 21 Dec 2010 03:57:48 +0000

The second Tuesday of every month, Microsoft issues the latest security and vulnerability patches for Windows, Microsoft Office, Internet Explorer and a variety of other software products. Microsoft Security Bulletin Advance Notification, or better known... Read more...

Windows 0-day vulnerability bypasses UAC

Brian Donohue — Thu, 25 Nov 2010 12:10:49 +0000

Winrumors has reported that a new 0-day vulnerability affecting Windows XP, Vista and 7 has been discovered. The vulnerability resides in win32k.sys, "the kernel mode part of the Windows subsystem." This exploit allows user priviledge... Read more...

iPad hack lets you download popular publications for free

Benjamin Rubenstein — Thu, 14 Oct 2010 19:58:44 +0100

NOTE: Neowin does not condone or support stealing content through exploiting software vulnerabilities. The process by which the below can be achieved will not be published on this website and may not be posted in... Read more...

Patch Tuesday: Record breaking 16 bulletins, 49 vulnerabilities

Andrew Lyle — Thu, 07 Oct 2010 20:13:57 +0100

Microsoft is set to release a record breaking Patch Tuesday that contains 16 bulletins, fixing 49 vulnerabilities, according to the advanced notification. Microsoft patches security holes and vulnerabilities in all of their software products on... Read more...