Exploit code is out for critical Yahoo Messenger flaws found by eEye Digital Security earlier this week. Both of the flaws, which allow for system hijacking, are boundary errors in two ActiveX controls in Yahoo... More...
Finnish security vendor F-Secure has patched multiple vulnerabilities in three product lines: F-Secure's Anti-Virus, Internet Gatekeeper and Internet Security product suites. A buffer overflow vulnerability lying in the processing of LHA archives could have allowed... More...
Apple has released the year's fifth major security update for Mac OS X to patch 17 vulnerabilities, the first time this year that an OS security update from Apple did not patch a vulnerability disclosed... More...
Trend Micro has patched a pair of remote code execution vulnerabilities in ServerProtect, its server-based antivirus software, that could open the door for attackers to gain control over affected machines. Both are stack-based buffer overflow... More...
Microsoft has released its May set of security patches, fixing critical bugs in Word, Excel, Windows, Office, Internet Explorer, Exchange and the CAPICOM cryptography technology used by BizTalk Server. Microsoft rates all seven groups of... More...
Apple has issued a security update for Mac OS X that addresses 25 security flaws affecting various parts of the operating system, including some third-party components such as the Kerberos authentication technology. The most serious... More...
Right after Microsoft's April Patch Tuesday, several security Web sites reported four new vulnerabilities, only to have Microsoft dispute that none of the three alleged to affect Word 2007 "demonstrate any vulnerability in Word 2007... More...
The Mozilla Foundation has published a fix for a "critical" JavaScript vulnerability in the Firefox browser and the SeaMonkey application suite. The fix, released Monday, targets Firefox versions 2.0.0.2 and 1.5.0.10, as well as SeaMonkey... More...
Microsoft and Mozilla are each working to tackle recently disclosed security flaws in the Internet Explorer and Firefox Web browsers. The vulnerabilities were described earlier this week in postings to a popular security mailing list... More...
Microsoft on Tuesday released fixes for 20 vulnerabilities in a variety of products including Windows, but none of the operating system flaws affect Vista. The fixes arrived in a dozen security bulletins, released as part... More...
As a part of its quarterly patch cycle, Oracle released fixes for 51 vulnerabilities that affect its software products. The California company preannounced the patch release on Thursday (for the first time) and released patches... More...
Thanks to ThePitt for posting this in BPN. VeriSign's iDefense Labs is offering money for remote code execution holes in Windows Vista and Internet Explorer 7 as a part of its pay-for-flaw VCP (Vulnerability Contributor... More...
Apple Computer has shipped a monster security update to correct a total of 22 vulnerabilities in its Mac OS X operating system. The Cupertino, Calif, company's patch batch includes a fix for a critical Wi-Fi... More...
Microsoft plans to issue nearly a dozen security patches on Tuesday, including critical fixes for Windows and Office. It will release six updates for the operating system and four for the office suite, according an... More...
Microsoft's Internet Explorer isn't the only Web browser with serious security issues. Mozilla on Sept. 15 shipped a "highly critical" Firefox update to correct a range of security flaws that could lead to security bypass,... More...
On Tuesday, Apple Computer released an update for its Mac OS X operating system to fix 26 security flaws, some serious. Several of the vulnerabilities affect the way in which Mac OS X handles images... More...
Frustrated with what he calls a lack of response from Microsoft and Amazon.com, a security researcher has gone public with details of flaws on the two companies' Web sites. The flaws could be used by attackers... More...
Serious flaws in Mac OS X and QuickTime software could put Macintosh and Windows systems at risk of cyber attack, Apple has warned. In a pair of security alerts released on Thursday, Apple outlined 31... More...
Web and print publishing software maker Adobe Systems has pushed out security patches to cover a potentially serious code execution flaw in the Adobe Creative Suite 2 platform. The flaw, which carries an "important" rating,... More...
Two flaws in RealNetworks' popular RealPlayer could let attackerscommandeer Windows computers running the software, eEye DigitalSecurity has warned. The vulnerabilities affect RealPlayer on all versions ofWindows, according to two short advisories... More...
Digital media delivery firm RealNetworks Inc. late Thursday shipped a major security update for its RealPlayer software to patch a pair of remote code execution vulnerabilities. The security holes, which were reported to RealNetworks more... More...
Microsoft claims it has not gained anything from the recent spate of security flaws that have been discovered in Firefox, even though the open-source browser is a rising rival to the software giant's Internet Explorer.... More...
Two serious security flaws in a technology widely used for network authentication could expose a swath of software products to hacker attack, experts have warned. The flaws could allow an online intruder... More...
Digital-media delivery company RealNetworks on Thursday rolled out patches for four high-risk vulnerabilities in its flagship RealPlayer software, warning that the flaws put millions of users at risk of PC hijack attacks. The Seattle, Wash.-based... More...
Sun Microsystems has fixed a pair of security bugs in Java that could be exploited by attackers to take over computers running Windows, Linux and Solaris. The flaws are "highly critical," security... More...
Internet security specialist iDefense Inc. has released a reverse-engineering tool to the open-source community as part of its controversial strategy of buying the rights to information on security flaws found by underground researchers. The decision... More...
German security researcher Stefan Esser has discovered multiple vulnerabilities in smbfs, the mountable SMB (Server Message Block) file system for Linux. In an advisory made public Wednesday, Esser said the bugs theoretically could crash the... More...
Microsoft Corp. Thursday said it is investigating claims that several new vulnerabilities have been found in Windows XP Service Pack 2 by security firm Finjan Software Inc. in San Jose, Calif. Finjan on Tuesday announced... More...
Just one day after the Mozilla Foundation released Firefox 1.0, the group has revealed that prior versions of the open-source browser pose a security threat to users. According to information released by Mozilla, multiple security... More...
RealNetworks Inc. and KDE eV on Tuesday both released patches for their desktop software, fixing serious security holes that could allow an attacker to take over a user's system. The update to KOffice, the productivity... More...
Microsoft on Tuesday published 10 software security advisories, warning Windows users and corporate administrators of 22 new flaws that affect the company's products. The advisories, and patches published with the bulletins, range... More...
Thanks cybershark, and jon. Windows clients running the popular WinZip application are at risk from a number of critical security flaws, according to WinZip Computing and security researchers. The compression/decompression tool is one... More...
EEye Digital Security has uncovered new security holes affecting a wide range of RealNetworks' media players, the latest desktop-based bugs set to worry IT managers. The flaws could be exploited via a malicious Web page... More...
After releasing their much awaited preview release of Firefox 1.0, the Mozilla Foundation has issued a warning about seven critical security issues with three of its flagship products. Any product versions prior... More...
Apple Computer released an update to its Mac OS X operating system on Tuesday to fix 15 security issues in the software. Many of the problems are flaws in the operating system's underlying open-source software,... More...
Today Yahoo fixed two serious security flaws in its popular e-mail system. Yahoo was alerted of these security problems towards the end of May and June. So why is it that Yahoo took... More...
German Internet security experts Heise Security have discovered what it calls two "flaws" in Service Pack 2. Microsoft has said its Service Pack 2 offers users the latest security "innovations," but Internet security experts said... More...
Thanks supernova_00 for informing me about News.com mistake. Always on top of things The Mozilla Foundation released a patch yesterday for two security bugs, but the updated end-user releases of Mozilla products are not... More...
RealNetworks has patched two highly critical holes in its media player. The bugs could allow an attacker to run malicious code by directing users to a specially-crafted Web page, via an email message for example,... More...
Yesterday some security researches found six flaws in Concurrent Versions System (CVS) one of the open-source community's most popular programs for marinating code under development. Some of the most popular open-source projects use CVS.... More...
Micro-Star International Co. Ltd., one of the world's top makers of computer motherboards, has been sued by a Vermont company seeking class-action status over claims that MSI's boards use a defective technology and are prone... More...
Is this part of the trend of security attacks on Linux? Flaws in two popular source code database applications could allow attackers to access and corrupt open-source software projects, according to a... More...
Thanks to the guys at AW for sharing this. A flaw in Microsoft's MSN Explorer software has allowed some Web surfers to gain free access to features and services that normally cost $9.95 a month,... More...
RealNetworks Inc.'s media player software contains vulnerabilities that could let an attacker take control of a PC on which the software is used to download multimedia files, the company confirmed this week. Corrupt... More...
RealNetworks acknowledged on Wednesday that three flaws affecting different versions of its media player could allow attackers to create corrupt music or video files that, when played, take control of a victim's PC. ... More...
A technical review conducted by the British government has found several security flaws in products that use VoIP and text messaging, including those from Microsoft and Cisco Systems. The flaws affect software... More...
A set of five unpatched scripting vulnerabilities in Internet Explorer creates a mechanism for hackers to compromise targeted PCs. The vulnerabilities, unearthed by Chinese security researcher Liu Die Yu, enable malicious Web sites and viruses... More...
Apple Computer Inc. said in a statement given to MacCentral on Friday that the company would be fixing security flaws uncovered in Mac OS X Jaguar by Cambridge, MA-based security research firm @Stake earlier this... More...
Although Microsoft Windows vulnerabilities get most of the headlines, researchers this week identified vulnerabilities in two commonly used open-source software products. The more serious of the vulnerabilities affects Sendmail, an open-source program for... More...
A security research company has released its own patch for critical flaws in a popular computer game, saying it had waited months for the game's creator to do something. Earlier this week, Newport, Calif.-based... More...