Apple has plugged a gap in their App Store security, 6 months after a Google security researcher alerted them to the problem which could allow hackers access to sensitive information. More...
Oracle's most famous product, Java, has a few more woes to add to its past week after a Polish security firm discovered two more potential weaknesses hackers could use in future attacks. More...
It seems that Syba, a fairly well-known PC components manufacturer, has been compromised by a bit of JavaScript based trickery capable of rerouting data and generally messing up your time online. More...
Another day, another Java security flaw. To quote the movie Wargames, "the only winning move is not to play." In this case, that means to constantly update Java and use it only if absolutely necessary More...
The nice person who discovered, and then reported without giving away too many details on how to reproduce the flaw, has confirmed that Microsoft are already working on a fix. More...
Lulz Security (LulzSec), a security group who are quickly gaining ground for some of their antics have warned the British NHS (National Health Service) that its network infrastructure is at risk and has the potential... More...
A security researcher has discovered a vulnerability in all versions of Internet Explorer, including IE9, on all versions of Windows. This vulnerability allows hackers to steal login information for any sites requiring passwords. The theft... More...
It seems that companies are losing our data left and right, making it difficult for consumers to protect their identity. Most web site logins consist of nothing more than a username/password combination, and many... More...
Adobe has released updates to Adobe Acrobat and Reader, fixing a critical vulnerability discovered last week in Adobe Flash 10.2. The vulnerability, which has since been fixed in a Flash update, could potentially allow an... More...
Dropbox is a popular tool used to sync files between multiple computers and devices that a user owns. A user installs the software, designates a folder to keep syncronized, and is able to access those... More...
Microsoft is set to release a record breaking Patch Tuesday that contains 17 bulletins, fixing 64 vulnerabilities, according to the advanced notification. Microsoft patches security holes and vulnerabilities in all of their software products on... More...
On the second day of the pwn2own competition in Vancouver B.C., hackers took to their devices and showed off what they have secretly been working on. After a successful first day, where we saw Safari... More...
A blog post and video surfaced today showing how an attacker could quickly and easily gain administrative privileges to your Blogger account. The video does show off some complex techniques, but could easily be duplicated... More...
Microsoft has issued an advanced security notification for the month of March 2011. Patch Tuesday, as nicknamed by Microsoft, where the company releases the latest security patches for Windows, Office, Internet Explorer and other Microsoft... More...
Microsoft has just issued an advanced security notification for the month of February 2011. Patch Tuesday, as nicknamed by Microsoft, where the company releases the latest security patches for Windows, Office, Internet Explorer and other... More...
Microsoft has warned of a vulnerability found across the range of desktop and server Windows offerings that could potentially allow an attacker to run malicious scripts through a web page. The vulnerability, which was first reported... More...
The second Tuesday of every month, Microsoft issues the latest security and vulnerability patches for Windows, Microsoft Office, Internet Explorer and a variety of other software products. Microsoft Security Bulletin Advance Notification, or better known... More...
Winrumors has reported that a new 0-day vulnerability affecting Windows XP, Vista and 7 has been discovered. The vulnerability resides in win32k.sys, "the kernel mode part of the Windows subsystem." This exploit allows user priviledge... More...
NOTE: Neowin does not condone or support stealing content through exploiting software vulnerabilities. The process by which the below can be achieved will not be published on this website and may not be posted in... More...
Microsoft is set to release a record breaking Patch Tuesday that contains 16 bulletins, fixing 49 vulnerabilities, according to the advanced notification. Microsoft patches security holes and vulnerabilities in all of their software products on... More...
Twitter may be suffering from yet another embarrassing software security vulnerability, according to SearchEngineWatch.com. Apparently, if you use you Twitter credentials to log in to a third-party website, that site could gain access to your... More...
Neowin User Michael Forcer tipped us off to a potentially dangerous new cross-site-scripting vulnerability in Twitter. The script (for the sake of disclosure as this vulnerability is making the rounds): http://twitter.com/[yoururl]#@"style="background-color:white;color:white"onmouseover="alert(insert script here)"/ The URL exploited the... More...
Apple released another update for the iPod touch, iPhone 3G, 3GS and 4 today, patching two security holes in the operating system. iOS 3.2.2 for the iPad has also been released. The update patches a security... More...
Microsoft announced today that it will be releasing a mega ‘Patch Tuesday', where they will fix security holes and vulnerabilities in their software. The record breaking update will deliver 14 security bulletins, fixing a record-tying 34... More...
Microsoft is planning to release an out of band security update today to address the Windows shortcut vulnerability. The vulnerability is caused by an error in Windows Shell when parsing shortcuts (.lnk). The flaw can be... More...
Microsoft announced on Tuesday that it plans to extend its Active Protections Program (MAPP) to include vulnerability information sharing from Adobe. The announcement, made at the Black Hat USA 2010 conference, called upon the broader security... More...
Researchers at wireless security company AirTight Networks have uncovered a vulnerability in the widely used WPA2 security protocol, part of the 802.11 standard. The vulnerability, termed "Hole 196", which can be exploited by attackers already... More...
Microsoft released a temporary "Fixit" workaround on Tuesday, to protect Windows users against a critical unpatched Windows Shell vulnerability. Microsoft issued a security bulletin on Friday to warn customers of a 0-day exploit involving the Windows... More...
Microsoft issued a security bulletin on Friday to warn customers of a 0-day exploit involving the Windows Shell. The vulnerability is caused due to an error in Windows Shell when parsing shortcuts (.lnk). The flaw can... More...
Attacks on an unpatched flaw in Windows XP have increased recently, says Microsoft. Microsoft issued a Security Advisory on June 10, warning of an unpatched vulnerability in the Windows Help and Support Center function in Windows... More...
Adobe released an advisory earlier this week regarding a critical vulnerability found in Flash and Acrobat. The company now plans to issue an emergency patch to fix the Flash flaw on Thursday June 10. The vulnerability,... More...
Adobe has released an advisory regarding a critical vulnerability found in Flash and Acrobat. The vulnerability, found in authplay.dll can allow an attacker to crash and potentially control an affected system. There is not currently an... More...
A new vulnerability has been revealed today that can access your data on your iPhone, even when your phone is in a locked and un-jailbroken state. PIN codes to protect users from accessing your... More...
Microsoft said on Tuesday that it is investigating a publicly reported vulnerability in the Windows Canonical Display Driver (cdd.dll) affecting 64-bit versions of Windows 7 and Windows Server 2008 R2. The flaw resides in the Canonical... More...
The security firm, Core Security Technologies, has gone through Microsoft's monthly Windows patches and found three bugs that were silently patched through other patches. As part of Microsoft's internal policies, they do not disclose bugs... More...
Microsoft said on Tuesday that it has released a new out-of-band cumulative update for Internet Explorer 6 and 7 users. The update (MS10-018) fixes 10 flaws, with the most serious allowing remote attackers to execute arbitrary... More...
2010 hasn't seen a particularly good start to the year for Microsoft's flagship browser, Internet Explorer. Microsoft officials are now warning that a new vulnerability has been discovered in Internet Explorer running on Windows XP. Secunia,... More...
A computer security expert believes that nine in every ten Oracle databases are vulnerable to an attack that would give hackers access and control over sensitive corporate and government database systems, without the need for... More...
_medium.jpg)
Microsoft issued an advanced bulletin notification on Thursday detailing 26 vulnerabilities the company plans to fix on Tuesday February 9. February's Patch Tuesday will include 13 bulletins - five rated Critical, seven rated Important, and one... More...
Microsoft has confirmed it is on course to issue a patch next Tuesday for a recently discovered 17 year old Windows vulnerability. In January Neowin reported on the recent discovery of a Windows vulnerability that... More...
Microsoft issued a new security advisory on Wednesday, warning of a potential flaw in Internet Explorer which could allow third-parties access to data. "Our investigation so far has shown that if a user is using a... More...
Only a day after the recent out-of-band Internet Explorer vulnerability patch, a new un-patched Internet Explorer flaw could leave thousands of users at risk. The new attack uses smaller un-patched vulnerabilities in Internet Explorer, small... More...
Microsoft has issued security hot-fixes to patch a security vulnerability in Internet Explorer which saw Google fall victim to some targeted and sophisticated attacks recently. The vulnerability was unveiled when Google went public that they were... More...
Yesterday Neowin reported on the recent discovery of a Windows vulnerability that has existed since the release of Windows NT 3.1 in 1993. The vulnerability has only recently been published but it appears 32-bit Windows... More...
As Neowin reported yesterday, the out-of-band security vulnerability patch will be released on January 21, 2010. The security patch will address a remote code execution hole found in Internet Explorer 6, 7 and 8.... More...
When it comes to updating security threats and bugs in their operating systems, Microsoft is, for the most part, pretty good about it. True, there are threats here and there that get overlooked, but eventually,... More...
Microsoft has issued a statement confirming that it plans to release a patch for a security vulnerability in Internet Explorer which saw Google fall victim to some targeted and sophisticated attacks recently. George Stathakopoulos, Microsoft Security,... More...
Microsoft has had a torrid time over the past week as governments and customers question the security of the popular web browser, Internet Explorer. The issues began when Google went public that they were targeted in... More...
Following in the footsteps of Germany last week, France is now advising its population to use an alternative browser pending a patch for an Internet Explorer vulnerability. The French Computer Emergency Response Team (CERT) published an... More...
Microsoft warned yesterday that hackers are using QuickTime media files to exploit an unpatched 0-day vulnerability in DirectShow. In a posting on Microsoft's security response center blog company officials confirmed the new vulnerability affects Microsoft... More...