critical vulnerability

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Patch Tuesday heads-up: 9 bulletins, 5 critical

Patch Tuesday heads-up: 9 bulletins, 5 criticalI'm sorry, don't you mean..."Microsoft Warns of Critical Vulnerabilities?"RE: Patch Tuesday heads-up: 9 bulletins, 5 criticalI am sure that all these patches, after all the patches last month, the month before, etc. are for XP only.We have been assured repeatedly on this forum that...

Tags: Operating systems, Construction, Patches, Microsoft Windows Vista (Longhorn), Patch Tuesday heads-up, heads-up, Patch Tuesday, critical vulnerability, OSX, Microsoft Windows, Linux, window, Microsoft Corp., patch management

Discussion threads 2009-08-06

Critical vulnerability in Adobe Acrobat, Reader: Patch coming March 11

Critical vulnerability in Adobe Acrobat, Reader: Patch coming March 11not a good advice...Your suggestion doesn't solve the problem, you are still vulnerable. These are some better suggestions:- Use another pdf reader like Sumatra on Windows, and Okular/etc on Linux- Ask people to send you files on some other format- Run...

Tags: Foxit Reader, Adobe Systems Inc., Adobe Acrobat, Adobe Acrobat Reader, critical vulnerability

Discussion threads 2009-02-20

Critical vulnerability in Adobe Acrobat, Reader: Patch coming March 11

Adobe said that a critical vulnerability resides in Adobe Reader and Acrobat 9 and earlier versions. Unfortunately, Adobe won't be updating Reader and Acrobat 9 until March 11.  Adobe said the vulnerability "would cause the application to crash and could potentially allow an attacker to take control...

Tags: Adobe Systems Inc., Critical Vulnerability, Adobe Acrobat, Adobe Acrobat Reader, Patches, Security, Larry Dignan

Blog posts 2009-02-20

uTorrent silently patches critical vulnerability

If uTorrent is the client you use to download files, now might be a good time to hit that "check for updates" button. According to security alerts aggregator Secunia, there's a "highly critical" uTorrent vulnerability that could allow remote code execution attacks with rigged .torrent files. ...

Tags: Critical Vulnerability, Vulnerability, Patch Management, µTorrent, Rhys Kidd, Security, Ryan Naraine

Blog posts 2008-08-18

David Litchfield on details of one of the critical vulnerabilities from the latest Oracle patch

More details coming out on the Oracle patches that were released last week, see Ryan Naraine's write up here.  David Litchfield, noted security researcher from NGSSoftware, released details of one of the vulnerabilities on the Full-Disclosure email list today, and the details are staggering.  The flaw allows potential unauthenticated remote...

Tags: Oracle Application Server, Oracle Corp., Database Server, Critical Vulnerability, Application Servers, Middleware, Databases, Enterprise Software, Security, Software, Data Management, Nathan McFeters

Blog posts 2008-07-15

Firefox 2 dirty dozen: Critical vulnerabilities patched

Firefox 2 dirty dozen: Critical vulnerabilities patchedWasn't Able to Upgrade to 3.0On my main XP Pro machine, with a dozen or so add-ons, I wasn't able to go to FF 3.0. The app does its analysis, says it's going to disable incompatible add-ons as usual, then just hangs, running in...

Tags: Web browsers, Microsoft Windows XP, Desktops, Mozilla Firefox, critical vulnerability, Mozilla Firefox 2.0

Discussion threads 2008-07-03

Firefox 2 dirty dozen: Critical vulnerabilities patched

Mozilla has shipped a high-priority update for Firefox 2, warning that there are at least five serious vulnerabilities that could lead to code execution attacks. With Firefox 2.0.0.15, Mozilla fixes at least 12 documented vulnerabilities -- five rated critical --  that could put users at risk...

Tags: Mozilla Firefox 3.0, Mozilla Firefox, Critical Vulnerability, XSS, Mozilla Firefox 2.0, MFSA, Web Browsers, Internet, Ryan Naraine

Blog posts 2008-07-02

Think 'Patch Tuesday' is just for Microsoft? Think again!

Multiple Cisco vulnerabilities affecting IPS functionality in routers, PIX/ASA/FWSM firewalls, Switches. Multiple Cisco vulnerabilities affecting SIP/FTP/HTTP inspection in PIX/ASA products. While the patches are available, most Cisco devices are rarely if ever patched. For example, here is a long list of issues within the last three months...

Tags: VoIP, Browsers, Desktop, Vista, Hardware, Networking, Mobile/Wireless, Security

Blog posts 2007-02-16

Additional Resources

Microsoft bracing for malware attacks from embedded fonts

It's only a matter of time before malicious hackers start exploiting a critical Windows vulnerability via booby-trapped Web pages or Office Word or PowerPoint documents. by Ryan Naraine

Tags: Malware, Microsoft Corp., Font, Attack, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Microsoft Office, Office Suites, Software, Ryan Naraine

Blog posts 2009-11-12

Microsoft patches Windows worm holes, drive-by download flaws

HolesIt is like trying to patch a rotten ship!Does that mean Linux is a rotten ship too?NTAnd unfortunately most of the world is on that ship And unfortunately most of the world is on that ship RE: Microsoft patches Windows worm holes, drive-by download flawsAll OS are subject to "Intrusion...

Tags: Linux, Patches, Construction, Operating systems, SECURITY, Microsoft patches Windows worm hole, Microsoft patches Window, worm hole, Microsoft Patches, flaw, Microsoft Corp., patch management, attacked, window, Microsoft Windows

Discussion threads 2009-11-10

News to know: Apple; Alex; Microhoo; Droid; FCC

Here are today's notable headlines. You can get News To Know via email alert and RSS daily. For continuous updates see BNET's around-the-Web tech coverage. Sam Diaz: Another strong quarter for Apple; credit strong iPhone, Mac sales Jason D. O'Grady: Apple announces most profitable...

Tags: FCC, Google Inc., Larry Dignan, Advertisement, Information Technology, Dana Blankenhorn, Mary Jo Foley, Apple Inc., Microsoft Corp., Adrian Kingsley-Hughes, Sam Diaz, Microsoft Windows 7, Microsoft Windows, E-books, Federal Government, Service-Oriented Architecture (SOA), Operating Systems, Software, Personal Technology, Government, Web Services, Enterprise Software

Blog posts 2009-10-20

Microsoft: Human error caused critical SMB2 vulnerability

did not explain why the fix was not back-ported to Windows Vista and other That very bad. I was wondering this myself when news broke that Win 7 was not vulnerable.What were they thinking? Fixing a bug and "forgetting" that other versions may actually be vulnerable?Or had they actually recorded...

Tags: Microsoft Windows Vista (Longhorn), SECURITY, Hulu Desktop, Microsoft Corp., critical SMB2 vulnerability, SMB2, SMB2 vulnerability, vulnerability, Microsoft Windows Vista

Discussion threads 2009-10-19

Microsoft: Human error caused critical SMB2 vulnerability

Microsoft is blaming human error for the the critical SMB v2 vulnerability that exposed Windows users to remote code execution attacks by Ryan Naraine

Tags: Vulnerability, Microsoft Corp., Error, Smb/Sme, Security, Ryan Naraine

Blog posts 2009-10-19

Patch Tuesday: MS plugs critical IE, Windows Media Player holes

Is MS going to pay for my Gb/month overage?With ISPs grasping for profits I see the day when the "download cost" of these mega-patches become an issue!RE: Patch Tuesday: MS plugs critical IE, Windows Media Player holesWow, my Microsoft software is sure to be secure now.GOOD JOB!If only other manufacturers...

Tags: Patches, Microsoft Internet Explorer, media player, patch management, Adobe Systems Inc., Microsoft Corp.

Discussion threads 2009-10-13

New Adobe PDF flaw under attack; Patch coming Tuesday

Adobe has confirmed a critical, unpatched vulnerability in its PDF Reader/Acrobat software is being exploited by malicious attackers. by Ryan Naraine

Tags: Adobe PDF, Flaw, Attack, Security, Ryan Naraine

Blog posts 2009-10-09

L0phtCrack 6.0.7 (Windows)

L0phtCrack is back. It's time to audit your passwords. L0phtCrack 6 is the award-winning password audit and recovery tool for Windows and Unix passwords. Security experts from industry, government, and academia agree that weak passwords represent one of the ten most critical internet security threats, and are receiving more attention...

Tags: Password, Microsoft Windows, L0phtCrack, L0phtCrack 6

Software downloads 2009-10-05

From Gimmiv to Conficker: The lucrative MS08-067 flaw

GENEVA -- The critical MS08-067 vulnerability used by the Conficker worm to build a powerful botnet continues to be a lucrative security hole for cyber criminals. During a presentation at the Virus Bulletin 2009 conference here, a trio of Microsoft researchers dissected the malware attacks linked to...

Tags: Flaw, Malware, Conficker, MS08-067, Spyware, Adware & Malware, Cyberthreats, Viruses And Worms, Security, Ryan Naraine

Blog posts 2009-09-23

Microsoft ships one-click 'workaround' for critical SMB2 flaw

With exploit code in circulation and facing a race against time to fix the SMB v2 vulnerability haunting Windows Vista and Windows Server 2008, Microsoft has shipped a one-click "fix-it" workaround to help users avoid malicious hacker attacks. by Ryan Naraine

Tags: Workaround, Flaw, Microsoft Corp., Microsoft Windows, Microsoft Windows Server 2008, Smb/Sme, Hacking, Security, Operating Systems, Software, Ryan Naraine

Blog posts 2009-09-18

Sun patches 'critical' StarOffice/StarSuite flaw

Sun patches Openoffice.org with 3.1.1The security problem in "CVE-2009-0200 / CVE-2009-0201: Manipulated Microsoft Word files can lead to heap overflows and arbitrary code execution" was patched in Openoffice.org in version 3.1.1.http://www.openoffice.org/security/bulletin.htmlMikeOpen_Office is FREEIf you run a Linux distro with Open_Office you are immune from 99.99% of this Windows silliness....So, Linux...

Tags: Operating systems, UNIX, Microsoft Windows, OPEN SOURCE, PRODUCTIVITY, Cyberthreats, Linux, Sun Microsystems Inc., patch management

Discussion threads 2009-09-18

Sun patches 'critical' StarOffice/StarSuite flaw

Sun Microsystems has shipped a fix for a critical vulnerability affecting its StarOffice/StarSuite product lines. by Ryan Naraine

Tags: Sun Microsystems Inc., Flaw, Patch Management, Patches, Ryan Naraine

Blog posts 2009-09-18