Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- sort by:
- Relevance
- Date
- Popularity
- Protocol handlers cause Mozilla Firefox 3 remote command execution vulnerabilities
- Protocol handlers cause Mozilla Firefox 3 remote command execution vulnerabilitiesThe point is moot......[b]if[/b] you put your FF session in an AppArmor 'sandbox'--the below comes FREE as in beer in openSUSE /etc/apparmor/profiles/extras. Just go into YaST control center->AppArmor->Manually Add Profile and select both usr.lib.firefox.firefox-bin and *.firefox.sh and you are golden--a five-minute...
- Discussion threads 2008-07-16
- Skype: Video chat feature meets code execution vulnerability
- Skype: Video chat feature meets code execution vulnerabilitySkype Security BlogSkype provides a full description of the vulnerability on its Security Blog and the steps that have been taken to neutralize the problem so it doesn't affect users - http://share.skype.com/sites/security/2008/01/skype_cross_zone_scripting_vul.htmlRE: Skype: Video chat feature meets code execution vulnerabilityI tried that test...
- Discussion threads 2008-01-18
- OpenOffice plugs code execution vulnerability
- OpenOffice plugs code execution vulnerabilityNot black and white[i]Bottom line: If you're running any version other than OpenOffice.org 2.3.1 you should upgrade.[/i]... assuming that HSQLDB is installed, which isn't by any means certain. For those of us who don't use it, the bug is a non-issue.RE: OpenOffice plugs code execution...
- Discussion threads 2007-12-05
- Critical IE, Excel updates headline bumper Patch Tuesday
- Microsoft has shipped a major Internet Explorer update to cover at least three code execution vulnerabilities in its flagship Web browser.The cumulative IE update (MS07-045) headlines a bumper batch of nine bulletins that contains fixes for 14 documented software vulnerabilities.The update affects IE 5.0 through IE 7.0 on Windows Vista...
- Blog posts 2007-08-14
- MS Patch Tuesday: Vista dinged again
- The carefully crafted image of Windows Vista as the most secure operating system of all time is beginning to take a beating.For the second time this month, Microsoft has shipped a security bulletin with patches for a "critical" Vista vulnerability that puts millions of users at risk of code execution...
- Blog posts 2007-04-10
Additional Resources
- Exploit published for critical IE 7 zero-day flaw
- Do you mean:"The vulnerability was confirmed on fully patched Windows XP SP3 systems with Internet Explorer 6 and [b]7[/b]."Also how effective is the exploit with Protected Mode and limited user account usage? I'd like to see more information on how these two mitigation techniques work against exploits. I suspect the...
- Discussion threads 2009-11-23
- Microsoft confirms 'detailed' Windows 7 exploit
- Ummm interesting....so just block 139 and 445...445? great that port aggain.Is SMB blocked to/from internet by th firewall by default?RE: Microsoft confirms 'detailed' Windows 7 exploitPorts 139 and 445 are blocked by default for Internet access by Windows firewall in Windows 7 and any commerical hardware firewall. They are enabled...
- Discussion threads 2009-11-16
- Apple Safari exposes Windows to drive-by download attacks
- "May lead"?Whenever I see these kinds of statements, regardless of platform, I always wonder if the "may" in "may lead to?arbitrary code execution" is equivalent to the odd, statistically improbable and realistically negligible but observed drug side-effect possibilities, like dry-mouth from eye drops or headaches from suppositories or whether it's...
- Discussion threads 2009-11-11
- Microsoft: Human error caused critical SMB2 vulnerability
- did not explain why the fix was not back-ported to Windows Vista and other That very bad. I was wondering this myself when news broke that Win 7 was not vulnerable.What were they thinking? Fixing a bug and "forgetting" that other versions may actually be vulnerable?Or had they actually recorded...
- Discussion threads 2009-10-19
- Microsoft: Human error caused critical SMB2 vulnerability
- Microsoft is blaming human error for the the critical SMB v2 vulnerability that exposed Windows users to remote code execution attacks by Ryan Naraine
- Blog posts 2009-10-19
- Mozilla blocks dangerous MS .NET Firefox add-on
- RE: Mozilla blocks dangerous MS .NET Firefox add-onIf it had to be blacklisted or not I really don't care now. Implementing code without end user permission is enough reason. We all know MS ways so I am glad Mozilla people used this way and hope they keep doing it in...
- Discussion threads 2009-10-19
- Mozilla blocks (then unblocks) dangerous MS .NET Firefox add-on
- The move comes in the wake of an admission from Microsoft that the add-on was exposing users to drive-by malware downloads via a remote code execution vulnerability. by Ryan Naraine
- Blog posts 2009-10-19
- Microsoft exposes Firefox users to drive-by malware downloads
- The Microsoft .NET Framework Assistant add-on that Microsoft sneaked into Firefox without permission from end users is vulnerable to a serious code execution vulnerability. by Ryan Naraine
- Blog posts 2009-10-16
- New Adobe PDF flaw under attack; Patch coming Tuesday
- Note to all Knuckleheads....The vulnerability affects Adobe Reader and Acrobat 9.1.3 and earlier versions on Windows, Macintosh and UNIXWhy announce at all? Just fix the thingI'm getting really tired of any company that gives the ostensibly obligatory "We're on that!" and then it's some time before the fix comes. These...
- Discussion threads 2009-10-09
- From Gimmiv to Conficker: The lucrative MS08-067 flaw
- GENEVA -- The critical MS08-067 vulnerability used by the Conficker worm to build a powerful botnet continues to be a lucrative security hole for cyber criminals. During a presentation at the Virus Bulletin 2009 conference here, a trio of Microsoft researchers dissected the malware attacks linked to...
- Blog posts 2009-09-23
- Sun patches 'critical' StarOffice/StarSuite flaw
- Sun patches Openoffice.org with 3.1.1The security problem in "CVE-2009-0200 / CVE-2009-0201: Manipulated Microsoft Word files can lead to heap overflows and arbitrary code execution" was patched in Openoffice.org in version 3.1.1.http://www.openoffice.org/security/bulletin.htmlMikeOpen_Office is FREEIf you run a Linux distro with Open_Office you are immune from 99.99% of this Windows silliness....So, Linux...
- Discussion threads 2009-09-18
- News to know: Apple; AT&T; Google Books; Palm Pixi; Verizon; Best Buy-Microsoft
- Here are today's notable headlines. You can get News To Know via email alert and RSS daily. For continuous updates see BNET's around-the-Web tech coverage. Sam Diaz: Live blog from Apple's "It's only Rock n Roll" event Apple afterthoughts: The real news is what...
- Blog posts 2009-09-10
- iPhone, QuickTime bitten by security bugs
- Ryan, can you explain that? [was: Liars! This is Teh Unpossible!!]Wonder why these have not been tagged with the word "gaping" in the title? Weird.Does QuickTime have any secure code in it?I must say that I'm impressed with how many gaping security holes Apple has managed to cram into a...
- Discussion threads 2009-09-09
- Microsoft confirms SMB2 vulnerability, warns of code execution risk
- Feel free to delete this Ryan.ThanksIsn't it about time we stop playing nice andfind these people who create such an endless stream of blank and do a bit of Vlad the Impaler on them? Catch em... give them a fair trial (I want to be certain we publicly impale...
- Discussion threads 2009-09-09
- Microsoft confirms SMB2 vulnerability, warns of code execution risk
- Microsoft has issued a formal security advisory to confirm the remote reboot flaw in its implementation of the SMB2 protocol, going a step further to warn that a successful attack could lead to remote code execution and full system takeover. by Ryan Naraine
- Blog posts 2009-09-09
- << Previous
- page 1 of 1
- Next >>
Content Types
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- The best support in the Linux business
-
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
- Learn more >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Learn more about tools to grow your business
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Save time with the UPS Business Essentials Guide
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
Meet Doc
-
-
Here to help you with your Document Management Needs
- Check out Doc’s Blog on ZDNet
- Help your company, help the earth I want to share with you the Environmental Defense Fund Paper Calculator, which allows you to gauge your organization's environmental impact.
- Which is Greener: Paper or Digital? The Answer May Surprise You Anything we can do to reduce paper consumption is good. But what about the impact of digital waste?
-
Produced by
ZDNet and -
