exploit

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Exploit published for critical IE 7 zero-day flaw

Do you mean:"The vulnerability was confirmed on fully patched Windows XP SP3 systems with Internet Explorer 6 and [b]7[/b]."Also how effective is the exploit with Protected Mode and limited user account usage? I'd like to see more information on how these two mitigation techniques work against exploits. I suspect the...

Tags: Web browsers, EXPLORER, Microsoft Security Essentials, Microsoft Internet Explorer, critical IE 7 zero-day flaw, IE 7 zero-day flaw, Microsoft Internet Explorer 7, zero-day bug, exploit

Discussion threads 2009-11-23

Microsoft confirms 'detailed' Windows 7 exploit

Ummm interesting....so just block 139 and 445...445? great that port aggain.Is SMB blocked to/from internet by th firewall by default?RE: Microsoft confirms 'detailed' Windows 7 exploitPorts 139 and 445 are blocked by default for Internet access by Windows firewall in Windows 7 and any commerical hardware firewall. They are enabled...

Tags: Firewalls, SMB/SME, SMB protocol, Microsoft Windows 7, firewall, Windows 7 exploit, Microsoft Windows, small and medium business, Microsoft Windows Vista, operating system, Microsoft Corp.

Discussion threads 2009-11-16

Mac OS X mega patch covers 58 security vulnerabilities

Yikes, that sounds bad[i]The majority of the flaws could allow a remote attacker to gain complete control of an unpatched system, meaning that this update carries an "extremely critical rating."[/i]Makes me glad I run an alternate OS.473MB?!?!?!How do dial up users get this update?There is a potential positive spin on...

Tags: Patches, Desktops, Apple Mac OS, Apple Mac OS X, Apple Macintosh, patch management, Apple Inc., exploit, security

Discussion threads 2009-11-09

Time to ditch Windows for online banking and shopping

Instead of a live CDWould I be able to install Linux in Windows and do the same?Amen! Happened today to a gov't computerhttp://www.pennlive.com/midstate/index.ssf/2009/10/computer_hacker_steals_479000.htmlYet another infected computer stealing OUR money.Absolutely ridiculous and irresponsible article!Show me an instance where a flaw in Vista/7 has led to a user being compromised? ...

Tags: Operating systems, Cyberthreats, Web browsers, Viruses and worms, Spyware, adware & malware, Microsoft Windows, exploit, phishing, Linux, operating system, Adrian, online banking

Discussion threads 2009-10-13

Windows zero-day reported

Oh my god, a piece of software has an error!I think if this can be duplicated (as it seems from the story the 'bug' is inconsistent) the it will be patched. Every software has bugs and few software is more complex than an OS.RE: Windows zero-day reportedWindows needs to be...

Tags: Operating systems, OPEN SOURCE, Microsoft Windows 7, exploit, Microsoft Windows, Linux, window, vulnerability, software, Microsoft Corp., Win 7

Discussion threads 2009-09-08

Microsoft: Exploits likely for 'critical' Windows vulnerabilities

Who cares if exploit code will be released in the futureAs long as it is patched before the exploits are out, the exploits no longer count. Or something like that.Cue the double standards...PS I wonder which one of these was labeled "Bulletin 3" in the pre-patch announcement? According to some...

Tags: Patches, SECURITY, Microsoft Windows, exploit, patch, Microsoft Corp., LUA

Discussion threads 2009-08-11

Apple keyboard vulnerable to hack attack

Apple keyboard vulnerable to hack attackUse Microsoft Keyboard with MacUse Microsoft Keyboard with Mac !! Very safe combination !!!!RE: Apple keyboard vulnerable to hack attackNo choice? Sir, if it becomes a serious problem, any USB keyboard will do as a replacement for the Apple one.As I understood the issue (I...

Tags: Keyboards, Macs security, keyboard, Apple Inc., Apple Keyboard, attack, Apple Macintosh

Discussion threads 2009-08-03

Adobe Flash zero-day attack underway; Harden PDF Reader immediately

Malicious hackers have found a new vulnerability in Adobe's ever-present Flash software and are using rigged PDF documents to launch exploits against Windows targets. The Adobe Flash Player flaw, which is currently unpatched, affects millions of Windows XP and Windows Vista users.  Adobe has acknowledged a "potential...

Tags: Adobe Systems Inc., Adobe PDF, Adobe Acrobat, Adobe Acrobat Reader, Exploit, Zero-day Bug, Security, Ryan Naraine

Blog posts 2009-07-22

Remote code execution exploit for Firefox 3.5 in the wild

A zero day exploit (Firefox 3.5 Heap Spray Vulnerability) affecting Mozilla's latest Firefox release has been published in the wild. Through an error in the processing of JavaScript code in 'font tags' malicious attackers could achieve arbitrary code execution and install malware on the affected hosts....

Tags: Mozilla Firefox, Exploit, Web Browsers, Internet, Dancho Danchev

Blog posts 2009-07-14

ImageShack hacked by anti-full disclosure movement

ImageShack hacked by anti-full disclosure movementImageShack should have used Linuxas this would be a non-issue.There's no guarantee with shareThese sites just make it fun for people to enjoy the Internet.RE: ImageShack hacked by anti-full disclosure movementI do not agree with AntiSec. I believe that it is the responsibility of...

Tags: SECURITY, Full-Disclosure, ImageShack, disclosure movement

Discussion threads 2009-07-13

ImageShack hacked by anti-full disclosure movement

During the weekend, ImageShack, among the Web's top ten most popular free image hosting services got compromised, with the millions of images hosted on it redirected to a single one explaining why it was hacked. The anti-sec group responsible for the compromise describes itself as a "movement...

Tags: Web, Malware, Exploit, Zero-day Bug, Spyware, Adware & Malware, Channel Management, Cyberthreats, Security, Viruses And Worms, Marketing, Dancho Danchev

Blog posts 2009-07-13

The Gestalt Approach to IT Security Takes Shape

Off late Enterprise IT defenses against malware or exploits are built by deploying a set of security appliances that mitigate specific threats. This appliance approach was very effective during the 1990s when dominant threats were hackers attacking corporate IT assets via the Internet. As hackers were joined by cybercriminals an...

Tags: IT Security, Information Technology, Threat, Hacker, Exploit, Lippis Enterprises, Hacking, Security

White papers 2009-07-01

Foxit PDF Reader being exploited in the wild

Adobe isn't the only PDF software maker facing in-the-wild malware attacks. Just weeks after the availability of patches for critical security flaws in the popular FoxIt Reader, there is word that malicious hackers are already targeting unpatched versions of the software. ...

Tags: Software, Malware, Exploit, Foxit, Spyware, Adware & Malware, Cyberthreats, Security, Viruses And Worms, Ryan Naraine

Blog posts 2009-03-25

"No more free bugs"? There never were any free bugs

Vulnerability researchers have always extracted value out of their work, even before there was a monetary value placed on exploits. Security researchers at last week's CanSecWest conference dramatically announced their new philosophy that software vulnerabilities should no longer be given away. The movement cites the existence...

Tags: Researcher, Vulnerability, Exploit, Security, Adam O'Donnell

Blog posts 2009-03-24

Nils2Own: 'I want to see security flaws fixed'

VANCOUVER, BC -- Charlie Miller may have dominated the headlines but the undisputed champion of this year's CanSecWest Pwn2Own contest was a hitherto unknown hacker who asked to be identified simply as "Nils." A day after his perfect sweep of the breaking into...

Tags: Apple Macintosh, Mozilla Firefox, Vulnerability, Bug, Microsoft Internet Explorer, Web Browser, Exploit, Web Browsers, Apple Mac OS X, Apple Mac OS, Desktops, Operating Systems, Security, Internet, Software, Hardware, Ryan Naraine

Blog posts 2009-03-23

Questions for Pwn2Own hacker Charlie Miller

VANCOUVER, BC -- At the CanSecWest security conference here, I got a chance to sit down with Charlie Miller, the researcher who broke into a fully patched MacBook machine using a Safari code execution vulnerability. We discuss the state of Web browser security, the vulnerability marketplace and...

Tags: Apple Macintosh, Mozilla Firefox, Apple Safari, Vulnerability, Bug, Microsoft Internet Explorer, Google Chrome, Hacker, Exploit, Web Browsers, Security, Internet, Ryan Naraine

Blog posts 2009-03-19

Pwn2Own 2009: Macbook falls in seconds

Pwn2Own 2009: Macbook falls in secondsAgain?Fool me once, shame on you. Fool me, twice shame on me.HAHAHAHAHAHAHAHAHA!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!Plummeting computer sales.Plummeting iPhone sales.Plummeting security.What a fantastic week for anyone not emotionally invested in Apple! :)HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!HAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!I had to read it again. OS X fell in SECONDS??!!??!!And Windows 7 is still standing??!!??!!Hmm, in...

Tags: Desktops, Well Windows, Pwn2Own 2009, Apple Inc., security, Apple MacBook, vulnerability

Discussion threads 2009-03-18

Targeted malware attacks exploiting IE7 flaw detected

Researchers at TrendMicro have detected a targeted malware attack exploiting last week's patched critical MS09-002 vulnerability affecting Internet Explorer 7.  Upon opening the spammed Microsoft office document, vulnerable users are automatically forwarded to a Chinese live exploit site which still remains active. The attack has also been...

Tags: Trend Micro Inc., Flaw, Vulnerability, Microsoft Internet Explorer 7, Malware, Hacker, Exploit, Attack, MS09-002, Spyware, Adware & Malware, Cyberthreats, Security, Viruses And Worms, Dancho Danchev

Blog posts 2009-02-17

Android exploit so dangerous, users warned to avoid phone’s web browser

Android exploit so dangerous, users warned to avoid phone’s web browserAre there any exploits in the wild for this?If not, then use the browser all you want. According to the Apple apologist rules of vulnerabilities, you can use a vulnerable device without a single concern as long as there are...

Tags: Web browsers, Web browser, Apple Inc., phone, exploit

Discussion threads 2009-02-12

Thousands of legitimate sites SQL injected to serve IE exploit

Thousands of legitimate sites SQL injected to serve IE exploitThis is why Firefox + NoScript isn't a magic fixBefore any Firefox zealots start going nuts, Firefox + NoScript is my browser configuration of choice.That being said, people do have to be careful when they use the "Allow " option of...

Tags: Web browsers, SECURITY, Viruses and worms, NoScript, whitelist, Mozilla Firefox, SQL, Microsoft Internet Explorer, attack

Discussion threads 2008-12-17