Sponsored White Papers, Webcasts, and Downloads
ZDNet Resources
- More details on the Pwn2Own Flash flaw that won the Vista machine
- More details on the Pwn2Own Flash flaw that won the Vista machineOr should we blame MicrosoftFor their inability to push DEP sooner and get more of a response out developers sooner and breaking applications that have been coded wrongly for years.That would be the ABMer's excuse anyway.NBMer would say that...
- Tags: Microsoft Windows Vista (Longhorn), Programming languages, Operating systems, UNIX, SECURITY, Pwn2Own Flash, Pwn2Own Flash flaw, Microsoft Windows Vista, data execution prevention, Vista Machine, Java, flaw, Nate, Adobe Systems Inc., Microsoft Corp., Linux
- Discussion threads 2008-03-31
Additional Resources
- Microsoft shares a few tidbits on IE9 and (lots) more on Silverlight 4
- Safari? What Safari ? :-)http://www.tgdaily.com/software-features/39495-safari-4-beta-first-browser-to-hit-100-score-in-acid3-testI know, Steve doesn't like Apple but you're supposed to be a journalist? ;-)Google chrome?IE like Microsoft is stumbling around in a new ecosystem in which spending thousands of dollars is not an option.Plus, it locks you into a insecure OS platform with...
- Tags: Web browsers, Scripting languages, Spell Check, Microsoft Silverlight, Microsoft Internet Explorer, HTML5, JavaScript, Google Inc., Microsoft Corp.
- Discussion threads 2009-11-18
- Apple confirms malware protection in Snow Leopard
- They say Americans don't understand ironyNo irony there, Jason. Any degree of immunity that OS X has to malware is exactly because of such measures.I am gonna love.....to see the people make excuses for the reason for this. You can't say one thing and then do another in the...
- Tags: Cyberthreats, Spyware, adware & malware, Viruses and worms, SECURITY, Spyware, Pwn2Own, virus, malware, trojan horse, Apple Inc.
- Discussion threads 2009-08-27
- Adobe: Full-featured Flash 10 coming to a smartphone near you; Apple stand-off continues
- Adobe: Full-featured Flash 10 coming to a smartphone near you; Apple stand-off continuesFlash is running too slow on the device to be usefulsaid Jobs. Heck, it even runs slooowly on a fully grown desktop computer! And I can imagine Flash lite taking away too much.So what to do? I think...
- Tags: Smart phones, Cellular phones, Corporate communications, Handhelds, Aesop, Flash Lite, Apple Inc., Adobe Systems Inc., smart phone, Full-featured Flash 10
- Discussion threads 2009-02-16
- Pwn2Own hacker contest targets browsers, smart phones
- Pwn2Own hacker contest targets browsers, smart phonesBig correction[i]Alex Sotirov also partnered with Macaulay in 2008 to exploit a Windows Vista vulnerability.[/i]It was not a Vista vulnerability, it was a Flash vulnerability. The [b]only[/b] OS to fall in its out of the box plus fully patched configuration was OS X. Try...
- Tags: Web browsers, Smart phones, SECURITY, Handhelds, phone, Web browser, vulnerability, smart phone, Pwn2Own hacker
- Discussion threads 2009-02-11
- Pwn2Own hacker contest targets browsers, smart phones
- After two straight years of taking dead aim at Macbooks and Windows-powered machines, hackers at this year's CanSecWest conference will have shiny new targets:Â Web browsers and mobile phones. According to CanSecWest organisers, there will be two separate Pwn2Own competitions this year -- one pitting hackers against...
- Tags: Phone, Mobile, Smart Phone, Apple MacBook, Web Browser, Hacker, Hacking, Microsoft Windows, Security, Operating Systems, Software, Ryan Naraine
- Blog posts 2009-02-11
- Has Internet Explorer ever been safe?
- Has Internet Explorer ever been safe?The recommendation to use an alternative browser is based on......the existence of an exploit for which a patch is not available as of the time I write this. It is not being given because IE is insecure. I would hope this same advice were given...
- Tags: Web browsers, Microsoft Internet Explorer, Web browser
- Discussion threads 2008-12-17
- Security vs. convenience: Apple chooses poorly
- Security vs. convenience: Apple chooses poorlyWhat if..they need to install diagnostic software?You are kidding, right?So you change your password when you get it back. Or change it before you send it in.It's the same in the Windows world - you pretty much need and Admin password to do anything.This...
- Tags: Apple Inc., password, security, admin password
- Discussion threads 2008-08-18
- Microsoft joins 'patch DNS now' chant; Apple patch missing
- Microsoft joins 'patch DNS now' chant; Apple patch missingI couldn't make this stuff up if I triedSeriously, I'm not that creative.[url=http://talkback.zdnet.com/5208-12691-0.html?forumID=1&threadID=48138&messageID=898138] Apple fan explains why Apple isn't responsible for PWN2OWN vulnerability [/url][i]A Perl exploit isn't an Apple bug, anymore than the Flash exploit on the Vista machine was a Microsoft...
- Tags: Apple Mac OS X, Domain names, Apple Mac OS, Operating systems, DNS, Microsoft Corp., Apple Inc.
- Discussion threads 2008-07-25
- C to be the next browser scripting language... wait, what?
- First off, I hope that everyone's fourth of July was as good as mine. There's nothing quite like spending time with family and friends over the holidays to put your work-life relationship into perspective of what's important. In any case, the security news didn't stop for the...
- Tags: Adobe Systems Inc., C, Web Browser, Scripting Language, Flash, C/C++, Programming Languages, Software Development, Software/Web Development, Nathan McFeters
- Blog posts 2008-07-07
- On deck from MS: Four 'important' patches but nothing for IE
- On deck from MS: Four 'important' patches but nothing for IEAm I correct that uninstalling Safari mitigates the problem?I realize it isn't a fix but am I correct in believing that for the time being, removing Safari effectively closes off the only known attack vector that can utilize this vulnerability?...
- Tags: Web browsers, SECURITY, patch management, flaw, Apple Safari, Apple Inc., Microsoft Corp., Microsoft Internet Explorer
- Discussion threads 2008-07-03
- Researcher keeps 'carpet bomb' attack alive, despite patch
- Security research Billy Rios posted an article today about the Apple Safari "Carpet Bomb" attack, discussing a new issue that, despite the patch which prevented a "blended" remote command execution attack when Safari was used in conjunction with IE on a Windows system, keeps the "Carpet Bomb" attack alive and well. ...
- Tags: Software, Apple Safari, Apple Inc., Ecosystem, Attack, Billy Rios, Security, Nathan McFeters
- Blog posts 2008-06-21
- Flash attack may as well have been zero-day
- Guest Editorial by Dino Dai Zovi It has almost been a week since the Adobe Flash zero-day attack false alarm.  Since then, a number of people have called Symantec out as being irresponsible for crying wolf and announcing the raising the ThreatCon without fully researching the vulnerability (Full...
- Tags: Vulnerability, Attack, Flash, Security, Ryan Naraine
- Blog posts 2008-06-03
- News to know: IBM; Microsoft; Googlehoo; Safari; Enterprise 2.0
- Notable headlines: Ed Bott: Is Hyper-V ready for the Windows desktop? Mary Jo Foley: Microsoft looks to make product planning more science than art. Gallery right. Better the Windows Vista devil you know than the Windows 7...
- Tags: Google Inc., Larry Dignan, Apple Safari, Enterprise 2.0, Microsoft Corp., IBM Corp., Microsoft Windows, Open Source, Operating Systems, Software
- Blog posts 2008-04-17
- Adobe patches 7 issues, including Pwn2Own contest flaw and DNS rebinding issues
- Adobe published an advisory covering issues, including a fix for the Pwn2Own flaw that we previously discussed here. Adobe's details are published here. One of the issues that was patched was discovered by myself and fellow researcher (and co-worker at Ernst & Young's Advanced Security Center) Rob Carter, see the picture to the...
- Tags: Adobe Systems Inc., DNS, Domain, Lookup, Microsoft Internet Explorer, Web Browser, Domain Name, Flaw, Rob, Flash, XmlHttp Request, Kicker, Domain Names, Web Browsers, Networking, Internet, Nathan McFeters
- Blog posts 2008-04-09
- News to know: WGA for Office; RSA; Apple; Adobe
- Notable headlines: Mary Jo Foley: Microsoft to add the Genuine Advantage 'nag' to Office Dennis Howlett: Secure coding: the invisible elephant RSA wrap: Larry Dignan: How will Microsoft's trusted stack work? Trusted Internet initiative aims for security...
- Tags: Adobe Systems Inc., RSA Security Inc., Microsoft Office, Microsoft Windows Genuine Advantage, Apple Inc., Microsoft Corp., Microsoft Windows, Security, Operating Systems, Software, Larry Dignan
- Blog posts 2008-04-09
- Adobe Flash Pwn2Own details released by ZDI...
- Adobe Flash Pwn2Own details released by ZDI......Like I said before, run it against two configurations of Linux and tell us what you get. ]:)Currently logged in user?[i]Exploitation of this vulnerability can result in arbitrary code execution under the context of the currently logged in user.[/i]Is it the currently logged in...
- Tags: Web browsers, Adobe Systems Inc., Adobe Flash, Web browser, software
- Discussion threads 2008-04-08
- Adobe Flash Pwn2Own details released by ZDI...
- ... and unfortunately leaves much to be desired. I think many people were hoping for the disclosure from ZDI to contain a lot of details on what could've been exploited with this issue, unfortunately, the details just aren't really there. In fact, after reading it, I think I have more...
- Tags: User Interaction, Adobe Systems Inc., Vulnerability, Adobe Flash Player, ZDI Advisory, Security, Nathan McFeters
- Blog posts 2008-04-08
- Adobe claims to have known of Flash issue prior to CanSecWest '08, patch is on the way
- In a comment in a talkback on the original issue discovered in Adobe Flash that led to the compromise of the Vista machine at the Pwn2Own contest, an Adobe representitive, Erick Lee, Manager of Adobe Secure Software Engineering Team ASSET, claimed that Adobe knew of the flaw and has a patch...
- Tags: Adobe Systems Inc., Patches, Security, Team Management, Management, Nathan McFeters
- Blog posts 2008-04-03
- Interview with the Vista Pwn2Own contest winners
- Interview with the Vista Pwn2Own contest winnersSo NO, we did not duplicate it on any other platform.What Nate states is this is a compiler issue with a polymorphism/name mangling bug. Therefore, it is not a Adobe coding issue. So my questions still remain:1) Have you duplicated this on...
- Tags: Microsoft Windows Vista (Longhorn), data execution prevention, Vista Pwn2Own, Nate, flaw, Microsoft Windows Vista
- Discussion threads 2008-04-02
- << Previous
- page 1 of 1
- Next >>
White Papers and Webcasts
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
