security vulnerability

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Hard questions at the heart of open source security

Hard questions at the heart of open source securityIMO neither model is better than the other.History has shown both approaches allow security vulnerabilities to slip through. That's the reality so why do we continue to pose the question as to which is more/less secure?It's what you don't see that you...

Tags: open source, security

Discussion threads 2008-10-28

Researcher discovers Nokia S40 security vulnerabilities, demands 20,000 euros to release details

Will disclose Nokia s40 security vulnerabilities for money? Part of Security Exploration's research program, Adam Gowdiak, a well known researcher with a decent history of uncovered security issues, recently made an announcement regarding two security vulnerabilities affecting the implementation of mobile Java used by Sun and Nokia in their products,...

Tags: Nokia Corp., Mobile, LinkedIn, Security Vulnerability, Security, Dancho Danchev

Blog posts 2008-08-14

Microsoft addresses 9 security vulnerabilities with 4 "Important" bulletins

Microsoft addresses 9 security vulnerabilities with 4 "Important" bulletinsAlways Update - ALL Software!!It's also a good idea to check all your applications against manufacture recommended updates, Adobe, Java, etc... Windows Vista / XP isn't the only update that we should be concerned. - Walter Anderson, MCSE, A+, Network+, Sharepoint ConsultantAnyone...

Tags: Patches, system restore, security vulnerability, patch management, Microsoft Corp., desktop, security

Discussion threads 2008-07-08

Top 10 Ways Shavlik Simplifies Patch Management

Security vulnerabilities are uncovered on a daily basis, and managing the security patches that address them can be an endless and often complicated task for every network administrator. Without the right automated solutions, patch management can be a tedious and herculean task requiring companies to regularly devote hundreds or even...

Tags: Patch Management, Shavlik Technologies, Security Vulnerability, Patches, Security

White papers 2008-04-01

Windows 2000 Security Patch: August Cumulative Patch for IIS q301625 (Windows)

Microsoft has released a cumulative patch for IIS 4.0 and 5.0. In addition to eliminating virtually all previously identified security vulnerabilities in IIS, it also eliminates several newly discovered ones. These include three denial of service vulnerabilities, one of which is exploited by the Code Red worm, and two vulnerabilities...

Tags: Microsoft Windows 2000, Vulnerability, Microsoft Windows, Microsoft Corp., Security Vulnerability, Microsoft IIS Server, Security, Patches, Viruses And Worms

Software downloads 2007-09-05

Did anyone really expect the iPhone NOT to have a serious security vulnerability?

A team of security experts working for Independent Security Evaluators have discovered a serious security vulnerability in Apple's iPhone.  The vulnerability would allow a hacker to take control of the iPhone over a WiFi connection or by tricking users to visit a booby trapped website.Basic details of the vulnerability can be...

Tags: Apple

Blog posts 2007-07-23

Solid Windows Vista Protection

The new security features included in Vista are a step forward in helping businesses defend against attacks, but they cannot be considered a complete, multi-layered defense. It goes without saying that attackers follow security vulnerabilities, as these are a requirement for their success. Over the past several years, these vulnerabilities...

Tags: Symantec Corp., Microsoft Windows Vista, Security Vulnerability, Security, Microsoft Windows Vista (Longhorn), Operating Systems, Microsoft Windows, Software

White papers 2007-07-10

Silica -- a wireless hacking tool

Penetration testing firm Immunity has started shipping Silica, a wireless handheld pen-testing device capable of finding -- and exploiting -- security vulnerabilities.

Tags: security vulnerability, handheld, tool, wireless, hacking tool, security

Image galleries 2007-02-06

Security and Streaming Media - How to Secure Your Video and Protect Your Revenue

As more and more popular applications come on the market such as streaming video to cell phones, video blogging and streaming inside the networked home, security is key to protecting content and privacy. There are multiple ways to secure and protect the streaming media so that confidential or sensitive content...

Tags: Revenue, Vulnerability, Streaming Video, Video, Streaming Media, Viewcast, Security Vulnerability, Web Site Development, Web Technology, Corporate Communications, Blogging, Digital Video, Security, Digital Media, Internet, Marketing, Personal Technology, Consumer Electronics

White papers 2006-08-06

Security Check 0.1 (Windows)

SecurityCheck Audit common security vulnerabilities get corrective recommendations and easy remedies for Windows systems. Check & correct unset or blank passwords, prevent unauthorized changes to important system-wide settings and programs. Secure wireless networks & prevent unauthorized access to important, private data. Reduce or eliminate shared folders and key security vulnerability....

Tags: Security Vulnerability, Moon Valley Software, Microsoft Windows, Security, Wireless, Operating Systems, Software

Software downloads 2005-07-14

Microsoft Internet Explorer 6 - Cumulative Security Update 1.0 (Windows)

This update eliminates all known security vulnerabilities affecting Internet Explorer 5.5 Service Pack 2 (SP2) and Internet Explorer 6, and addresses the "Incorrect Content-Disposition Handling Can Cause IE to Execute Code Automatically" security vulnerabilities in Internet Explorer 5.5 SP2 and 6, and is discussed in Microsoft Security Bulletin MS01-058. Download...

Tags: Service Pack 2, Vulnerability, Microsoft Internet Explorer 6, Microsoft Windows, Microsoft Internet Explorer, Microsoft Corp., Security Update, Security Vulnerability, Microsoft Internet Explorer 5.5, Web Browsers, Microsoft Windows XP Service Pack 2, Security, Internet

Software downloads 2001-12-14

IIS 5.0 Cumulative Security Update MS01-044 (Windows)

This cumulative security update includes every update released for Internet Information Server IIS 5.0 and is discussed in Microsoft Security Bulletin MS01-044. This update addresses four new vulnerabilities: two security vulnerabilities that could enable a malicious user to temporarily disrupt the service of IIS 5.0; and two security vulnerabilities that...

Tags: Microsoft IIS 5.0, Malicious User, Microsoft Windows, Microsoft Corp., Security Update, Security Vulnerability, Microsoft IIS Server, Security Administration, Security, Patches, Viruses And Worms

Software downloads 2001-09-21

Microsoft Internet Explorer 5.x Security Patch MSHTML Update (Windows)

The update fixes these security vulnerabilities in MSHTML.DLL, which is the parsing engine for HTML in Internet Explorer: A privacy issue in which the "IMG SRC" tag could be used to determine information about the files on a user's computer, although it would not allow those files to be...

Tags: Malicious Web Site, Microsoft Windows, Microsoft Internet Explorer, Microsoft Corp., Security Vulnerability, Security

Software downloads 1999-03-18

Additional Resources

Microsoft finds security hole in Google Chrome Frame

HAHA! Way to go Microsoft! They basically just told Google to suck it! The best part is they were right the whole time. Yet people blindly defended Google. It would seem Google has more software issues than anyone else.RE: Microsoft finds security hole in Google Chrome FrameI'm not...

Tags: Web browsers, security, Google Inc., Microsoft Corp., attack surface, Google Chrome

Discussion threads 2009-11-19

Microsoft finds security hole in Google Chrome Frame

A security researcher in the Microsoft Vulnerability Research MSVR has discovered a "high risk" Google Chrome Frame security vulnerability that could allow an attacker to bypass cross-origin protections. by Ryan Naraine

Tags: Google Inc., Microsoft Corp., Google Chrome, Security, Ryan Naraine

Blog posts 2009-11-19

Webcast: Smart Techniques for application security: whitebox + blackbox testing.

Whitebox & blackbox application security testing are two approaches for detecting vulnerabilities in Web-based and network applications. Both have strengths and weaknesses, but a combination of the two provides the most comprehensive application security coverage and facilitates the extension of vulnerability assessments across the development lifecycle.

Tags: Technique, Webcast, Application Security, Security Administration, Security

Webcasts 2009-11-19

Managing a growing threat: An Executive's Guide to Web Application Security

Traditionally, companies have relied on perimeter defenses to keep their networks and data secure. Unfortunately, network firewalls and network vulnerability scanners can't defend against application-level attacks. Cyber-criminals are leveraging relatively simple application exploits to gain access to sensitive information for fun and profit. It's more important than ever to...

Tags: Web, Network, Web Application, IBM Corp., Cyber-criminals, Scanners, Networking, Hardware, Peripherals

White papers 2009-11-19

Microsoft confirms 'detailed' Windows 7 exploit

Ummm interesting....so just block 139 and 445...445? great that port aggain.Is SMB blocked to/from internet by th firewall by default?RE: Microsoft confirms 'detailed' Windows 7 exploitPorts 139 and 445 are blocked by default for Internet access by Windows firewall in Windows 7 and any commerical hardware firewall. They are enabled...

Tags: Firewalls, SMB/SME, SMB protocol, Microsoft Windows 7, firewall, Windows 7 exploit, Microsoft Windows, small and medium business, Microsoft Windows Vista, operating system, Microsoft Corp.

Discussion threads 2009-11-16

Microsoft confirms 'detailed' Windows 7 exploit

Exploit code for the vulnerability was released by researcher Laurent Gaffié after failed attempts to get Microsoft's security response center to acknowledge that this was an issue that needs to be patched. by Ryan Naraine

Tags: Microsoft Corp., Microsoft Windows 7, Security, Operating Systems, Microsoft Windows, Software, Ryan Naraine

Blog posts 2009-11-16

VeriSign sets timetable to fix DNS hole

VeriSign has said a significant outstanding internet security vulnerability will be closed by 2011, after delays caused by technical aspects of the implementation. VeriSign has said a significant outstanding internet security vulnerability will be closed by 2011, after delays caused by technical aspects of the implementation. ...

Tags: DNS, VeriSign Inc., Internet Security, Internet, Domain Names, Security, VeriSign, security, Tom Espiner

News items 2009-11-16