vulnerability

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Staying a step ahead of the hackers: the importance of identifying critical Web application vulnerabilities.

Security managers worldwide working for midsize or large organizations share a common goal: to better manage the risks associated with their business infrastructure. Web application security plays a significant role in achieving that goal. This session will discuss new and emerging network and application security attacks and ways organizations can...

Tags: Network, Vulnerability, Web Application, Hacker, Application Security, Security Administration, Security, Cloud Computing, Networking

White papers 2009-11-19

Microsoft probing Windows 7 zero-day hole

Microsoft said it is looking into a report of a vulnerability in Windows 7 and Server 2008 Release 2 that could be used by an attacker to remotely crash the computer. Microsoft said on Wednesday it is looking into a report of a vulnerability in Windows 7 and Server...

Tags: Vulnerability, Microsoft Corp., Server Message Block, Microsoft Windows 7, Microsoft Windows, Security, Operating Systems, Software, Microsoft, attack, zero day, Elinor Mills CNET News

News items 2009-11-12

Counting vulnerabilities is pointless

Suddenly it doesn't matter any more? Vulnerability count is an indication of software qualityIt goes directly to the process the vendor went through to root out vulnerabilities before shipping. At least if you compare products with the same general purpose and which receives the same amount of scrutiny.Time to fix...

Tags: Web browsers, Cyberthreats, Spyware, adware & malware, SECURITY, Mozilla Firefox, vulnerability, Microsoft Internet Explorer, malware, risk period

Discussion threads 2009-11-09

Counting vulnerabilities is pointless

Application security vendor Cenzic released a report today highlighting Mozilla Firefox as the most vulnerable web browser based on vulnerability count. Problem is, counting vulnerabilities is pointless. In fact, it's worse than pointless, it can lead us to draw false conclusions. by Adrian Kingsley-Hughes

Tags: Vulnerability, Security, Adrian Kingsley-Hughes

Blog posts 2009-11-09

Patch Tuesday heads-up: Critical MS Office patches coming

Office for Mac also affected...So where are the rants from Windows zealots who scream blue murder every time there's a patch for possible exploits of iTunes on Windows?Oh, that's right, faulty Microsoft software on OS X must be Apple's fault. Forgot that.Critical bulletins for Vista and Windows 7Vista/Server2008: 1 bulletinWindows...

Tags: Apple Mac OS X, Operating systems, patch management, Microsoft Office, Apple Inc., Microsoft Windows, marketing, Microsoft Corp.

Discussion threads 2009-11-05

Vulnerability Seen in Amazon's Cloud-Computing

Leading cloud-computing services may be vulnerable to eavesdropping and malicious attacks, according to research that shows it is possible for attackers to precisely map where a target's data is physically within the "Cloud" and then use various tricks to gather intelligence. The study probed Amazon's industry-leading Elastic Computer Cloud (EC2)...

Tags: Vulnerability, New York, Amazon.com Inc., Cloud Computing, Storage Management, Virtualization, Utility Computing, Security, Storage, Hardware

White papers 2009-10-24

Microsoft: Human error caused critical SMB2 vulnerability

did not explain why the fix was not back-ported to Windows Vista and other That very bad. I was wondering this myself when news broke that Win 7 was not vulnerable.What were they thinking? Fixing a bug and "forgetting" that other versions may actually be vulnerable?Or had they actually recorded...

Tags: Microsoft Windows Vista (Longhorn), SECURITY, Hulu Desktop, Microsoft Corp., critical SMB2 vulnerability, SMB2, SMB2 vulnerability, vulnerability, Microsoft Windows Vista

Discussion threads 2009-10-19

Microsoft: Human error caused critical SMB2 vulnerability

Microsoft is blaming human error for the the critical SMB v2 vulnerability that exposed Windows users to remote code execution attacks by Ryan Naraine

Tags: Vulnerability, Microsoft Corp., Error, Smb/Sme, Security, Ryan Naraine

Blog posts 2009-10-19

Oracle to fix 38 database, product vulnerabilities

Oracle has announced plans to ship a Critical Patch Update with fixes for at least 38 security vulnerabilities in a wide range of database and server products. by Ryan Naraine

Tags: Oracle Corp., Vulnerability, Storage, Databases, Security, Hardware, Enterprise Software, Software, Data Management, Ryan Naraine

Blog posts 2009-10-16

Google patches Android DoS vulnerabilities

Google has shipped a new version of the Android open-source mobile phone platform to fix a pair of security flaws that could lead to denial-of-service attacks. by Ryan Naraine

Tags: Google Inc., Mobile, DOS, Vulnerability, Patch Management, Cell Phone, Cellular Phones, Open Source, Security, Consumer Electronics, Personal Technology, Ryan Naraine

Blog posts 2009-10-09

Monster Patch Tuesday on tap: 13 bulletins, 34 vulnerabilities

Wow, FTP and SMBv2 vulnerabilities sound serious!!!I presume that by default, both of these services are on, accepting connections, and that the firewall is configured to let all of this traffic through?Not that serious -- 1. ftp is not on by default one must enable it2. smbv2 is on by...

Tags: Patches, SECURITY, Monster, SMBv2, patch management, vulnerability

Discussion threads 2009-10-08

Monster Patch Tuesday on tap: 13 bulletins, 34 vulnerabilities

Microsoft is planning a bumper Patch Tuesday next week -- 13 bulletins covering 34 security vulnerabilities in a wide range of products. by Ryan Naraine

Tags: Monster, Vulnerability, Bulletin, Security, Ryan Naraine

Blog posts 2009-10-08

Cisco drops patches for serious IOS vulnerabilities

Cisco has released a peck of patches to cover multiple security flaws in its flagship Cisco IOS. by Ryan Naraine

Tags: Cisco IOS, Vulnerability, Patch Management, Cisco Systems Inc., Patches, Ryan Naraine

Blog posts 2009-09-24

Critical iTunes flaw exposes Mac, Windows to hacker attacks

No trolls yet? OK, Let me start.If this software was open source, geeks like me could patch it ourselves without needing to wait for some company to do it or not. So at least we would be safer. Windows is a abomination of a 32-bit DOS clone, and OS X...

Tags: Hacking, SECURITY, flaw, Mac Windows, hacker attack, Apple iTunes, window, Apple Macintosh, iTunes flaw

Discussion threads 2009-09-22

Mac OS 10.6.1 released, squashes 9 Flash vulnerabilities (updated)

A service pack already?Oh my.They usually have 6 or 7 of themcompared to Windows' 2 or 3. That's not a knock on either, it's just a different way of doing things.RE: Mac OS 10.6.1 released, squashes 9 Flash vulnerabilities updatedre: additional modem support --this article lists all the Sprint and...

Tags: Mac OS 10.6.1, service pack, RTM, Apple Inc., Apple Mac OS, Apple Macintosh

Discussion threads 2009-09-11

Mac OS 10.6.1 released, squashes 9 Flash vulnerabilities (updated)

Apple tonight released Mac OS 10.6.1 (build 10B504) via Software Update. The 74MB update download page fixes several bugs, as noted below, and includes "general operating system fixes that enhance the stability, compatibility, and security of your Mac." Bug fixes mentioned in the release...

Tags: Apple Macintosh, Vulnerability, Macromedia Flash Player, Apple Inc., Printers, Apple Mac OS, Security, Hardware, Peripherals, Operating Systems, Software, Jason D. O'Grady

Blog posts 2009-09-10

Apple plugs 33 Mac OS X security holes, updates Flash on Leopard

Wasn't there just a mega patch 2 weeks ago?Wow, OS X sure needs a lot of patches. But I'm pretty sure these are the last of the vulnerabilities, there probably won't be any patches after this one, right?One bright spotTo be sure this is a mega patch. How do they...

Tags: Patches, Apple Mac OS, Apple Mac OS X, OK IT, Apple Inc., vulnerability, security, Apple Macintosh

Discussion threads 2009-09-10

Mozilla patches 'drive-by download' security flaws

Whoa! This batch patches 10 critical vulns!The "secure alternative" version 3.5 has already in its short life bypassed Internet Explorer 8. Firefox 3.5 now hit 18 vulns, IE8 has 12.Version 3.0 of Firefox which is of roughly the same age as IE has been hit with 114 (!) vulns.It seems...

Tags: Web browsers, Mozilla Corp., patch management, Microsoft Internet Explorer, Mozilla Firefox, vulnerability, security

Discussion threads 2009-09-10

iPhone, QuickTime bitten by security bugs

Ryan, can you explain that? [was: Liars! This is Teh Unpossible!!]Wonder why these have not been tagged with the word "gaping" in the title? Weird.Does QuickTime have any secure code in it?I must say that I'm impressed with how many gaping security holes Apple has managed to cram into a...

Tags: Patches, Operating systems, Apple QuickTime, Apple iPhone, security bug, Apple Inc., vulnerability, security, Microsoft Windows

Discussion threads 2009-09-09

Microsoft confirms SMB2 vulnerability, warns of code execution risk

Feel free to delete this Ryan.ThanksIsn't it about time we stop playing nice andfind these people who create such an endless stream of blank and do a bit of Vlad the Impaler on them? Catch em... give them a fair trial (I want to be certain we publicly impale...

Tags: Microsoft Windows Vista (Longhorn), SECURITY, Microsoft Corp., SMB2, Microsoft Windows Vista, vulnerability, beta

Discussion threads 2009-09-09