vulnerability

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Microsoft: Human error caused critical SMB2 vulnerability

did not explain why the fix was not back-ported to Windows Vista and other That very bad. I was wondering this myself when news broke that Win 7 was not vulnerable.What were they thinking? Fixing a bug and "forgetting" that other versions may actually be vulnerable?Or had they actually recorded...

Tags: Microsoft Windows Vista (Longhorn), SECURITY, Hulu Desktop, Microsoft Corp., critical SMB2 vulnerability, SMB2, SMB2 vulnerability, vulnerability, Microsoft Windows Vista

Discussion threads 2009-10-19

Microsoft: Human error caused critical SMB2 vulnerability

Microsoft is blaming human error for the the critical SMB v2 vulnerability that exposed Windows users to remote code execution attacks by Ryan Naraine

Tags: Vulnerability, Microsoft Corp., Error, Smb/Sme, Security, Ryan Naraine

Blog posts 2009-10-19

Oracle to fix 38 database, product vulnerabilities

Oracle has announced plans to ship a Critical Patch Update with fixes for at least 38 security vulnerabilities in a wide range of database and server products. by Ryan Naraine

Tags: Oracle Corp., Vulnerability, Storage, Databases, Security, Hardware, Enterprise Software, Software, Data Management, Ryan Naraine

Blog posts 2009-10-16

Adobe fixes 28 holes in Reader and Acrobat

Adobe released a security bulletin that includes fixes for 28 vulnerabilities in Adobe Reader and Acrobat, including a critical hole that has reportedly been exploited. Adobe on Tuesday released a security bulletin that includes fixes for 28 vulnerabilities in Adobe Reader and Acrobat, including a critical hole that has...

Tags: Adobe Systems Inc., Adobe Acrobat, Adobe Acrobat Reader, Microsoft Windows, Operating Systems, Software, Adobe, security, vulnerability, Elinor Mills CNET News

News items 2009-10-14

Google patches Android DoS vulnerabilities

Google has shipped a new version of the Android open-source mobile phone platform to fix a pair of security flaws that could lead to denial-of-service attacks. by Ryan Naraine

Tags: Google Inc., Mobile, DOS, Vulnerability, Patch Management, Cell Phone, Cellular Phones, Open Source, Security, Consumer Electronics, Personal Technology, Ryan Naraine

Blog posts 2009-10-09

Monster Patch Tuesday on tap: 13 bulletins, 34 vulnerabilities

Wow, FTP and SMBv2 vulnerabilities sound serious!!!I presume that by default, both of these services are on, accepting connections, and that the firewall is configured to let all of this traffic through?Not that serious -- 1. ftp is not on by default one must enable it2. smbv2 is on by...

Tags: Patches, SECURITY, Monster, SMBv2, patch management, vulnerability

Discussion threads 2009-10-08

Monster Patch Tuesday on tap: 13 bulletins, 34 vulnerabilities

Microsoft is planning a bumper Patch Tuesday next week -- 13 bulletins covering 34 security vulnerabilities in a wide range of products. by Ryan Naraine

Tags: Monster, Vulnerability, Bulletin, Security, Ryan Naraine

Blog posts 2009-10-08

Cisco drops patches for serious IOS vulnerabilities

Cisco has released a peck of patches to cover multiple security flaws in its flagship Cisco IOS. by Ryan Naraine

Tags: Cisco IOS, Vulnerability, Patch Management, Cisco Systems Inc., Patches, Ryan Naraine

Blog posts 2009-09-24

Critical iTunes flaw exposes Mac, Windows to hacker attacks

No trolls yet? OK, Let me start.If this software was open source, geeks like me could patch it ourselves without needing to wait for some company to do it or not. So at least we would be safer. Windows is a abomination of a 32-bit DOS clone, and OS X...

Tags: Hacking, SECURITY, flaw, Mac Windows, hacker attack, Apple iTunes, window, Apple Macintosh, iTunes flaw

Discussion threads 2009-09-22

Mac OS 10.6.1 released, squashes 9 Flash vulnerabilities (updated)

A service pack already?Oh my.They usually have 6 or 7 of themcompared to Windows' 2 or 3. That's not a knock on either, it's just a different way of doing things.RE: Mac OS 10.6.1 released, squashes 9 Flash vulnerabilities updatedre: additional modem support --this article lists all the Sprint and...

Tags: Mac OS 10.6.1, service pack, RTM, Apple Inc., Apple Mac OS, Apple Macintosh

Discussion threads 2009-09-11

Mac OS 10.6.1 released, squashes 9 Flash vulnerabilities (updated)

Apple tonight released Mac OS 10.6.1 (build 10B504) via Software Update. The 74MB update download page fixes several bugs, as noted below, and includes "general operating system fixes that enhance the stability, compatibility, and security of your Mac." Bug fixes mentioned in the release...

Tags: Apple Macintosh, Vulnerability, Macromedia Flash Player, Apple Inc., Printers, Apple Mac OS, Security, Hardware, Peripherals, Operating Systems, Software, Jason D. O'Grady

Blog posts 2009-09-10

Apple plugs 33 Mac OS X security holes, updates Flash on Leopard

Wasn't there just a mega patch 2 weeks ago?Wow, OS X sure needs a lot of patches. But I'm pretty sure these are the last of the vulnerabilities, there probably won't be any patches after this one, right?One bright spotTo be sure this is a mega patch. How do they...

Tags: Patches, Apple Mac OS, Apple Mac OS X, OK IT, Apple Inc., vulnerability, security, Apple Macintosh

Discussion threads 2009-09-10

Mozilla patches 'drive-by download' security flaws

Whoa! This batch patches 10 critical vulns!The "secure alternative" version 3.5 has already in its short life bypassed Internet Explorer 8. Firefox 3.5 now hit 18 vulns, IE8 has 12.Version 3.0 of Firefox which is of roughly the same age as IE has been hit with 114 (!) vulns.It seems...

Tags: Web browsers, Mozilla Corp., patch management, Microsoft Internet Explorer, Mozilla Firefox, vulnerability, security

Discussion threads 2009-09-10

iPhone, QuickTime bitten by security bugs

Ryan, can you explain that? [was: Liars! This is Teh Unpossible!!]Wonder why these have not been tagged with the word "gaping" in the title? Weird.Does QuickTime have any secure code in it?I must say that I'm impressed with how many gaping security holes Apple has managed to cram into a...

Tags: Patches, Operating systems, Apple QuickTime, Apple iPhone, security bug, Apple Inc., vulnerability, security, Microsoft Windows

Discussion threads 2009-09-09

Microsoft confirms SMB2 vulnerability, warns of code execution risk

Feel free to delete this Ryan.ThanksIsn't it about time we stop playing nice andfind these people who create such an endless stream of blank and do a bit of Vlad the Impaler on them? Catch em... give them a fair trial (I want to be certain we publicly impale...

Tags: Microsoft Windows Vista (Longhorn), SECURITY, Microsoft Corp., SMB2, Microsoft Windows Vista, vulnerability, beta

Discussion threads 2009-09-09

Microsoft confirms SMB2 vulnerability, warns of code execution risk

Microsoft has issued a formal security advisory to confirm the remote reboot flaw in its implementation of the SMB2 protocol, going a step further to warn that a successful attack could lead to remote code execution and full system takeover. by Ryan Naraine

Tags: Vulnerability, Execution, Microsoft Corp., Security, Ryan Naraine

Blog posts 2009-09-09

Windows zero-day reported

Oh my god, a piece of software has an error!I think if this can be duplicated (as it seems from the story the 'bug' is inconsistent) the it will be patched. Every software has bugs and few software is more complex than an OS.RE: Windows zero-day reportedWindows needs to be...

Tags: Operating systems, OPEN SOURCE, Microsoft Windows 7, exploit, Microsoft Windows, Linux, window, vulnerability, software, Microsoft Corp., Win 7

Discussion threads 2009-09-08

Microsoft FTP in IIS vulnerability now under attack

They're attacking the space station?[i]It is not yet clear if a fix for this FTP in [b]ISS[/b] vulnerability will be included in this patch batch.[/i]Sorry, I couldn't resist.I fail to see the logicin your last post. Why would hackers wish to harm the station's occupents?:)That's easyThey want to be...

Tags: Microsoft IIS Server, FTP, vulnerability, Microsoft Corp.

Discussion threads 2009-09-04

Microsoft FTP in IIS vulnerability now under attack

Less than a week after the publication of exploit code for a critical vulnerability in the FTP Service in Microsoft Internet Information Services IIS, attackers are now launching in-the-wild attacks against Windows users. by Ryan Naraine

Tags: Vulnerability, Microsoft Corp., FTP, Microsoft IIS Server, Attack, Security, Ryan Naraine

Blog posts 2009-09-04

Apple plugs 15 Java for Mac security holes

Flash, Java, libxml vulnerabilities highligh Apples systemic problemOnce again information about vulnerabilities have been readily available for anyone who wishes to exploit them.An attacker only needs to look up popular 3rd party products in Apples stack and compare versions against the latest from the vendor. Any version discrepancy reveals potential...

Tags: Operating systems, SECURITY, Patches, Windows variant, Java, Apple Mac OS X, Apple Inc., vulnerability, vulnerability information

Discussion threads 2009-09-03