zero-day bug Resources on ZDNet

Sponsored White Papers, Webcasts, and Downloads

ZDNet Resources

Zero-day flaw haunts HP laptop models: Zero-day flaw haunts HP laptop modelsHP Pavilion Notebook zv6130us and HP Info CenterEven if I have an HP Pavilion Notebook zv6130us, I don't have HP Info Center installed in my laptop. Is it only for newer laptops?RE: Zero-day flaw haunts HP laptop modelsAnyone who doesn't disable - and then uninstall...; Tags: Notebooks, zero-day bug, Hewlett-Packard Co., laptop computer, HP Laptop; Discussion threads 2007-12-12
QuickTime zero-day attacks intercepted: QuickTime zero-day attacks interceptedThis anti-Apple bias must stopThis story is false. It must be false because the Apple zealots have always told us that Apple is better than Microsoft because Apple patches [b]before[/b] there are exploits in the wild and here we have yet another case where ZDNet is reporting...; Tags: Cyberthreats, SECURITY, Viruses and worms, rootkit, Norton Co., Apple Inc., Symantec Corp., exploit, Apple QuickTime, virus, Microsoft Windows, zero-day bug; Discussion threads 2007-12-03
QuickTime zero-day attacks intercepted: Researchers at Symantec have intercepted two different in-the-wild malware attacks targeting an unpatched code execution vulnerability in Apple's QuickTime media player. Honeypots in Symantec's DeepSight Threat Management System captured the first known case of exploit exploitation of the flaw on December 1st, 2007. The company has since...; Tags: Apple QuickTime, Vulnerability, Malware, Zero-day Bug, Attack, Exploitation, Digital Music, Digital Media, Security, Personal Technology, Consumer Electronics, Ryan Naraine; Blog posts 2007-12-03
Zero Days: How to protect yourself: The SANS Institute released its top 20 security risks for 2007, which documents the security arms race between cyber criminals and the folks playing defense. But let's focus on the big scourge--zero day attacks. The report released Wednesday press release gives a nice overview of zero day...; Tags: SANS Institute, Zero-day Bug, Security, Larry Dignan; Blog posts 2007-11-28
Zero-day flaw in Macrovision DRM app under attack: Zero-day flaw in Macrovision DRM app under attackI'm starting to be guardedly optimisticVista seems to be immune to these exploits. Maybe MS actually did do something right for a change.Of course, WGA is still an offense of the first magnitude, but maybe on the security front Vista has made some...; Tags: Microsoft Windows Vista (Longhorn), Digital rights management (DRM), Operating systems, Digital media, Microsoft Windows Vista, Apple Inc., digital-rights management, Macrovision Corp.; Discussion threads 2007-10-23

IE users beware: RealPlayer zero-day flaw under attack: IE users beware: RealPlayer zero-day flaw under attackWait a minute!According to what I've read from the Microsoft drones, IE is supposed to be "operating in a sand box".How is it possible to be attacked by a flaw while it's "in a sand box"? (unless it's a sand booger, of course)But...; Tags: Web browsers, Apple Mac OS X, Operating systems, sentance, Leopard, ActiveX, Microsoft Corp., Microsoft Internet Explorer, RealNetworks RealPlayer, Linux, attack vector, Apple Macintosh; Discussion threads 2007-10-19
'High risk' zero-day flaw haunts Adobe Acrobat, Reader: 'High risk' zero-day flaw haunts Adobe Acrobat, ReaderIn the meantimePeople can use kpdf -- the 3.5.7 version is pretty slick.more reasons to switch to Linux!only on windoze you can get such an attack.Time to switch to Linux.This is the HTML control again!From a comment on the announcement page: I would...; Tags: Microsoft Windows, SECURITY, Web browsers, Foxit, Adobe Acrobat Reader, Adobe Acrobat, Adobe Systems Inc., flaw, HTML, High Risk, Linux; Discussion threads 2007-09-20
Zero-day flaws surface in AOL, Yahoo IM products: Zero-day flaws surface in AOL, Yahoo IM productsMulti-Messenger ApplicationsThis is a problem that makes me doubly nervous, as I use both of these services through a multi-messenger supporting application. Is it likely that I am at risk still using a program like Trillian or the like?J.Morgan www.VAR2.comThis is ALSO a...; Tags: Cyberthreats, SECURITY, Yahoo! Inc., America Online Inc., IM, virus, Yahoo IM; Discussion threads 2007-09-19
News to know: Isolating zero-day exploits; CelebriMiis; Microsoft's virtualization backtrack: Notable headlines:Ryan Naraine: New MS tool isolates Office 2003 zero-day exploits. Hackers in Seattle for Microsofts Blue Hat, ToorCon.Apple plugs critical holes in Darwin Streaming Server. Cybercrooks add QuickTime, WinZip flaws to arsenal.Red Hat launches open-source Exchange.Larry Dignan: Are Zimbra and Alfresco on Red Hats shopping list?Apples Jobs brushes...; Tags: Storage management, Utility computing, Microsoft Windows Vista (Longhorn), virtualization, CelebriMiis, Intels, zero-day bug, Google Inc., Microsoft Corp.; Blog posts 2007-05-11
New MS tool isolates Office 2003 zero-day exploits: New MS tool isolates Office 2003 zero-day exploitsStrips out macros and VBA???Talk about making something useless.Kludgy is better than nothing, I guessOur MS rep said he hadn't heard of the Office zero-day vulnerability issues, but luckily MS must have. Now if they can just refine this solution so it's...; Tags: tool, Microsoft Office, Microsoft Corp., Microsoft Office 2007, zero-day bug, Microsoft Office 2003, New MS tool; Discussion threads 2007-05-10
New MS tool isolates Office 2003 zero-day exploits: Microsoft plans to ship a file conversion tool to give Office 2003 users a chance to protect against exploits rigged into .doc, .xls, .ppt documents.The tool, called MOICE Microsoft Office Isolated Conversion Environment, is a direct response to the nonstop zero-day attacks that use rigged Word, Excel and Powerpoint documents...; Tags: Hackers, Exploit code, Digital rights management, Data theft, Browsers, Botnets, Metasploit, Microsoft, Patch Watch, Pen testing, Responsible disclosure, Rootkits, Spyware and Adware, Viruses and Worms, Vulnerability research, Windows Vista, Zero-day attacks; Blog posts 2007-05-10
Apple plugs QuickTime zero-day flaw: Apple plugs QuickTime zero-day flawMacHope Steve Jobs Can Cut The Crappy Ad. For A Week As MemorialSo basically...When there was finally a function to crack a mac, that included some incentive, then they found holes?So basically for Apple to avoid this embarrassment again, they just need to keep a low...; Tags: Digital music, Operating systems, Digital media, UNIX, Hacking, open-source community, Apple Inc., Apple QuickTime, Apple Mac OS X, zero-day bug; Discussion threads 2007-05-02
Office zero-day bugs spoil Patch Tuesday: Office zero-day bugs spoil Patch TuesdayOffice zero-day bugs spoil Patch TuesdayThe user still needs to open the attachment once they get past the big warning screen saying it could be potentially harmful so that right there doesn't make this flaw all that feasible.Patches spoil every software makers repcause they didn't...; Tags: Microsoft Windows, Microsoft Windows Vista (Longhorn), Patches, Spyware, adware & malware, WTF, Patch Tuesday, L.D., Office zero-day bug, zero-day bug, Microsoft Office, Microsoft Windows Vista; Discussion threads 2007-04-10
Windows zero-day flaw gets a fix: Windows zero-day flaw gets a fixWindows zero-day flaw gets a fixOnly five security bulletins with fixes for eight flaws? Only 1 of these affects Vista? That is pretty minimal. Microsoft has really improved its security in all of its software to be reporting on so few bugs. I...; Tags: Windows zero-day flaw, Windows Zero-Day, flaw, zero-day bug, security, Microsoft Windows; Discussion threads 2007-04-10
ShieldGen: Automatic Data Patch Generation for Unknown Vulnerabilities With Informed Probing: This paper presents ShieldGen, a system for automatically generating a data patch or a vulnerability signature for an unknown vulnerability, given a zero-day attack instance. The key novelty in the work is that the authors leverage knowledge of the data format to generate new potential attack instances, which it call...; Tags: Vulnerability, Zero-day Bug, Security; White papers 2007-03-06
MS Word zero-day attack video: MS Word zero-day attack videoTrojan Dropper RemovalI recently found Trojan Dropper on my computer, and found some great ways to remove it: http://411-spyware.com/remove-trojan-dropper-delf; Tags: Corporate communications, Word processors, Microsoft Office, MS Word zero-day attack, zero-day bug, Microsoft Word, video, Microsoft Corp.; Discussion threads 2007-02-22
Zero-day attack hits Word: Zero-day attack hits WordPatch Tuesday is really working out for MS"Cybercrooks have found that they can take advantage of Microsoft's security update cycle by timing new attacks right before or just after "Patch Tuesday"--the second Tuesday of each month when the software maker releases its fixes. Some security watchers have...; Tags: Word processors, vulnerability, Microsoft Corp., Microsoft Word, security, zero-day bug, Microsoft Office, Patch Tuesday; Discussion threads 2007-02-15
Sun's Solaris 10 at risk of zero-day exploit: Sun's Solaris 10 at risk of zero-day exploitDiscovered testerday, fixed today.Are you watching, and learning, Microsoft.; Tags: UNIX, Sun Solaris 10, zero-day bug, Sun Solaris, Sun Microsystems Inc.; Discussion threads 2007-02-14
Microsoft warns Excel under zero-day attack: Microsoft warns Excel under zero-day attackMicrosoft warns Excel under zero-day attackSo its the same case as before where this attack is a non-issue. It's "very limited" in scope, the user has to open the email then run the attachment. All of which give warnings prior to being able to...; Tags: Microsoft Outlook, Microsoft Office, Microsoft Corp., OOo, zero-day bug, Microsoft Excel; Discussion threads 2007-02-05
Another Word zero-day bug used in attacks: Another Word zero-day bug used in attacksopenoffice herenp!Space to improuve.Security vulnerability in http://www.preferatele.com Microsoft Word like alwayes. More and more to do. http://www.preferatele.com/docs/diverse/2/diverse9.phpkOfficefar and wide less zero day bugged.What is Symantec thinking?"Businesses should put policies in place to prevent Word documents from being distributed to users, Symantec said."What?!? And...; Tags: Word processors, Microsoft Office, attacker, Finger-pointing, Microsoft Word, attack, Word Document, Microsoft Corp., security, zero-day bug; Discussion threads 2007-01-25