VB Migration

Tag: exploit

  • Android SMS trojan goes wild

    Premium-rate text scam shows growing cracks in smart phone security. The first known SMS trojan affecting smart phones running Google ‘s Android operating system has been observed in the wild, highlighting growing cracks in the security veneer of the latest range of glossy smart phones. The trojan was first identified by researchers at Kaspersky Lab…

  • Patches come thick and fast in major update spree

    Monthly and out-of-band issues flood admins’ to-do lists. The release of this month’s Patch Tuesday security bulletins from Microsoft , with a fairly average 10 alerts covering 34 separate vulnerabilities, is accompanied by a number of additional fixes and updates which will keep security admins busy this week. Adobe has announced plans to provide an…

  • Patch Tuesday release includes 13 bulletins

    26 vulnerabilities featured in sizeable update set. After a relatively quiet January, administrators are faced with a hefty workload this week as Microsoft ‘s monthly Patch Tuesday security release featured 13 updates covering 26 separate issues with Windows and other Microsoft software. In five bulletins labelled ‘Critical’, remote code execution problems with TCP/IP, SMB clients,…

  • Bumper crop of October patch releases

    Busy weeks for admins as Patch Tuesday joined by Adobe fixes, and Mozilla announces plug-in checking plans. This week has seen Microsoft ‘s monthly Patch Tuesday release of security updates, featuring a larger than usual 13 fixes, joined by a set of patches from Adobe for its widely-used PDF-handling software. With home and business users…

  • Patch Tuesday brings little relief from browser exploits

    Six fixes issued, but new IE zero day emerges along with Firefox flaw. Microsoft has issued its monthly ‘Patch Tuesday’ security update, with some serious browser flaws patched, but a new IE zero-day has been seen being exploited in the wild, and Firefox users have also been warned about a serious vulnerability. The Patch Tuesday…

  • Another IE zero day exploited

    Second DirectShow vulnerability in six weeks labelled ‘extremely critical’. Microsoft has issued an advisory on a serious vulnerability in an ActiveX control in its Internet Explorer browser, the second zero-day alert in the same area of the product in recent months. The issue has been flagged as ‘extremely critical’ by vulnerability watchers at Secunia ,…

  • Gumblar compromise growth continues

    Dominant web threat infecting still more vulnerable sites. A major web compromise, estimated by some to represent over 40% of infected web pages last week, has continued growing in size and prevalence at an alarming rate. The threat, commonly dubbed ‘Gumblar’ after a domain used by early versions, but also known as ‘JS/Redir’, is thought…

  • March Patch Tuesday followed by PDF viewer patches

    Major kernel issue and PDF problems fixed, spreadsheet software remains vulnerable. Microsoft released the March security bulletin this week, with the monthly Patch Tuesday updates rather lighter than usual. On the same day, Adobe released some important patches for its widely used PDF viewing software. From Microsoft came a single ‘critical’ fix for the Windows…

  • Symbian SMS pest highlighted

    Mobile exploit attack disables messaging. A presentation at a popular hacking forum has brought much attention to a flaw in the SMS processing in some versions of the Symbian mobile operating system, in use in many mobile phones from leading manufacturer Nokia among others. The flaw can be exploited with a specially crafted SMS message,…

  • MS to release out-of-band patch for critical IE vulnerability

    Users advised to patch ASAP. Microsoft is set to release an emergency out-of-band patch for the vulnerability in its Internet Explorer browser reported last week. Attacks via the vulnerability have been shown to work on a wide range of Windows and IE variants, and have been widely seeded to both malicious websites and legitimate sites…