Tag: patch
-
Four IE bugs fixed by Patch Tuesday release
Seven updates, three critical in monthly security update. Microsoft has released its monthly ‘Patch Tuesday’ security bulletin, featuring seven updates of which three are marked ‘critical’ and cover flaws which could allow remote execution of code if exploited on vulnerable systems. The critical issues are with DirectX , Windows Media Format and Internet Explorer ,…
-
Five-year-old design flaw found in all Windows versions
Microsoft engineers spend Thanksgiving holidays writing patch. During the Kiwicon conference earlier this month, ethical hacker Beau Butler from New Zealand disclosed a design flaw in Windows that could potentially affect millions of users. Said flaw seems to have been first discovered and, apparently, fixed more than five years ago, but this fix has turned…
-
Two fixes released on lightweight Patch Tuesday
Monthly security update covers just couple of dangers. Microsoft has released its monthly ‘Patch Tuesday’ security bulletin, with only two patches issued, one rated ‘Important’ and the other ‘critical’. The more serious flaw, a problem with URI validation, has been publicly disclosed and can be used to remotely compromise a system. While exploitation methods have…
-
PDF trojan exploits Adobe flaw
Reader/Acrobat vulnerability targeted day after patch release. A vulnerability in Adobe ‘s popular PDF-viewing software Adobe Reader and editing suite Acrobat , first reported a month ago , was patched on Monday in an update released two weeks after the company issued a workaround to minimise exposure. The following day, PDFs containing exploits for the…
-
RealPlayer zero-day flaw exploited
Manufacturer responds rapidly to serious security hole. A zero-day vulnerability in the popular media playing system RealPlayer was spotted being exploited in the wild late last week, with several trojans penetrating vulnerable systems from malicious websites in silent drive-by downloads. The flaw is in a piece of code previously exploited to cause denial of service,…
-
4 out of 5 critical issues fixed on Patch Tuesday
Expected patch omitted from monthly security update. Microsoft has announced the contents of its monthly ‘Patch Tuesday’ security update release, with four ‘Critical’ and two ‘Important’ fixes pushed out to users of its operating systems and software. A fifth issue, labelled ‘Critical’ in the advance notification released last week, remains open as the expected patch…
-
Adobe acknowledges PDF flaw, issues workaround
Registry hack provides temporary fix for vulnerability. Adobe has officially confirmed the vulnerability announced last month by researcher Petko Petkov, which could allow maliciously crafted PDF files to breach security and compromise systems. Limited details of the flaw were made public and led to widespread concern over the security of the widely used document format.…
-
Sun patches serious Java flaws
Critical vulnerabilities covered by urgent patches. Sun Microsystems has issued a series of patches to fix several vulnerabilities in its popular Java software. Successful exploitation of the flaws could allow remote access to systems and data. The string of flaws affect various versions of Java Runtime Environment ( JRE ), Java Web Start and other…
-
Vulnerabilities closed in OpenOffice, StarOffice
Flaws patched in TIFF parsing code. Security researchers at iDefense revealed last week that OpenOffice version 2.0.4 and earlier versions are vulnerable to maliciously crafted TIFF files, which can be delivered in email attachments, published on websites or shared using peer-to-peer software. According to iDefense , ‘When parsing the TIFF directory entries for certain tags,…
-
Quiet Patch Tuesday
Four flaws fixed in minimal security update. Microsoft ‘s monthly ‘Patch Tuesday’ release of security updates for Windows and other software has been fairly quiet this month – with four patches released, only one of which is labelled ‘Critical’. The most serious issue is a vulnerability in the Microsoft Agent usability tool, which could be…