Tag: vulnerability
-
String of vulnerabilities found in ServerProtect
Several minor holes patched in Trend Micro corporate product. A series of security issues have been reported in Trend Micro ‘s ServerProtect server-level product, which could allow system compromise from within the local network but are not thought to expose servers to remote attack. Seven separate vulnerabilities, mostly boundary errors which could possibly be exploited…
-
Storm e-card malware keeps on coming
No end to flood of fake friendly greetings. A further wave of e-cards carrying links to ‘Storm’ malware (various labelled Nuwar, Peacomm, Dorf, Zhelatin) has been hitting inboxes around the world all this week, with no signs of any letup in the deluge. The latest barrage carry a simple message, using spoofed source addresses and…
-
Webcam zero-day in Yahoo! Messenger
Video chat invites pose vulnerability danger. A zero-day vulnerability has been reported in the webcam module of Yahoo! Messenger , allowing attackers remote access to systems open to the exploit. Little detail has yet emerged on the nature of flaw, which was first uncovered after a post detailing how to exploit it was spotted on…
-
14 flaws fixed in bumper Patch Tuesday
Critical remote execution and hijack holes closed. Microsoft ‘s monthly ‘Patch Tuesday’ security bulletin includes nine separate bulletins this month, covering a total of 14 vulnerabilities in the Windows operating system and other Microsoft software, including three flaws in the Internet Explorer browser and one in the Excel spreadsheet software. Other vulnerabilities marked at the…
-
Serious flaws patched in Norton 2006 products
Symantec users warned of vulnerabilities. Users of Symantec ‘s popular Norton AntiVirus and Norton Internet Security products are being urged to ensure they are running the latest versions, after vulnerabilities found in ActiveX controls used by the products were patched to secure possible remote access points. The flaws, discovered by researchers at Secunia and described…
-
Series of products hit by vulnerabilities
Researcher finds flaws in ESET, Panda and Norman AV software. Researcher Sergio Alvarez has reported on vulnerabilities found in a string of anti-virus products this week, with software ranges from ESET , Panda and Norman all hit by serious buffer-overflow flaws, allowing remote access if exploited. The ESET problems involve the handling of CAB archives…
-
Symantec, AVG suffer problems
Vulnerabilities and false positives strike major products. Symantec users have been warned of some serious issues with archive handling, across a wide range of software produced by the company, which could be used to caused denial of service or even breach a system. AVG , meanwhile, has also been hit by a less serious vulnerability,…
-
Controversy over IE-to-Firefox exploit
MS and Mozilla in row over blame for cross-browser attack. An exploit which involves browsing to a malicious website using Internet Explorer , but then launches an attack via a loophole in Mozilla Firefox , is causing controversy over which piece of software is ‘vulnerable’. The attack, apparently discovered simultaneously by two separate groups of…
-
7 flaws fixed in July Patch Tuesday release
Critical patches issued for Excel, Active Directory and .NET. Microsoft has released a total of seven patches in its monthly ‘Patch Tuesday’ security update, with three of the vulnerable products covered marked as ‘critical’. The most significant problems are in Excel spreadsheet software, which has three separate vulnerabilities fixed this month, each allowing remote code…