VB Migration

Tag: vulnerability

  • Gumblar compromise growth continues

    Dominant web threat infecting still more vulnerable sites. A major web compromise, estimated by some to represent over 40% of infected web pages last week, has continued growing in size and prevalence at an alarming rate. The threat, commonly dubbed ‘Gumblar’ after a domain used by early versions, but also known as ‘JS/Redir’, is thought…

  • Security holes trouble vendors

    Vulnerabilities fixed in McAfee website and Google Chrome; patch expected for Adobe Reader. A range of vulnerabilities have been causing headaches recently for companies including security vendor McAfee , the Internet browser arm of Google and PDF reader giant Adobe . McAfee came in for criticism when it was discovered that McAfee Secure – the…

  • Eight fixes for April Patch Tuesday release

    Five critical updates in latest monthly patch release. The April Patch Tuesday release from Microsoft , revealed this week, contained five updates rated ‘critical’, as well as two deemed to be ‘important’ and one assigned a less urgent ‘moderate’ rating. The five critical patches cover vulnerabilities in the Microsoft WordPad and Office text converters, vulnerabilities…

  • March Patch Tuesday followed by PDF viewer patches

    Major kernel issue and PDF problems fixed, spreadsheet software remains vulnerable. Microsoft released the March security bulletin this week, with the monthly Patch Tuesday updates rather lighter than usual. On the same day, Adobe released some important patches for its widely used PDF viewing software. From Microsoft came a single ‘critical’ fix for the Windows…

  • IE fixed as usual in Patch Tuesday release

    Browser should be treated as special case, say some. The February ‘Patch Tuesday’ security bulletin from Microsoft this week contained four patches, two of them marked ‘Critical’, of which one was a ‘cumulative’ set of fixes for a selection of problems with the Internet Explorer browser. With flaws in the ubiquitous web-surfing tool a regular…

  • Kaspersky website suffers SQL vulnerability

    Hackers gain access to tables, no user data stolen. A security flaw in a local website of security firm Kaspersky Lab was spotted by hackers over the weekend, with an SQL infection attack potentially leading to exposure of customer details. No details were in fact extracted from the vulnerable databases, and the flaw was quickly…

  • Symbian SMS pest highlighted

    Mobile exploit attack disables messaging. A presentation at a popular hacking forum has brought much attention to a flaw in the SMS processing in some versions of the Symbian mobile operating system, in use in many mobile phones from leading manufacturer Nokia among others. The flaw can be exploited with a specially crafted SMS message,…

  • MS to release out-of-band patch for critical IE vulnerability

    Users advised to patch ASAP. Microsoft is set to release an emergency out-of-band patch for the vulnerability in its Internet Explorer browser reported last week. Attacks via the vulnerability have been shown to work on a wide range of Windows and IE variants, and have been widely seeded to both malicious websites and legitimate sites…

  • IE zero-day danger growing

    Large numbers of users vulnerable to unpatched problem. The as-yet unpatched vulnerability in Microsoft ‘s Internet Explorer browser, reported last week and coinciding with the release of the monthly ‘Patch Tuesday’ security updates, is becoming more serious by the day as more and more infected websites appear to be attempting to exploit the flaw to…

  • FTC goes after scareware scammers

    Courts crack down on pushers of rogue anti-malware. The US Federal Trade Commission (FTC) has announced a successful move to persuade a US district court to shut down a major player in the rogue anti-spyware business. The company behind the notorious WinFixer and XP Antivirus scams has been issued with a temporary restraining order barring…