Tag: vulnerability
-
Macs under attack from trojan double whammy
Two new threats in a week spark worries of approaching Mac malware era. Users of Apple Mac systems, who have so far only suffered from minimal attention from malware creators, may need to take more care in future according to some security analysts, after the exposure of a significant vulnerability in the operating system and…
-
Microsoft releases latest Patch Tuesday fixes
7 vulnerabilities, 3 critical, addressed in June security update. Microsoft has issued its monthly ‘Patch Tuesday’ set of security fixes, with seven separate areas covered of which three are flagged as ‘critical’ and could expose vulnerable systems to remote code execution. The most serious areas affected are the DirectX multimedia system, the Windows Bluetooth stack,…
-
Microsoft increases pressure on Apple to fix Safari blended threat
‘Carpet bombing’ vulnerability more serious than Apple claims, MS warns. Microsoft , whose Internet Explorer has come under frequent criticism for security vulnerabilities, has issued a security advisory alerting users of arch-rival Apple ‘s Safari browser to a potential security threat. The issue is a blended threat which combines quirks in both the Apple browser…
-
Latest Patch Tuesday update released
Microsoft announces five ‘critical’ vulnerabilities need fixing. Microsoft has issued its monthly ‘Patch Tuesday’ security bulletin, with five ‘critical’ and three ‘important’ patches made available. The more serious flaws are vulnerabilities in MS Project and the scripting engines for VBScript and JScript , problems with ActiveX and GDI , and the usual cumulative update fixing…
-
Latest Patch Tuesday release
March’s Patch Tuesday sees four ‘critical’ updates. Microsoft has released its monthly ‘Patch Tuesday’ security bulletin. This month the bulletin features four ‘critical’ updates, all of which apply to different components of the Office suite of products, and all of which fix vulnerabilities that allow remote code execution on a machine running the affected software.…
-
Cisco announces ‘Patch Wednesdays’
Cisco set to embark on regular release cycle. Following a trend set by Microsoft ‘s monthly ‘Patch Tuesdays’ and Oracle ‘s quarterly security updates, networking giant Cisco has announced it will release patches for its Internetwork Operating System ( IOS ) on fixed dates. The patches, which Cisco calls ‘Security Advisories’, will be released on…
-
‘Olympic’ emails contain malicious XLS attachments
Malware writers sprint to use vulnerabilities before next Patch Tuesday. Security researchers have reported seeing emails containing XLS attachments designed to exploit a yet unpatched vulnerability in several versions of Microsoft ‘s Excel software. The attachment, which purports to contain information about this summer’s Olympic Games in Beijing, leaves a trojan on the user’s computer.…
-
Bumper Patch Tuesday short of one patch
Excel remains vulnerable as expected fix is dropped. Microsoft has issued its monthly ‘Patch Tuesday’ set of security updates, with a larger than usual crop of patches for a variety of products, including several for the Office range and Internet Explorer browser. However, one significant patch – for a vulnerability in Excel – was withdrawn…
-
More PDF exploits seen in wild
Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe ‘s PDF viewing and editing software, disclosed late last week by Adobe and iDefense , have been exploited by malicious attacks using PDF files to launch malware. The flaws, which include several buffer overflows, a library path vulnerability…
-
Yahoo! jukebox flaw exploits in wild
Zero day vulnerability in music system rapidly targeted. Vulnerabilities in Yahoo! Jukebox , a free music-management system provided by Yahoo! , have been exploited by in-the-wild attacks just days after flaws were first disclosed. Two separate buffer overflow issues in ActiveX controls used by the system were reported on February 2nd and 5th, and attacks…