In this video, courtesy of Kaspersky’s Lab Matters, Ryan Naraine talks with David Lenoe, Head of the Product Security Incident Response Team, Adobe, about that company’s process for responding to security vulnerabilities in its products.
Browsing Author: Ryan Naraine
Adobe will join Microsoft on the security patch treadmill next Tuesday (February 8, 2011) with “critical” updates for code execution holes in its flagship Adobe Reader and Adobe Acrobat products.
As part of this month’s Patch Tuesday schedule, Microsoft plans to ship a dozen bulletins with fixes for 22 vulnerabilities, some serious enough to allow hackers complete access to a vulnerable Windows machine.According to Microsoft’s advance notice, three of the 12 bulletins will carry be rated “critical,” the company’s highest severity rating.
Facing a wave of criticism for not offering a secured browsing option, Facebook has finally added a new feature to browse the popular social network on a secure connection (https).
A fast-moving Twitter worm is in circulation, using Google’s goo.gl redirection service to push unsuspecting users to a notorious scareware (fake anti-virus) malware campaign.At 8:45 a.m EST today, this Twitter search shows thousands of Twitter messages continuing to spread the worm.
[img_assist|nid=7015|title=|desc=|link=none|align=left|width=75|height=75]Microsoft is planning another massive Patch Tuesday this month: 17 bulletins with fixes for 40 security vulnerabilities.
The December batch of patches will cover security holes in Microsoft Windows, Office, Internet Explorer, SharePoint and Exchange, according to an advance notice posted Thursday.
Google has shipped a new version of its Chrome web browser to fix at least 14 security vulnerabilities that expose users to malicious hacker attacks.
The Chrome 8.0.552.215 update also include a new built-in PDF viewer that is secured in Chrome’s sandbox, according to a brief note posted by Google’s Jason Kersey.
[img_assist|nid=7182|title=|desc=|link=none|align=right|width=92|height=92]A security researcher has released an exploit for an unpatched security vulnerability in Adobe’s Shockwave Player, warning that the flaw could be targeted to launch drive-by malware download attacks.
[img_assist|nid=7164|title=|desc=|link=none|align=left|width=100|height=100]The open-source Linux operating system contains a serious security flaw that can be exploited to gain superuser rights on a target system.The vulnerability, in the Linux implementation of the Reliable Datagram Sockets (RDS) protocol, affects unpatched versions of the Linux kernel, starting from 2.6.30, where the RDS protocol was first included.
Mozilla has released Firefox 3.6.11 with patches for a dozen security holes, some serious enough to launch attacks if a user simply surfs to a booby-trapped website.