Browsing Author: Ryan Naraine

Oracle Plans Monster Patch Tuesday Release

[img_assist|nid=7030|title=|desc=|link=none|align=left|width=100|height=100]Oracle will join Microsoft on next week’s Patch Tuesday freight train and it will be another mega-release.

The database server giant says in a pre-release announcement that it will patch a whopping 81 vulnerabilities, some serious enough to be remotely exploitable without authentication (over a network without the need for a username and password). 

Read more...

Microsoft Plans Record-Breaking Patch Tuesday

Categories: Malware, Vulnerabilities

[img_assist|nid=7015|title=|desc=|link=none|align=left|width=72|height=72]This month’s batch of security patches from Microsoft will be a record-breaking one: 16 bulletins addressing a whopping 49 security vulnerabilities.

Read more...

Adobe Warns of Flash Player Zero-Day Attack

Categories: Malware, Vulnerabilities

[img_assist|nid=6651|title=|desc=|link=none|align=left|width=100|height=100]The zero-day hacker attacks against Adobe’s software products are coming fast and furious.
Less than a week after the discovery of a sophisticated malware attack against an unpatched security hole in Adobe Reader/Acrobat, the company has issued a new warning for in-the-wild attacks against a zero-day flaw in its ubiquitous Flash Player.

Read more...

Microsoft to Patch 13 Security Holes in Windows, Office

Categories: Malware, Vulnerabilities

Microsoft’s S[img_assist|nid=5984|title=|desc=|link=none|align=left|width=68|height=68]eptember batch of security patches will include fixes for 13 documented vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office.

Read more...

Mozilla Patches Firefox DLL Load Hijacking Bug

Mozilla has joined Apple in being among the first to fix the DLL load hijacking attack vector that continues to haunt hundreds of Windows applications.

Read more...

Adobe Patches 20 Security Holes in Shockwave Player

[img_assist|nid=6347|title=|desc=|link=none|align=right|width=100|height=100]Adobe has shipped a Shockwave Player update to fix 20 security holes, some serious enough to lead to system takeover attacks.

The vulnerabilities, rated “critical,” affect Shockwave Player 11.5.7.609 and earlier versions for Windows and Macintosh.

Read more...

Details Emerge on Severe Windows App Flaws

[img_assist|nid=6300|title=|desc=|link=none|align=left|width=90|height=90]Metasploit’s HD Moore has released technical details on a severe application DLL load hijacking problem that haunts more than 40 Windows software programs.Moore, who stumbled on the issue while researching the recent LNK zero-day flaw, has released an audit kit that can be used to identify affected applications on a particular system.

Read more...