Browsing Author: Ryan Naraine

Oracle Plans Monster Patch Tuesday Release

[img_assist|nid=7030|title=|desc=|link=none|align=left|width=100|height=100]Oracle will join Microsoft on next week’s Patch Tuesday freight train and it will be another mega-release.

The database server giant says in a pre-release announcement that it will patch a whopping 81 vulnerabilities, some serious enough to be remotely exploitable without authentication (over a network without the need for a username and password). 

Read more...

Adobe Warns of Flash Player Zero-Day Attack

Categories: Malware, Vulnerabilities

[img_assist|nid=6651|title=|desc=|link=none|align=left|width=100|height=100]The zero-day hacker attacks against Adobe’s software products are coming fast and furious.
Less than a week after the discovery of a sophisticated malware attack against an unpatched security hole in Adobe Reader/Acrobat, the company has issued a new warning for in-the-wild attacks against a zero-day flaw in its ubiquitous Flash Player.

Read more...

Adobe Patches 20 Security Holes in Shockwave Player

[img_assist|nid=6347|title=|desc=|link=none|align=right|width=100|height=100]Adobe has shipped a Shockwave Player update to fix 20 security holes, some serious enough to lead to system takeover attacks.

The vulnerabilities, rated “critical,” affect Shockwave Player 11.5.7.609 and earlier versions for Windows and Macintosh.

Read more...

Details Emerge on Severe Windows App Flaws

[img_assist|nid=6300|title=|desc=|link=none|align=left|width=90|height=90]Metasploit’s HD Moore has released technical details on a severe application DLL load hijacking problem that haunts more than 40 Windows software programs.Moore, who stumbled on the issue while researching the recent LNK zero-day flaw, has released an audit kit that can be used to identify affected applications on a particular system.

Read more...