Apple has released a new version of OS X Mavericks, which includes all of the security fixes it pushed out last month. OS X 10.9.3 includes the patches for the so-called triple handshake SSL vulnerability, as well as fixes for several remote code-execution vulnerabilities. The company also released a patch for iTunes that fixes a[...]
Browsing Category: Vulnerabilities
A critical security vulnerability that existed in the Linux kernel for five years has now been fixed, but could cause system crashes, code execution, and privilege escalation.
DUBAI–When new technologies or platforms emerge, they tend to follow a familiar trajectory in terms of security. The evolution typically goes through something like the following stages: Hey, look what we built; huh, no, we didn’t think about that problem; we’re very serious about security; ok, now we’re actually serious about security. This is the[...]
Google resolved three highly rated security vulnerabilities in Chrome. US-CERT warns an attacker could exploit these bugs to take control of affected systems.
Microsoft pushed its largest batch of Patch Tuesday updates so far this year today – eight bulletins, two critical – addressing important 13 issues in Internet Explorer and Sharepoint Server, along with Windows, Office and its .NET Framework.
The Federal Financial Institutions Examination Council (FFIEC) announced last week that it will work harder to try to identify vulnerabilities in smaller community banks and is planning to better raise awareness when it comes to cyber threats.
Microsoft will patch Internet Explorer again one week after an out-of-band patch for a zero-day vulnerability in the browser.
Cisco has patched a handful of buffer overflows in several of its WebEx products that could allow an attacker to execute arbitrary code or crash a vulnerable application. The bugs affect the WebEx WRF and ARF players and some of Cisco’s Business Suite builds, WebEx 11 and WebEx Meetings Server also are affected by at[...]
A bug in the developer and early adopter version of Google Chrome called Canary fails to display URLs of a certain character length, potentially facilitating phishing attacks.
A serious vulnerability in both the OAuth and OpenID protocols could lead to complications for those who use the services to login to websites like Facebook, Google, LinkedIn, Yahoo, Microsoft, PayPal among many others.