Oracle will join Microsoft on next week’s Patch Tuesday freight train and it will be another mega-release.
The database server giant says in a pre-release announcement that it will patch a whopping 81 vulnerabilities, some serious enough to be remotely exploitable without authentication (over a network without the need for a username and password).
This month’s batch of security patches from Microsoft will be a record-breaking one: 16 bulletins addressing a whopping 49 security vulnerabilities.
The zero-day hacker attacks against Adobe’s software products are coming fast and furious.
Less than a week after the discovery of a sophisticated malware attack against an unpatched security hole in Adobe Reader/Acrobat, the company has issued a new warning for in-the-wild attacks against a zero-day flaw in its ubiquitous Flash Player.
Microsoft’s September batch of security patches will include fixes for 13 documented vulnerabilities affecting Windows, Internet Information Services (IIS), and Microsoft Office.
Adobe today sounded an alarm for a new zero-day flaw in its PDF Reader/Acrobat software, warning that hackers are actively exploiting the vulnerability in-the-wild.
Mozilla has joined Apple in being among the first to fix the DLL load hijacking attack vector that continues to haunt hundreds of Windows applications.
Apple has shipped Safari 5.0.2 and Safari 4.1.2 with patches for three gaping holes that expose Web surfers to drive-by download attacks.
Apple has shipped a new version of its iTunes media player to fix 13 security flaws that cold be exploited to launch attacks against Windows machines.
Adobe has shipped a Shockwave Player update to fix 20 security holes, some serious enough to lead to system takeover attacks.
The vulnerabilities, rated “critical,” affect Shockwave Player 11.5.7.609 and earlier versions for Windows and Macintosh.
Metasploit’s HD Moore has released technical details on a severe application DLL load hijacking problem that haunts more than 40 Windows software programs.Moore, who stumbled on the issue while researching the recent LNK zero-day flaw, has released an audit kit that can be used to identify affected applications on a particular system.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
