Apple has shipped a critical iTunes update to fix a security vulnerability that exposes Windows users to malicious hacker attacks.The latest iTunes 9.2.1 is available for Windows XP, Windows Vista and Windows 7.
Microsoft’s problems with Token Kidnapping [.pdf] on the Windows platform aren’t going away anytime soon.
More than a year after Microsoft issued a patch to cover privilege escalation issues that could lead to complete system takeover, a security researcher plans to use the Black Hat conference spotlight to expose new design mistakes and security issues that can be exploited to elevate privileges on all Windows versions including the brand new Windows 2008 R2 and Windows 7.
The Windows Help and Support Center vulnerability that was patched with yesterday’s MS10-042 bulletin was under active attack by malware miscreants, especially in Europe where Microsoft tracked about 25,000 attempts to exploit the vulnerability.
Last month, when Google researcher Tavis Ormandy released details on a critical Help and Support Center vulnerability that exposed Windows XP and Windows Server 2003 users to malicious hacker attacks, Microsoft was publicly unhappy with the decision.
Adobe today shipped a critical Reader/Acrobat patch to cover a total of 17 documented vulnerabilities that expose Windows, Mac and UNIX users to malicious hacker attacks.The update, which affects Adobe Reader/Acrobat 9.3.2 (and earlier versions), includes a fix for the outstanding PDF “/Launch” functionality social engineering attack vector that was disclosed by researcher Didier Stevens.
Apple has shipped a critical security patch for its iTunes media player to fix several gaping security holes that expose Windows users to hacker attacks.The vulnerabilities could be exploited to launch remote code execution attacks if a user simply opens an image file or surfs to a rigged Web site.
The Adobe Flash Player plugin that was included in yesterday’s Mac OS X software update contains multiple vulnerabilities that expose users to malicious hacker attacks.Apple shipped a new Flash Player plugin (10.0.45.2) in the Mac OS X patch bundle but that version became outdated on June 10th when Adobe shipped Flash Player 10.1.53.64.
Apple has shipped another mega Mac OS X patch bundle to fix a total of 28 documented security vulnerabilities affecting the Mac ecosystem.
Kaspersky Lab anti-malware researchers Costin Raiu and Magnus Kalkuhl field questions on targeted attacks, how they work and how businesses can protect themselves.
Adobe has shipped a “critical” Flash Player update to fix a total of 32 documented vulnerabilities in the ubiquitous software product.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
