Microsoft on Tuesday released 13 security bulletins, including three for critical flaws in Windows Media and in the Windows kernel-mode drivers. The company had planned on releasing 14 bulletins in December’s Patch Tuesday shipment, but officials said that one of the planned fixes was causing a compatibility problem with a third-party vendor’s products and is being held until that issue is remedied.
Google has fixed 15 security vulnerabilities in its Chrome browser, including six high-risk bugs. As part of its reward program, Google paid out $6,000 in rewards to researchers who reported flaws.
Adobe on Tuesday released a patch for a vulnerability affecting versions of its ColdFusion Web application development platform. A company spokeswoman said the company still hasn’t set a date for an emergency patch for a critical and previously unknown hole in both the Adobe Reader and Adobe Acrobat applications, after promising to issue a fix this week.
In the wake of the hack of water and sewer infrastructure operated by a Texas community, the Department of Homeland Security is again warning owners and operators of critical infrastructure to take note of SCADA and industrial control systems that may be accessible from the Internet.
Pirates beware! The creator of a new Web based search engine says that linking you up with your (illegal) downloads is easier than you may think.
Executives for some of the world’s largest oil companies stressed that cyber attacks against their companies are becoming more strategic and happening more frequently at a conference last week, according to a report today from the BBC.
Cyber security analysts at private sector firms in the U.S. say they have linked a string of devastating hacks of military networks and defense contractors to a small cadre of hacking groups within China, and are pushing the U.S. government for the green light to strike back.
UPDATE: Microsoft will release 14 security patches next Tuesday, including fixes for security vulnerabilities exploited by the Duqu and BEAST malware.
There are multiple reports emerging of two new vulnerabilities in Adobe Flash that could lead to remote code execution. There’s little information about the exact nature of the bugs available right now, and Adobe has not released any advisories or information about them either.
A class action lawsuit filed in U.S. District Court in California against Hewlett-Packard could have wide ranging implications for software makers, should the court agree with the plaintiff’s claim that the company violated the state’s consumer protection laws by failing to disclose a serious vulnerability in the software that runs some of its printers.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
