Sun Micros[img_assist|nid=1535|title=|desc=|link=none|align=right|width=115|height=115]ystems and Research In Motion have issued critical bug fixes for security issues with their products. Both updates include fixes for critical security bugs that could be abused by attackers to run unauthorized software on a victim’s computer, although none of the flaws appear to have been publicly known before Tuesday. Read the full story [IDG News Service/Robert McMillan]
Browsing Tag: vulnerabilities
Windows Vista is dramatically more secure than Windows XP, according Microsoft’s latest Security Intelligence Report. The infection rate of Windows Vista SP1 was 61.9 percent less than Windows XP SP3, the company said.[img_assist|nid=1495|title=|desc=|link=none|align=right|width=115|height=115]The report covers the first half of 2009 and is the seventh such twice-yearly report the company has issued. The study found that for all Microsoft operating systems that the most current service pack is always the least infected, based on infections per 1,000 computers running each OS. Windows 7 was not included in the report. Read the full report [Network World]
Microso[img_assist|nid=1433|title=|desc=|link=none|align=left|width=115|height=115]ft Corp. pours more money into software security than any other
major vendor both because it has to and because it can. Yet for all the
investments in security, the number of vulnerabilities discovered in
the company’s products has increased over the years, prompting
questions over whether the company has reached the limits of its
ability to debug software.
After releasing its largest-ever group of security[img_assist|nid=1292|title=|desc=|link=none|align=left|width=120|height=115] patches two weeks ago, Microsoft has done a little cleaning up.Over the past few days, the company has re-released two security updates and issued a workaround for a Windows CryptoAPI patch that caused Microsoft’s own instant-messaging server to crash. Read the full story [IDG News Service/Robert McMillan]
Researchers scanning the internet for vulnerable embedded devices have
found nearly 21,0[img_assist|nid=901|title=|desc=|link=none|align=left|width=115|height=115]00 routers, webcams and VoIP products open to remote
attack, due to the fact that their administrative interfaces are
publicly viewable from anywhere on the internet and their owners have
failed to change the manufacturer’s default password. Read the full story [Wired/Kim Zetter]
[img_assist|nid=495|title=|desc=|link=none|align=right|width=115|height=115]Adobe isn’t the only software vendor struggling to cope with security vulnerabilities in PDF reader applications. According to reports, there are numerous PDF applications — including Foxit Reader and Xpdf — that allow attackers to infect systems with malware.
From The H Security
The Apache Tomcat developers have released patches to fix three vulnerabilities in their implementations of the Java Servlet and JavaServer Pages technologies. When Tomcat receives a request with invalid headers via the Java AJP connector, it closes the connection without returning an error message. The vulnerability can be exploited by an attacker in load balancing environments to initiate a denial of service (DoS) attack. Read the full story [h-online.com]
Most Websites harbor at least one major vulnerability, and over 80 percent of Websites have had a critical security flaw, according to new data released today by WhiteHat Security.
The Website vulnerability statistics, based on Website vulnerability data gathered from WhiteHat’s own enterprise clients, show that 63 percent of Websites have at least one high, critical, or urgent vulnerability issue, and there’s an average of seven unfixed vulnerabilities in a Website today. Read the full story [darkreading.com]
Will there be one major catastrophe, or just smaller disasters? Panelists discuss what security issues we should be watching out for, where the threat might come from, and the difficulties in predicting the unpredictable. (Via ZDNet)