Browsing Tag: vulnerabilities

Categories: Web Security

Mozilla announced this week that it plans to integrate a silent updater in the next build of its flagship browser, Firefox, allowing future patches for Firefox 12 to be downloaded and installed in the background while the browser is running, according to a blog post by Robert Nyman, Mozilla’s Technical Evangelist on hacks.mozilla.org on Wednesday.

Read more...

There is a confirmed legitimate working exploit for the MS12-020 RDP vulnerability in Windows circulating already and researchers say it is capable of either crashing or causing a denial-of-service condition on vulnerable machines. Microsoft has warned customers about the possibility of the exploit surfacing quickly and advised them to patch the flaw immediately. The researcher who discovered the vulnerability said that the packet he included in his original advisory was found in the exploit, raising the specter of a data leak somewhere in the pipeline.

Read more...

Microsoft said that it has not seen any evidence that hackers have figured out a way to take advantage of a critical vulnerability in the Windows Remote Desktop Protocol (RDP) that the company disclosed and patched on Tuesday. The statement comes in the wake of unconfirmed reports of working exploits for the RDP hole circulating online on Thursday. 

Read more...

VANCOUVER–If there’s one thing that emerged from all of the craziness that was CanSecWest, Pwn2Own and Pwnium, it’s that life is becoming more difficult for researchers and attackers looking to exploit modern browsers. It’s not impossible, of course, but it’s certainly not the warm-up exercise that it was four or five years ago.

Read more...

Categories: Vulnerabilities

VANCOUVER–Say what you will about Chaouki Bekrar, but the man is nothing if not frank. Bekrar, who is the public face of the VUPEN team that has been toying with the Pwn2Own contest this week, has become a lightning rod in the debate over exploit sales, and from all outward appearances, he couldn’t be happier about it.

Read more...

Cupertino, California-based Apple released fixes for a bevy of security flaws in its iOS mobile operating system, including security flaws affecting the Siri personal assistant, the iOS passcode feature, and more than five dozen flaws in the WebKit Web rendering enging used by both iOS and Android devices.

Read more...