Microsoft gave its users steps earlier this week to sidestep a vulnerability in one of Oracle’s Outside In libraries. The company published some mitigations for the bug, but said it isn’t aware of any active attacks against it yet.
Browsing Tag: vulnerabilities
Apple’s iOS and Google’s Android have been on opposite ends of the security continuum for the last few years, with iOS remaining resistant to malware and Android becoming a frequent target for attackers and malware authors. Google has been taking steps to change that in recent releases, and the latest version of its mobile operating system, Android 4.1 Jelly Bean, includes several new exploit mitigations and a more extensive implementation of ASLR to help defeat many kinds of exploits.
A new fork of the Black Hole exploit kit is making quick work of a recently patched Java vulnerability and security researchers say that the attackers are registering new sites quickly to exploit users with vulnerable browsers.
A security researcher has found several serious vulnerabilities in a widely deployed point-of-sale system that enables an attacker to change transactions, steal card data and take other malicious actions. The attacks could be executed remotely under certain circumstances or done through a local interface.
Instagram has patched a flaw in its photo sharing application that could have allowed anyone to add themselves as friends to accounts and view information and photos that were set to private.
Google has released an updated version of Chrome 20, fixing three high-risk security vulnerabilities. The update comes just two weeks after Google released Chrome 20, which included patches for 20 bugs.
A scheduled talk at the Black Hat Briefings security conference in Las Vegas later this month may have dealt a fatal blow to the once ballyhooed Windows Sidebar and Windows Gadgets. Redmond, Washington-based Microsoft, on Tuesday, issued a software “fix” that disables gadgets and the Windows sidebar on Vista and Windows 7 entirely.
Microsoft issued nine bulletins fixing 16 vulnerabilities in the July 2012 edition of Patch Tuesday. Three of the bulletins received Microsoft’s most severe ‘critical’ rating, while the remaining six were deemed merely ‘important.’
Nothing is more frustrating than spending days or weeks compromising dozens of Web sites and setting up your network of malicious redirects and then finding out that someone has screwed it all up by taking down one of your infected sites. Luckily, the crew behind the BlackHole exploit kit has solved that problem for its customers by including a new domain-generation algorithm that will help create new malicious sites as quickly as possible.
The number of vulnerabilities in the average Web site is actually decreasing, one of the more surprising findings in an annual study done by WhiteHat Security.