Microsoft is set to release an update to repair five flaws, including a new zero-day vulnerability.
As part of its regularly scheduled patch release, Microsoft issued fixes for gaping vulnerabilities in Internet Explorer and Remote Desktop Protocol. The software giant also released a new feature that, in the wake of the Flame virus, enables certificates to be automatically updated.
Apple late Monday released a new version of its Safari browser to patch a record number of vulnerabilities, many of which could lead to code execution if a user visits a malicious website.
Internet Explorer 6 (IE 6) usage has dropped below one percent in the United States, Microsoft announced Tuesday. Security is a big reason being used to encourage users to update.
One day after releasing version 9 of its Firefox web browser, Mozilla on Wednesday issued Firefox 9.0.1 to address an issue that caused Windows, Mac and Linux users' browsers to crash.
Mozilla joined Microsoft and Adobe with security software updates on Tuesday.
Microsoft on Tuesday released eight fixes to address 23 vulnerabilities that lie across its software and operating system components.
Mozilla released an update for its Firefox browser to address what it called a "rare" bug that caused add-ons to be hidden for some users after upgrading to version 7.
Microsoft Security Essentials (MSE), a free utility for Windows-based computers that offers protection against malware, is catching Google's Chrome browser in its dragnet. A faulty signature update for MSE and Microsoft Forefront erroneously classified the Chrome executable file for Windows as an element of the Zeus trojan, notorious for stealing banking information, resulting in a large number of Chrome users being left without their bookmarks and browser plugins. While Microsoft responded within hours with an updated signature (1.113.672.0), and claimed only 3,000 customers were affected, the traffic on blogs and bulletin boards seemed to indicate the number could be much higher. Microsoft advised users to update MSE with the latest signatures and reinstall Chrome.
Mozilla on Tuesday released version 6 of its Firefox web browser, in the process closing 10 vulnerabilities. "Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort, at least some of these could be exploited to run arbitrary code," according to a security advisory. Mozilla also upgraded its Thunderbird email and news client and SeaMonkey internet suite.
The software giant's monthly security update will include fixes for bugs in all versions of Internet Explorer.
Browser security has come a long way in recent years, and utilizing certain features can help stave off attacks. Our author calls out three browsers he thinks stands above the rest in protecting you against threats and safeguarding your privacy.
Along with the release of its latest platform, OS X Lion, Apple this week issued a new version of its Safari web browser, closing dozens of security flaws.
Attackers are now actively exploiting one of the 11 Internet Explorer (IE) vulnerabilities patched Tuesday by Microsoft, a Symantec researcher said Friday
Microsoft is prepping a large security update for Tuesday, with plans to deliver 16 patches to fix 34 vulnerabilities across its product line.
Apple released a number of security updates for Mac OS X, Safari and iOS.
The software giant ranks fixes for Internet Explorer, SMB as the month's most pressing.
Attackers are exploiting an Internet Explorer flaw ahead of a planned Tuesday fix for the vulnerability, according to the Microsoft Security Response Center. "We're looking into limited, targeted attacks on a known Internet Explorer issue we're addressing in tomorrow's bulletins," read a Monday tweet. Microsoft is readying 17 patches to address 64 vulnerabilities in its April security update, including publicly known issues in in the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler and Windows Server Message Block.
Microsoft on Tuesday released 12 patches to correct 22 vulnerabilities, including two zero-day bugs, as part of its February security update.
Microsoft next week plans to push out 12 patches to close 22 vulnerabilities as part of its monthly security update.
Microsoft is letting administrators ease their way into the New Year, with plans to issue only two patches next week.
Microsoft has confirmed the presence of an unpatched vulnerability in all versions of its Internet Explorer (IE) browser.
An exploit taking advantage of an unpatched vulnerability in Internet Explorer (IE) has gone public.
IT administrators on Tuesday received their holiday greetings from Microsoft: a whopper of a security update, comprised of 17 patches to fix 40 vulnerabilities.
Mozilla on Thursday issued an updated Firefox web browser to fix 13 vulnerabilities.
Two publicly known issues are expected to be addressed Tuesday when Microsoft releases 17 patches to correct 40 product vulnerabilities.
Microsoft on Tuesday released three patches to close 11 vulnerabilities, only one of which drew a "critical" rating.
Microsoft on Wednesday warned of a fresh flaw in Internet Explorer that researchers at Symantec found was being exploited on a legitimate website.
Sign up to our newsletters
SC Magazine Articles
- Lenovo PCs shipped with 'Superfish,' adware that opens users to MitM attacks
- Florida law enforcement docs show widespread stingray use, secrecy
- Gemalto investigates claims that gov't spies hacked SIM card encryption keys
- After Superfish-Lenovo incident, Facebook probes larger issue of SSL-sniffing adware
- Disconnect yawns between CISOs, exec leadership, study says
- Carbanak APT campaign made off with $1B from banks globally
- BMW issues security patch for bug allowing attackers physical access into vehicles
- NIST requests final comments on ICS security guide
- New attack uses ransomware to drop trojans and keyloggers
- Microsoft phishing emails target corporate users, deliver malware that evades sandboxes
- State breakdowns: Anthem breach by the numbers
- Botnet of Joomla servers furthers DDoS-for-hire scheme
- Study: SMBs lack thorough understanding of state data breach notification laws
- Bug in popular WordPress plugin opens up websites to SQL injection attacks