Browser Flaws

Microsoft to release out-of-cycle patch for "critical" flaws

By

Microsoft is set to release an update to repair five flaws, including a new zero-day vulnerability.

Microsoft patches IE, RDP security vulnerabilities

By

As part of its regularly scheduled patch release, Microsoft issued fixes for gaping vulnerabilities in Internet Explorer and Remote Desktop Protocol. The software giant also released a new feature that, in the wake of the Flame virus, enables certificates to be automatically updated.

Safari update plugs scores of holes

By

Apple late Monday released a new version of its Safari browser to patch a record number of vulnerabilities, many of which could lead to code execution if a user visits a malicious website.

At 10 years old, Internet Explorer 6 is almost an artifact

By

Internet Explorer 6 (IE 6) usage has dropped below one percent in the United States, Microsoft announced Tuesday. Security is a big reason being used to encourage users to update.

Mozilla fixes crash issue after new Firefox version issued

By

One day after releasing version 9 of its Firefox web browser, Mozilla on Wednesday issued Firefox 9.0.1 to address an issue that caused Windows, Mac and Linux users' browsers to crash.

Google releases Chrome update to fix high-risk security bug

By

Google on Wednesday released Chrome 15.0.874.121 to address a high-severity vulnerability affecting the V8 JavaScript engine that could allow for the execution of arbitrary code.

Firefox updates for security, user add-on control

By

Mozilla joined Microsoft and Adobe with security software updates on Tuesday.

Google closes 18 Chrome holes

By

Google on Tuesday pushed out a new version of its Chrome web browser to rectify 18 vulnerablities, including 11 that are deemed "high" in severity. Version 15, part of the "stable" channel of Chrome, also includes protection against Browser Exploit Against SSL/TLS (BEAST), a JavaScript hacking tool disclosed last month at a security conference in Argentina that can decrypt HTTPS requests and encrypted cookies. Microsoft has since issued an advisory that acknowledges the issue, along with a Fix-It solution. Meanwhile, researchers who disclosed the flaws in Chrome received more than $26,000 combined for their finds as part of Google's bug bounty program.

Internet Explorer fixes get top billing in Microsoft update

By

Microsoft on Tuesday released eight fixes to address 23 vulnerabilities that lie across its software and operating system components.

Mozilla releases Firefox 7.0.1 to fix add-on issue

By

Mozilla released an update for its Firefox browser to address what it called a "rare" bug that caused add-ons to be hidden for some users after upgrading to version 7.

Microsoft briefly derails Chrome users

By

Microsoft Security Essentials (MSE), a free utility for Windows-based computers that offers protection against malware, is catching Google's Chrome browser in its dragnet. A faulty signature update for MSE and Microsoft Forefront erroneously classified the Chrome executable file for Windows as an element of the Zeus trojan, notorious for stealing banking information, resulting in a large number of Chrome users being left without their bookmarks and browser plugins. While Microsoft responded within hours with an updated signature (1.113.672.0), and claimed only 3,000 customers were affected, the traffic on blogs and bulletin boards seemed to indicate the number could be much higher. Microsoft advised users to update MSE with the latest signatures and reinstall Chrome.

Mozilla's newest release closes 10 memory bugs

By

Mozilla on Tuesday released version 6 of its Firefox web browser, in the process closing 10 vulnerabilities. "Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort, at least some of these could be exploited to run arbitrary code," according to a security advisory. Mozilla also upgraded its Thunderbird email and news client and SeaMonkey internet suite.

Microsoft prepping 13 patches for 22 flaws

By

The software giant's monthly security update will include fixes for bugs in all versions of Internet Explorer.

Web browsers offer more protection than you may think

Web browsers offer more protection than you may think

Browser security has come a long way in recent years, and utilizing certain features can help stave off attacks. Our author calls out three browsers he thinks stands above the rest in protecting you against threats and safeguarding your privacy.

Massive Safari update fixes dozens of security flaws

By

Along with the release of its latest platform, OS X Lion, Apple this week issued a new version of its Safari web browser, closing dozens of security flaws.

Exploits begin for patched Internet Explorer bug

By

Attackers are now actively exploiting one of the 11 Internet Explorer (IE) vulnerabilities patched Tuesday by Microsoft, a Symantec researcher said Friday

Microsoft's 16 patches include one for "cookiejacking"

By

Microsoft is prepping a large security update for Tuesday, with plans to deliver 16 patches to fix 34 vulnerabilities across its product line.

Apple delivers updates related to Comodo, Pwn2Own

By

Apple released a number of security updates for Mac OS X, Safari and iOS.

Microsoft distributes 17 patches for 64 flaws

By

The software giant ranks fixes for Internet Explorer, SMB as the month's most pressing.

Exploits underway for IE flaw, to be patched today

By

Attackers are exploiting an Internet Explorer flaw ahead of a planned Tuesday fix for the vulnerability, according to the Microsoft Security Response Center. "We're looking into limited, targeted attacks on a known Internet Explorer issue we're addressing in tomorrow's bulletins," read a Monday tweet. Microsoft is readying 17 patches to address 64 vulnerabilities in its April security update, including publicly known issues in in the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler and Windows Server Message Block.

Two known flaws highlight Microsoft patch batch

By

Microsoft on Tuesday released 12 patches to correct 22 vulnerabilities, including two zero-day bugs, as part of its February security update.

Microsoft's monthly update to include two zero-day fixes

By

Microsoft next week plans to push out 12 patches to close 22 vulnerabilities as part of its monthly security update.

Fixes for two Windows flaws coming from Microsoft

By

Microsoft is letting administrators ease their way into the New Year, with plans to issue only two patches next week.

Microsoft confirms IE flaw, not yet being exploited

By

Microsoft has confirmed the presence of an unpatched vulnerability in all versions of its Internet Explorer (IE) browser.

Exploit code posted for new Internet Explorer flaw

By

An exploit taking advantage of an unpatched vulnerability in Internet Explorer (IE) has gone public.

Microsoft security update includes IE, Stuxnet repairs

By

IT administrators on Tuesday received their holiday greetings from Microsoft: a whopper of a security update, comprised of 17 patches to fix 40 vulnerabilities.

Firefox 3.6.13 issued to fix 13 flaws, 11 "critical"

By

Mozilla on Thursday issued an updated Firefox web browser to fix 13 vulnerabilities.

Microsoft to address IE, Stuxnet flaws, 38 others

By

Two publicly known issues are expected to be addressed Tuesday when Microsoft releases 17 patches to correct 40 product vulnerabilities.

Quiet Microsoft update fixes 11 flaws with three patches

By

Microsoft on Tuesday released three patches to close 11 vulnerabilities, only one of which drew a "critical" rating.

New Internet Explorer bug found in the wild

By

Microsoft on Wednesday warned of a fresh flaw in Internet Explorer that researchers at Symantec found was being exploited on a legitimate website.

Sign up to our newsletters

POLL