May 2013 Issue

Threat of the month

Subscribe
Archive

Subscribe	Advertising

Archive	Login \| Register

22M accounts exposed in Yahoo Japan breach

Data on patients may be exposed after X-rays go missing

eSymposium: Identity management June 4

SC Editions

Chuck Miller

March 27, 2009

Microsoft denies code flaw

On its TechNet blog, Microsoft denied that a recently uncovered GDI+ EMF buffer overflow problem will result in a crash that is “exploitable for code execution.” The flaw had been reported Tuesday by SecurityFocus. Microsoft said it was continuing its investigation, but that mitigating defenses already in place effectively counteract the threat, even when the flaw causes termination of an application. — CAM

Next Article in News

Conficker detection tool released as D-Day nears

SC Magazine Articles

Twitter begins rollout of two-factor authentication to limit account takeovers

Following a series of high-profile Twitter account hijacks, the microblogging service finally has delivered two-factor authentication.

Commission offers suggestions for stemming online spy threat from China

The 100-page report mostly addresses alleged Chinese cyber espionage operations, and suggests it's time for U.S. government agencies and corporations to consider more proactive approaches, possibly including hack-backs.

Researchers link "Sunshop" group to recent espionage attacks

The IE exploit was most recently used in watering hole attacks directed at the U.S. Department of Labor website.

Editorial