Adobe's Flash Player and AIR updates fix 35 bugs, the majority of which could lead to code execution.
The March 31 release of Firefox 37 introduced the opportunistic encryption feature to the browser, by April 3 it had been disabled.
The use-after-free vulnerability was being exploited in drive-by-download attacks, Adobe warned.
One bulletin is deemed critical and addresses 37 vulnerabilities in Internet Explorer that enable remote code execution.
The sole critical patch this month will address remote code execution issues in Internet Explorer.
Mozilla enabled public key pinning support in Firefox 32 primarily as a way to defend against man-in-the-middle attacks.
The MS14-045 update caused some users' systems to crash, and in response, Microsoft pulled the update.
The vulnerability comes into play when Instagram users search for Facebook friends to "follow."
On Tuesday, Adobe released fixes for seven critical bugs in its Flash Player plug-in.
The tech giant's monthly security update includes two critical patches for IE and Windows.
Two critical fixes from the tech giant will plug RCE bugs impacting Windows and IE users.
In total, Firefox 31 brings 11 patches for several flaws affecting the web browser.
An RCE vulnerability existing in several Cisco Wireless Residential Gateway products can be exploited to serve up fraudulent advertisements and deliver malware.
Oracle, the maker of the popular Java plug-in, recently confirmed the details.
The most critical flaws were in Java and Oracle Database Server.
Adobe's patches address three vulnerabilities, including a critical bug in Flash Player that could be exploited to steal sensitive information.
In its monthly Patch Tuesday update, Microsoft plugged a slew of critical bugs in Internet Explorer that could allow remote code execution.
Remote code execution (RCE) flaws in Windows and IE will receive top priority this month.
Apple addressed various vulnerabilities in Mavericks, Safari, iOS and Apple TV, several of which can enable arbitrary code execution.
The serious buffer overflow vulnerability affects Android 4.3, or devices running Jelly Bean.
A vulnerability exists that allows anyone with legitimate account credentials to bypass two-factor authentication on some of PayPal's mobile applications.
A patch was issued for CVE-2012-0158 in April 2012, but Trend Micro found that it is the most commonly exploited vulnerability related to targeted attacks in the second half of 2013.
Microsoft issued an update to its Malware Protection Engine in order to fix a vulnerability that could enable a denial-of-service.
A cumulative security update for Internet Explorer, addressing 59 bugs, was pegged as the top priority patch in the bunch.
Adobe is urging users running Windows and Macintosh operating systems to download the critical Flash Player update.
The critical patches will remediate remote code execute (RCE) bugs in Windows, IE, Office and Microsoft Lync.
Seven vulnerabilities were addressed in a Thursday OpenSSL update, but experts do not believe that any are as threatening as the Heartbleed bug.
On Wednesday, the tech giant made Safari 6.1.4 and Safari 7.0.4 available to individuals running its Lion, Lion Server, Mountain Lion and Mavericks operating systems.
Apple released a flawed iTunes 11.2 along with OS X 10.9.3 last week, prompting the popular technology company to release iTunes 11.2.1 nearly a day later.
The latest update of the Stable channel of Google Chrome was released on Tuesday and contains three high-priority security fixes.
Sign up to our newsletters
SC Magazine Articles
- FireEye: First multi-vendor ATM malware targeting cardholders
- Customer data possibly compromised in online photo store malware attack
- Excellus BlueCross BlueShield announces breach, 10.5M records at risk
- CVS employee steals data on 55K Molina Healthcare members
- False Facebook 'dislike button' ensnares users
- Stored XSS vulnerability identified in Jetpack plugin for WordPress
- Experian, T-Mobile breach exposes 15 million customers, but what will happen to the data?
- Only a matter of time before cyber-attack hits broader finance
- Don't spend more, spend better: Interview with FireEye's Richard Turner
- Landmark European data protection judgement