The March 31 release of Firefox 37 introduced the opportunistic encryption feature to the browser, by April 3 it had been disabled.
The use-after-free vulnerability was being exploited in drive-by-download attacks, Adobe warned.
One bulletin is deemed critical and addresses 37 vulnerabilities in Internet Explorer that enable remote code execution.
The sole critical patch this month will address remote code execution issues in Internet Explorer.
Mozilla enabled public key pinning support in Firefox 32 primarily as a way to defend against man-in-the-middle attacks.
The MS14-045 update caused some users' systems to crash, and in response, Microsoft pulled the update.
The vulnerability comes into play when Instagram users search for Facebook friends to "follow."
On Tuesday, Adobe released fixes for seven critical bugs in its Flash Player plug-in.
The tech giant's monthly security update includes two critical patches for IE and Windows.
Two critical fixes from the tech giant will plug RCE bugs impacting Windows and IE users.
In total, Firefox 31 brings 11 patches for several flaws affecting the web browser.
An RCE vulnerability existing in several Cisco Wireless Residential Gateway products can be exploited to serve up fraudulent advertisements and deliver malware.
Oracle, the maker of the popular Java plug-in, recently confirmed the details.
The most critical flaws were in Java and Oracle Database Server.
Adobe's patches address three vulnerabilities, including a critical bug in Flash Player that could be exploited to steal sensitive information.
In its monthly Patch Tuesday update, Microsoft plugged a slew of critical bugs in Internet Explorer that could allow remote code execution.
Remote code execution (RCE) flaws in Windows and IE will receive top priority this month.
Apple addressed various vulnerabilities in Mavericks, Safari, iOS and Apple TV, several of which can enable arbitrary code execution.
The serious buffer overflow vulnerability affects Android 4.3, or devices running Jelly Bean.
A vulnerability exists that allows anyone with legitimate account credentials to bypass two-factor authentication on some of PayPal's mobile applications.
A patch was issued for CVE-2012-0158 in April 2012, but Trend Micro found that it is the most commonly exploited vulnerability related to targeted attacks in the second half of 2013.
Microsoft issued an update to its Malware Protection Engine in order to fix a vulnerability that could enable a denial-of-service.
A cumulative security update for Internet Explorer, addressing 59 bugs, was pegged as the top priority patch in the bunch.
Adobe is urging users running Windows and Macintosh operating systems to download the critical Flash Player update.
The critical patches will remediate remote code execute (RCE) bugs in Windows, IE, Office and Microsoft Lync.
Seven vulnerabilities were addressed in a Thursday OpenSSL update, but experts do not believe that any are as threatening as the Heartbleed bug.
On Wednesday, the tech giant made Safari 6.1.4 and Safari 7.0.4 available to individuals running its Lion, Lion Server, Mountain Lion and Mavericks operating systems.
Apple released a flawed iTunes 11.2 along with OS X 10.9.3 last week, prompting the popular technology company to release iTunes 11.2.1 nearly a day later.
The latest update of the Stable channel of Google Chrome was released on Tuesday and contains three high-priority security fixes.
On Patch Tuesday, the tech giant addressed 13 bugs in its products, including several critical RCE vulnerabilities.
Sign up to our newsletters
SC Magazine Articles
- Zero-day in Fiat Chrysler feature allows remote control of vehicles
- 'GSMem' malware designed to infiltrate air-gapped computers, steal data
- All smartwatches are vulnerable to attack, finds study
- Apple App Store and iTunes buyers hit by zero-day
- Hacking Team issues new statement while researcher clears up Android tool confusion
- United reportedly hacked by same group that breached Anthem, OPM
- HAMMERTOSS malware represents culmination of 'best practices' for cyber attackers
- Hundreds of Massachusetts General Hospital patients notified of data incident
- Majority of Android devices vulnerable to denial-of-service bug
- Security concerns raised at Windows 10 roll-out