Click on a filter below to refine your search. Remove filter to broaden your search.
|Last 12 months||remove|
Hint: If you don't want the words you enter to be searched for separately, use quotation marks to find people or exact phrases. See our Search Help section for more hints.
Organizations are struggling with how to more quickly account for and guard against zero-day vulnerabilities, reports Karen Epper Hoffman.
This month's threat of the month is the major zero-day vulnerability that affects Internet Explorer versions 6 through 11.
Microsoft is preparing eight fixes for next week's upcoming Nov. 12 Patch Tuesday, but an update to a recently discovered zero-day vulnerability is not one of them.
Microsoft issued an advisory on Tuesday warning users of a zero-day vulnerability being exploited in targeted attacks using emailed Microsoft Office documents.
A Wednesday MacRumors Forums breach that affected hundreds of thousands is said to be related to a zero-day vulnerability in proprietary internet message board software vBulletin, which was also attacked last week.
The zero-day vulnerability is a remote code execution flaw in Word 2010.
A U.S.-based website used as a forum to discuss security policy has become host to a drive-by attack that leverages an Internet Explorer zero-day vulnerability.
Based in France, Vupen is known for selling zero-day exploits, a practice that has long been debated in the security industry.
With the update, users can employ a patch for a TIFF zero-day, which - when exploited - gives attackers the same user rights as targeted individuals.
This month's news briefs includ revelations at the RSA Conference 2014 in San Francisco, new malware, zero-day fixes and more security news.
No fixes for Internet Explorer are included in the January release, but Microsoft has patched a zero-day flaw in XP and Server 2003, which had been exploited in limited attacks.
Attacks leveraging the Windows XP kernel vulnerability have been targeted, but limited so far, Microsoft says.
The security update resolves an integer underflow vulnerability, which could allow an attacker to remotely take over systems on Windows, Mac and Linux platforms.
According to FireEye, the flaw was being actively exploited to target foreign policy and defense organizations.
Microsoft will be delivering five updates on upcoming Patch Tuesday, two of which are deemed critical, which means the vulnerabilities can be exploited to allow for code execution without any user interaction.
The November security release contained eight bulletins for 19 unique vulnerabilities in Windows, IE and Office.
At least three major media sites in Japan were infected, so that visitors' running vulnerable versions of IE would be exploited, FireEye researchers found.
Researchers at FireEye found that the U.S. Veterans of Foreign Wars site was booby trapped to spread a backdoor.
On Wednesday, the tech giant provided the "Fix it" solution, or temporary workaround, for the remote code execution bug.
This month, five security updates, two which are rated "critical," address vulnerabilities in Windows, IE, and Silverlight.