flaw

Fri
24
Nov
John Lister's picture

Windows Bugs Could Be Much More Serious

A key security feature in Windows doesn't work as planned. It's not a vulnerability in itself, but means that hackers who find bugs in software are much more likely to be able to do damage. The problem is with Address Space Layout Randomization ... (ASLR). It deals with the way a computer organizes different programs in memory. As an analogy, it's like organizing vehicles of different sizes and makes in a parking lot. Most operating systems support ASLR, which means that when a program starts up and needs to use the computer's memory, it's assigned a random location. In the analogy, think of cars ... (view more)

Thu
07
May
John Lister's picture

Lenovo Users Warned of 'System Update Flaw'

Lenovo computer users have been warned to immediately check that they have installed a security patch to plug a significant risk of malware. Ironically, the risk is related to the way that Lenovo's automated software update system is updated. ... Independent security researchers discovered a flaw in the protection that is meant to ensure that Lenovo computers only automatically download and install genuine updates. The flaw means that a hacker can remotely install malicious software on a Lenovo computer simply by being on the same unsecured wireless network. Within the security community, ... (view more)

Thu
13
Nov
Brandon Dimmel's picture

MS Patches 20 Year Old Exploit; XP Still Vulnerable

Microsoft has patched a security vulnerability that somehow evaded detection for roughly twenty years. The bug has reportedly existed in every single version of the Windows operating system since Windows 95. According to reports, the bug can allow a ... hacker to execute code remotely when a user visits a malicious website. IBM security expert Robert Freeman says the bug is related to a flaw in VBScript, which first debuted with Internet Explorer 3.0 in the late 1990s. Freeman says that the bug remains invulnerable to Microsoft's anti-exploitation tools, otherwise known as the Enhanced ... (view more)

Wed
30
Apr
John Lister's picture

Security Experts: Stop Using Internet Explorer

The United States Department of Homeland Security (DOHS) has warned that users should switch away from Internet Explorer until a serious bug has been fixed. It's the first big security scare since Microsoft stopped supporting Windows XP earlier this ... month. The bug doesn't have a glamorous nickname and is instead simply known as CVE-2014-1776. When triggered, the bug allows for remote code execution, which means a third party would have full control over a remote PC without the need for credentials or consent from the PC owner. By clicking on a malicious link or by visiting an infected ... (view more)

Wed
09
Apr
John Lister's picture

Zero-Day SSL Flaw: Change All Passwords, Experts Say

A massive number of websites could be affected by a critical security flaw used in conjunction with web sites and web browsers. Experts suggest that all web users change their passwords to all major web sites (including banking, social media, etc) - ... but doing so comes with a number of caveats. The security flaw is related to SSL (secure sockets layer) and is expected to affect approximately six percent of all websites world-wide. According to a recent survey that reviewed approximately 959 million websites, "66% ... are powered by technology built around SSL, and that doesn't include ... (view more)

Thu
19
Sep
Dennis Faas's picture

Microsoft Releases Emergency Internet Explorer Fix

Microsoft has issued an emergency software fix for a critical flaw in its Internet Explorer web browser. According to reports, hackers have already exploited the vulnerability. Microsoft released the "Fix It" software in an attempt to prevent what ... it calls "targeted attacks" on a vulnerability in its Internet Explorer browser. Microsoft is calling this a "zero day" vulnerability, meaning software developers were unaware of the issue before it was exploited by hackers. Hackers Launch Remote Code Execution Attacks Reports indicate that hackers have used the flaw to carry out remote code ... (view more)

Mon
28
Jan
Dennis Faas's picture

Printer Networks Vulnerable to Hackers: Report

Printers using server software offered by Hewlett-Packard (HP) are reportedly vulnerable to attack. In fact, it's possible for a hacker to use the flaw to bypass security defenses, steal documents, and crash every machine connected to the same ... network. Security researcher Sebastian Guerrero says the problem affects printers using HP's JetDirect software. That software is used for print servers, meaning it can handle any printing request made by a network-connected computer. Hackers Could Bypass Security Defenses Guerrero says that a flaw in the JetDirect software could allow an attacker to ... (view more)

Fri
11
Jan
Dennis Faas's picture

Java Flaw: Web Users Vulnerable to Attack

Internet users are now being warned about a new zero-day security vulnerability in Java software that could allow a hacker to gain unauthorized access to their computers. The vulnerability is related to a recently-discovered flaw in the popular Java ... software system, which is used all over the web to create a great many applications and associated plug-ins. Security experts say even fully-updated installations of Java are vulnerable to this new round of attacks. Only by completely disabling the Java browser plug-in can Internet users be sure their computers are safe from hackers attempting to ... (view more)

Mon
07
Jan
Dennis Faas's picture

Microsoft Patch Tuesday: IE Security Fix Not Ready

Microsoft's January 8, 2013 Patch Tuesday includes a total of seven patches, two of which Microsoft is labeling 'critical,' the firm's highest security rating. Notably absent from the lineup of fixes will be a patch for a recently-outed Internet ... Explorer security flaw. This Patch Tuesday's critical fixes address security vulnerabilities that, like so many other previously patched vulnerabilities, could potentially allow a hacker to remotely execute malicious files and take control of an unpatched computer. As usual, hackers could do this by convincing a computer user to visit a malicious ... (view more)

Tue
01
Jan
Dennis Faas's picture

Major Internet Explorer Security Flaw Discovered

A newly-discovered flaw in Microsoft's popular Internet Explorer (IE) web browser could allow hackers to take control of a Windows-based computer. The Redmond, Washington-based firm has acknowledged that the problem exists and that it affects older ... versions of IE. The firm has also released a temporary fix for the problem. Microsoft Advises: Avoid Suspicious Links "Microsoft is aware of targeted attacks that attempt to exploit this vulnerability through Internet Explorer 8," Microsoft said in a security advisory issued on Sunday, December 30, 2012. Microsoft says the remote code ... (view more)

Pages

Subscribe to RSS - flaw