bug

Thu
12
Mar
John Lister's picture

Patch To Fix FREAK Bug is a Must-Install

Microsoft has joined Apple and Google in releasing browser security updates to patch a bug dubbed FREAK. The bug could make it easier for hackers to decrypt data that intercept from website users. The vulnerability of FREAK doesn't allow hackers to ... see data in plain sight. Instead, it allows them to remotely change what's meant to be a secure website connection into an unsecure one, meaning that previously encrypted data would then travel without any encryption. To be of any use, a hacker would need to combine the FREAK exploit with another vulnerability that let them intercept data, ... (view more)

Tue
13
Jan
John Lister's picture

Google Exposes Severe Windows Flaw Before Fix Due

Microsoft has publicly lashed out at Google for revealing a severe security flaw in Windows 8.1 before it was able to release a fix. The public disclosure has reawakened a longstanding dispute about how to go about reporting security flaws. Comments ... on Google's website suggest that the same bug also affects Windows 7 Professional 64bit, with Service Pack 1; if true, it's equally likely the bug also affects other earlier versions of the Windows operating system, including Windows XP, which is no longer supported by Microsoft and will therefore remain unpatched. The bug involves the way ... (view more)

Thu
13
Nov
Brandon Dimmel's picture

MS Patches 20 Year Old Exploit; XP Still Vulnerable

Microsoft has patched a security vulnerability that somehow evaded detection for roughly twenty years. The bug has reportedly existed in every single version of the Windows operating system since Windows 95. According to reports, the bug can allow a ... hacker to execute code remotely when a user visits a malicious website. IBM security expert Robert Freeman says the bug is related to a flaw in VBScript, which first debuted with Internet Explorer 3.0 in the late 1990s. Freeman says that the bug remains invulnerable to Microsoft's anti-exploitation tools, otherwise known as the Enhanced ... (view more)

Wed
30
Apr
John Lister's picture

Security Experts: Stop Using Internet Explorer

The United States Department of Homeland Security (DOHS) has warned that users should switch away from Internet Explorer until a serious bug has been fixed. It's the first big security scare since Microsoft stopped supporting Windows XP earlier this ... month. The bug doesn't have a glamorous nickname and is instead simply known as CVE-2014-1776. When triggered, the bug allows for remote code execution, which means a third party would have full control over a remote PC without the need for credentials or consent from the PC owner. By clicking on a malicious link or by visiting an infected ... (view more)

Fri
21
Feb
John Lister's picture

Microsoft Issues Emergency Fix for IE 9, 10 Users

Microsoft has released a temporary fix to an important security bug affecting two recent versions of Internet Explorer. The exploit has been linked to attacks that compromised a website for US military veterans. The bug affects Internet Explorer ... versions 9 and 10. It does not affect version 11, nor anything previous to version 9. That said, using an earlier version Internet Explorer less than what is currently available (depending on which version of Windows you're running) is definitely not advised. JavaScript Bug Exploits Drive-by Download Attack The exploit involves JavaScript, a ... (view more)

Thu
10
Oct
Dennis Faas's picture

Microsoft Issues Massive Reward to Security Expert

If you've got the skills, it can certainly pay to be a security researcher. One expert recently earned more than $100,000 after discovering a major security flaw in Microsoft's Windows 8.1 operating system. The award is part of Microsoft's "bug ... bounty" program, which the Redmond, Washington-based firm unveiled earlier this year. Google and Mozilla also employ similar programs , which allow major tech firms to save money by effectively outsourcing their security tasks to independent experts. "Mitigation Bypass Bounty" Includes $100,000 Prize The $100,000 award is part of Microsoft's ... (view more)

Tue
25
Jun
Dennis Faas's picture

Facebook User Data Exposed by Security Bug

Facebook says six million of its users have had their personal data exposed. The issue stems from a security bug that allowed email addresses and phone numbers to be easily accessed by a user's Facebook 'friends'. The problem is associated with ... Facebook's friend recommendation algorithm, which is designed to help users find old friends, family, and contacts and establish new relationships with them. Facebook uses uploaded personal data, including email addresses and contact lists, to find new 'friends'. This system can also be used to invite friends who are not yet Facebook members to join ... (view more)

Wed
19
Sep
Dennis Faas's picture

Internet Explorer Hack: Most Versions Vulnerable

Microsoft has admitted hackers are carrying out targeted attacks to exploit a newly-discovered bug in its popular Internet Explorer web browser. The company is working on a fix, but suggests users consider technical workarounds in the meantime. The ... bug affects all versions of Internet Explorer from version 6 (which shipped with Vista) to version 9 (the current edition). It won't affect Internet Explorer 10, which will first become available with Windows 8 in late October, 2012. Eric Romang, a security researcher, discovered the bug while examining a web server used by hackers. Romang found ... (view more)

Fri
04
Nov
Dennis Faas's picture

November Patch Tuesday: 4 Updates, No Duqu Fix

Microsoft has published details of its next batch of security updates (known as Patch Tuesday), due to download to Windows machines automatically on Tuesday, November 8 via Windows Update. The only critical update in the batch affects newer rather ... than older editions of Windows. None of the security updates to be released next Tuesday are said to patch MS Word, which is currently being exploited by the Duqu virus (a major zero-day threat ). The entire update is a bit of a surprise, say critics, because it deals with just four groups of bugs -- a far cry from recent updates that have included ... (view more)

Mon
08
Aug
Dennis Faas's picture

Ten Year Old Wows Hacking Convention

A ten-year-old has revealed a flaw in mobile-based video games that could potentially expose these devices to a security risk. The discovery came when the youngster got bored with the pace of farming games. The self-described hacker, who has not ... revealed her real name and prefers to be known publicly as CyFi, had been playing games similar to Farmville, which allow players to set up virtual farms and often either compete or co-operate with online friends. However, partly for realism and partly to keep gamers playing, it can often take hours before planting virtual seeds leads to crops growing ... (view more)

Pages

Subscribe to RSS - bug