91 matches found
Juniper Patches ScreenOS Backdoor
Juniper Networks today has released an emergency patch that removes what it’s calling “unauthorized code” from ScreenOS that could allow attackers to decrypt VPN traffic from NetScreen devices. Juniper has not commented on the origin of the code it found. However, Juniper’s products were singled...
Microsoft pushes Emergency Patch for Zero-Day Internet Explorer Flaw
It's time to immediately patch your Internet Explorer – Once again! Microsoft has issued an emergency out-of-band patch for all supported versions of Internet Explorer browser, to fix a critical security flaw that hackers are actively exploiting to hijack control of targeted computers. The Zero-D...
FireFox file stealing 0day vulnerability has been hacked“real”use, the official emergency release to fix patch-bug warning-the black bar safety net
In Russia a web site, the researchers found a Firefox serious 0day exploits program Exp code, you can steal Windows and Linux users on the computer file. This security event is forcing Mozilla to the official emergency release patch. Vulnerability description The vulnerability is caused by the...
Microsoft releases Emergency Patch Update for all versions of Windows
In the wake of a critical Remote Code Execution vulnerability in all supported versions of its operating system platform, Microsoft has just issued an emergency fix. Yes, it’s time to patch your Windows operating system against an alarming security hole that could allow remote attackers to run...
Adobe Releases Emergency Patch for Flash Zero-Day Vulnerability
Adobe has rolled out an emergency software patch for its Flash Player to patch a critical zero-day vulnerability that is already exploited by the hackers in the wild. The company said the flaw could potentially allow hackers to take control of the affected system and that it had evidence of...
December 2014 Adobe Reader, Acrobat Security Patches
Adobe is expected to update its Reader and Acrobat software next Tuesday as part of its scheduled security updates, and the updates will, according to an Adobe spokesperson, include patches for a Reader vulnerability disclosed this week by Google’s Project Zero. Researcher James Forshaw, a...
Adobe Releases Emergency Flash Player Patch
Adobe today revised a security bulletin it released more than a month ago, adding a patch for a code-execution vulnerability in Flash Player already included in some exploit kits. French researcher Kafeine found the exploits in the Angler and Nuclear kits less than a week after Adobe released an...
Vulnerability early warning: system privilege escalation Vulnerability, CVE-2 0 1 4-6 3 2 4 affects all versions of Windows Server-the vulnerabilities and early warning-the black bar safety net
Microsoft today released an emergency patch that fixes an affect all versions of Windows Server a serious vulnerability. Today released the MS14-0 6 8 vulnerability patch used to address the Microsoft Windows Kerberos KDC vulnerability that allows hackers to enhance any ordinary user rights becom...
Microsoft Releases Emergency Out-of-Band Patch for Kerberos Bug MS14-068
Microsoft today released an "out-of-band" security updates to fix a critical vulnerability in all supported versions of its Windows Server software that cyber criminals are exploiting to compromise whole networks of computers. The Emergency patch release comes just one week after Microsoft provid...
Microsoft Working on Patch for IE 8 Zero Day
UPDATE–Microsoft officials say they’re well aware of the Internet Explorer 8 zero day disclosed Wednesday by the Zero Day Initiative and have been working on a fix for it. However, there’s no stated timeline for releasing that patch. The vulnerability in IE 8 is a use-after-free bug in the way th...
Adobe releases another Emergency Security Patch for Flash Player
Security Firm FireEye has uncovered yet another critical zero-day vulnerability in widely used Adobe Flash Software and Adobe has been forced to issue a second emergency patch update in less than a month. All versions of Adobe Flash Player released before today's patch are vulnerable to the...
Adobe Recommends Protected View as Temporary Zero Day Mitigation
Adobe released an advisory yesterday suggesting a manual mitigation for zero-day vulnerabilities in its Reader and Acrobat products that are being actively exploited in the wild. The exploit is the first sandbox escape in Adobe Reader X and above. FireEye, which reported the vulnerability to Adob...
Emergency Adobe Flash Player Patches Fix Pair of Zero Days
Exploits targeting two previously unreported flaws in Flash Player prompted Adobe to release an emergency patch yesterday. One of the attacks is targeting aerospace and other manufacturing companies, and is being delivered via infected Microsoft Office documents. The other is being carried out ov...
Oracle Patches Java Zero Day Vulnerability
Oracle delivered an unusual emergency patch to Java's critical Zero Day vulnerability on Sunday to fix a malicious bug that allowed hackers access to users web browsers. Exploits for the previously undisclosed flaw were being hosted in a number of exploit kits and attacks have already been seen i...
New Java Zero Day Being Used in Targeted Attacks
There is a newly discovered zero day vulnerability in Java 7 that is being used in some targeted attacks right now. The vulnerability works against Internet Explorer and Firefox and researchers say that attackers are exploiting in the wild and installing a version of the Poison Ivy RAT on...
Video: Take a Look Inside Adobe's Bug Patching Program
In this video, courtesy of Kaspersky’s Lab Matters, Ryan Naraine talks with David Lenoe, Head of the Product Security Incident Response Team, Adobe, about that company’s process for responding to security vulnerabilities in its products. Among other things, Lenoe talks about Adobe’s guidelines fo...
Microsoft, Adobe Plan Big Patch Tuesday Releases For June
In June’s Patch Tuesday release, Microsoft plans to fix 16 separate vulnerabilities affecting a variety of software, including Windows, Office, SQL Server, Forefront Threat Management Gateway and Internet Explorer. The company said in its June pre-notification that nine of the vulnerabilities it...
Serious SCADA Security Flaw Affects Critical Infrastructure Firms
The U.S.’s Computer Emergency Response Team CERT issued a warning to critical infrastructure firms on Wednesday about a serious security hole in products from Massachusetts firm Iconics that could leave critical systems vulnerable to remote attacks. U.S. companies in the electricity, oil and gas,...
ASP.NET Hack
There were a lot of excellent talks at conferences this year, but perhaps the most interesting and far-reaching presentation was one given by researchers Thai Duong and Juliano Rizzo at Ekoparty on a crypto attack against ASP.NET applications. The “padding oracle” attack that the pair implemented...
Adobe Readies Patch for Critical Reader, Acrobat Flaws
Adobe Inc. said on Friday that it is planning to release an out-of-cycle update to fix critical security holes in its Reader and Acrobat products, including a fix for a newly disclosed hole that is already being exploited in the wild. In a post on the company’s Product Security Incident Response...