3944 matches found
Oracle Releases Critical Patch for October 2010
Oracle has released its Critical Patch Update for October 2010 to address 85 vulnerabilities across multiple products. This update contains the following security fixes: 7 for Oracle Database Server 8 for Oracle Fusion Middleware 1 for Oracle Enterprise Manager Grid Control 6 for Oracle E-Busines...
Microsoft Releases October Security Bulletin
Microsoft has released updates to address vulnerabilities in Microsoft Windows, .NET Framework, Server Software, Office, and Internet Explorer as part of the Microsoft Security Bulletin Summary for October 2010. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensiti...
Oracle Releases Pre-Release Announcement for October 2010
Oracle has issued a critical patch update pre-release announcement indicating that its October release will contain 81 new vulnerability fixes. Release of the critical patch update is scheduled for Tuesday, October 12, 2010. US-CERT encourages users and administrators to review the pre-release...
Foxit Releases Foxit Reader 4.2
Foxit has released Foxit Reader 4.2 to address multiple vulnerabilities. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code, compromise the digital signature of PDF signatures or cause a denial-of-service condition. US-CERT encourages users and administrators to...
Adobe Releases Security Updates for Reader and Acrobat
Adobe has released updates for Adobe Reader and Acrobat for Windows, Macintosh, and UNIX. These updates address multiple vulnerabilities including those described in Adobe security advisory APSA10-02 and Flash Player security bulletin APSB10-22. Exploitation of these vulnerabilities may allow an...
Microsoft Releases Advance Notification for Out-of-Band Security Bulletin
Microsoft has issued a Security Bulletin Advance Notification indicating that it will be releasing an out-of-band security bulletin to address a vulnerability affecting Windows. The Microsoft SharePoint Team blog indicates that this bulletin will address the recently reported vulnerability in...
OpenX Releases Security Update
OpenX has released a security update to address a vulnerability in the 2.8 downloadable version of OpenX. Exploitation of this vulnerability may allow an attacker to compromise the integrity of the server running OpenX. US-CERT encourages users and administrators to review the OpenX "Security...
Cisco Releases Security Advisories
Cisco has released six security advisories to address vulnerabilities affecting the Cisco IOS Software and the Cisco Unified Communications Manager. Exploitation of these vulnerabilities may allow an attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to...
Apple Releases Security Update 2010-006
Apple has released security update 2010-006 for Mac OS X and Mac OS X Server to address a vulnerability in the AFP package. This vulnerability may allow an attacker to bypass password validation and obtain sensitive information. The article indicates that this vulnerability does not affect system...
Microsoft Releases Security Advisory 2416728
Microsoft has released a security advisory to alert users of a vulnerability affecting ASP.NET. Exploitation of this vulnerability may allow an attacker to obtain sensitive information or tamper with data. US-CERT encourages administrators to review Microsoft security advisory 2416728 and apply a...
Mozilla Releases Firefox 3.5.13 and 3.6.10
The Mozilla Foundation has released Firefox 3.5.13 and 3.6.10 to address a stability issue affecting some users. US-CERT encourages users and administrators to review the release notes for Firefox 3.5.13 and Firefox 3.6.10 and apply any necessary updates to mitigate the issue. This product is...
Apple Releases QuickTime 7.6.8
Apple has released QuickTime 7.6.8 to address two vulnerabilities affecting earlier versions of QuickTime for Windows. The first vulnerability is due to improper input validation in the QuickTime ActiveX control. Exploitation of this vulnerability may allow an attacker to execute arbitrary code...
Google Releases Chrome 6.0.472.59
Google has released Chrome 6.0.472.59 for Linux, Mac, and Windows to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code. US-CERT encourages users and administrators to review the Google Chrome Releases blog entry and apply any necessary updates...
Adobe Releases Security Advisory for Vulnerability in Reader and Acrobat
Adobe has released a security advisory to address a vulnerability in Adobe Reader and Acrobat. Exploitation of this vulnerability may allow an attacker to execute arbitrary code or cause a denial-of-service condition. The advisory indicates that this vulnerability is being actively exploited...
Cisco Releases Updates for Wireless LAN Controller
Cisco has released updates to address multiple vulnerabilities in the Cisco Wireless LAN Controller WLC. Exploitation of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition, modify the device configuration, or bypass access control lists. US-CERT encourages...
Cyber Crime Survey Finds Lots of Victims, Lots of Guilt
If you’ve fallen victim to a driveby download, phishing attack or virus laden PDF attachment, don’t despair: you’re in good company, according to a study sponsored by anti malware firm Symantec Corp. The anti virus software found that a whopping 73 percent of Internet users in the U.S. they...
Mozilla Releases Firefox 3.6.9
The Mozilla Foundation has released Firefox 3.6.9 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, obtain sensitive information, leverage cross-site scripting attacks, or cause a denial-of-service condition. The Mozilla Foundation has als...
Facebook Apps Pump Out Mobile "Entertainment" Spam
Attacks via social networks continued their steady march on Tuesday, as an untold number of Facebook users unwittingly found themselves caught up in a spam run that pointed friends to premium mobile entertainment Web sites. DEK: A round of spam pumped out by Facebook applications lures users to...
New Survey Scams In Apple's iTunes Social Network
Spammers have been quick off the mark in exploiting Apple’s new iTunes social network to punt survey scams. Read the full article. The Register...
Apple Releases iTunes 10
Apple has released iTunes 10 to address multiple vulnerabilities affecting the WebKit package. These vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition. US-CERT encourages users and administrators to review Apple article HT4328 and apply any...