Microsoft released 13 bulletins today instead of 14, as announced in the Patch Tuesday announcement some days ago. In their final Patch Tuesday for the year, Microsoft addressed bugs in Windows, Internet Explorer, and Microsoft Office, while adding in a fix for DUQU in the bulletin MS11-087, which is also known as the DUQU zero-day remote code execution flaw. Attackers embedding specially crafted TrueType fonts in documents can exploit this vulnerability in the Windows kernel. MS11-087 was given a 'Critical' ...
System administrators are in for a light Patch Tuesday this month as Microsoft released only four bulletins in its monthly security update.
The Microsoft Security Bulletin Summary for November 2011 tackles and addresses multiple vulnerabilities in Microsoft Windows. According to the notice, one of the bulletins is rated "critical", while two are rated "important" and remaining one is rated "moderate."
Majority of the bulletins apply to newer versions of Windows and require a reboot. The critical bulletin only affects Windows Vista, ...
The usage of exploits in current threats underlines the critical need for users to keep programs updated at all times. Considering the great amount of time people spend on their computers connected to the Internet, web browsers are prime targets for cybercriminals.
This is a technical analysis of a recently discovered vulnerability in one of the most-used web browser: Mozilla Firefox.
This Mozilla Firefox vulnerability was discussed by Charis Rohlf and Yan Lvnitskiy during their presentation, Attacking Clientside JIT Compilers at the ...
Microsoft issued a new batch of security bulletins for October with fixes for several vulnerabilities in software products used by millions of computer users worldwide. Eight security bulletins have been released, which include patches for 23 vulnerabilities for software such as Microsoft .NET Framework, Microsoft Silverlight, Internet Explorer, Microsoft Forefront United Access Gateway, and Microsoft Host Integration Server.
Six out of the eight bulletins are rated "important" while two are rated "critical." Some of the patches indicated a required restart after ...
Adobe released an out-of-band security update to address six critical vulnerabilities, all affecting Adobe Flash Player.
One of the six, a cross-site scripting (XSS) vulnerability identified as CVE-2011-2444, is reportedly being exploited in the wild. The bug is reportedly being used in targeted attacks that involve malicious links sent out to targets via email.
Adobe attributed the discovery of CVE-2011-2444 to Google, who, in response to finding the vulnerability, issued an update for the Google Chrome browser to prevent attackers from exploiting ...
