April’s Patch Tuesday update delivers six bulletins — including a critical fix for a core flaw that affects a long list of Microsoft applications. View full post on eSecurityPlanet RSS Feed View full post on National Cyber Security
Flash Player 11.2 fixes critical vulnerabilities and adds silent updates
Adobe have released Flash Player 11.2, addressing two critical arbitrary code execution vulnerabilities and introducing a silent update option. One of the patched vulnerabilities stems from how older versions of Flash Player checks URL security domains, and only affects the Flash Player ActiveX plug-in for Internet Explorer on Windows 7…
Google Chrome update fixes 12 vulnerabilities and patches Flash Player
Google released a new version of its Chrome browser in order to update the bundled Flash Player plug-in and address serious security vulnerabilities. Google Chrome 17.0.963.56 fixes 12 security flaws, seven of which are considered high severity, four of medium severity and one of low severity. Security researcher Jüri Aedla…
OpenSSL patch fixes DoS vulnerability introduced by last patch
The OpenSSL Project has released new versions of the popular OpenSSL library in order to address a denial-of-service (DoS) vulnerability that was introduced by a critical patch issued on Jan. 6. “A flaw in the fix to CVE-2011-4108 can be exploited in a denial of service attack,” the OpenSSL developers…
PHP fixes hash collision DoS vulnerability in PHP 5.3.9
The PHP development team has released version 5.3.9 of the popular Web development platform in order to address a recently disclosed denial-of-service (DoS) vulnerability, as well as other security issues and bugs. The DoS vulnerability was disclosed in December 2011 at the Chaos Communication Congress, Europe’s largest hacker conference, by…
Microsoft fixes .NET security holes
Microsoft has released an out-of-band update that fixes four security holes in .NET, one of which could allow privilege… View full post on could security – Yahoo! News Search Results View full post on National Cyber Security
Microsoft fixes Duqu hole, but not BEAST problem
Microsoft pulls patch to protect IE users from flaw in SSL protocol after running into compatibility issue. View full post on bank security hacker – Yahoo! News Search Results View full post on National Cyber Security
Facebook denies file-sharing vulnerability, then quietly fixes it
Facebook has apparently fixed a vulnerability in its social-networking site after insisting it wasn’t a weakness and didn’t need to be remedied. Nathan Power, who works for the technology consultancy CDW, updated his blog on Tuesday to reflect that the flaw had been fixed. The problem allowed a user to…
Microsoft fixes critical flaws in Windows and Silverlight
Microsoft today shipped eight security updates that patched 23 vulnerabilities in Windows, Internet Explorer, .Net Framework, Silverlight and other bits in its portfolio. Two of the updates were labeled “critical,” Microsoft’s most serious threat ranking, while the other six were rated “important,” the next most severe tag. All but eight…