Archive for the ‘Vulnerabilities’ Category

NSS Labs suggests increasing the cost of zero-days

NSS Labs released a new study looking at the 0day vulnerability market. The research calculated how many exploits purchased through open iDefense Vulnerability Contributor Program (VCP) and HP TippingPoint’s Zero Day Initiative (ZDI). The 2 projects are widely known for purchasing zero days so this attracts security researchers to provide the exploit and allows them [...]

Share

Microsoft released 11 bulletins in December Patch Tuesday

Microsoft issued the last security advisory for this year, 11 security bulletins have been released to address five critical vulnerabilities in Internet Explorer, Windows operating system, Microsoft Exchange and GDI+. The remaining six bugs are rated as important and they fix vulnerabilities in Microsoft SharePoint, Windows operating system, Microsoft Office and Developer Tools. Four of [...]

Share

Microsoft Fixes 4 Critical Vulnerabilities in October Patch Tuesday

Over this week Microsoft released the monthly security advance notification. This month we have 8 security bulletins that comes to patch several vulnerabilities in windows operating system, Internet Explorer,. NET, Office, SharePoint and Silver-light. 7 updates are for fixing remote code execution bugs and one for information disclosure vulnerability. This month there is four updates [...]

Share
Patch Windows

Microsoft prepares 14 patches for the next Tuesday

Over this week Microsoft issued their monthly advance notification of security bulletins. The next update will contain 14 security patches to fix critical vulnerabilities in Microsoft Office, Internet Explorer and Microsoft Windows SharePoint. This month we have 8 security update with remote code execution impact while there are 2 that allow attacker to conduct a [...]

Share

Microsoft released 8 patches for August

Microsoft released 8 security patches that are designed to fix 23 vulnerabilities in Internet Explorer, Exchange, and Windows operating system. 3 bulletins are critical as  exploiting the bugs allows an attacker to run a malicious code on system remotely while the remaining 5 patches are important. MS13-059 comes to fix eleven privately reported vulnerabilities in [...]

Share

Oracle plans to fix 40 holes in Java

Oracle is planning Critical security patch update for the Java SE that are going to be released on Tuesday, June 18, 2013. This Critical Patch Update is a collection of patches for multiple security vulnerabilities in Oracle Java SE. This Critical Patch Update contains 40 new security vulnerability fixes. 37 of these vulnerabilities may be remotely [...]

Share

OWASP published 2013 Top 10 Vulnerabilities

The Open Web Application Security Project (OWASP) have published the top 10 most dangerous vulnerabilities in web-applications for 2013. This release comes to raise awareness about application security by identifying some of the most critical risks facing organizations. The OWASP Top 10 for 2013 is based on 8 datasets from 7 firms that specialize in [...]

Share