Posts Tagged ‘Vulnerability’

Heartbleed

Heartbleed Critical Vulnerability in OpenSSL

The security community is actively discussing over this week the openssl vulnerability that allows attacker to exploit the Heartbeat TLS and receive 64KB in the RAM memory. The attack can be repeated continuously to get sensitive information from end users such as their passwords. Many online servers were affected by this critical vulnerability while patching [...]

Share
Patch Windows

Microsoft to release 4 patches in January

Microsoft have released the first advance notification for this year with only 4 security bulletins. there is no critical security bulletin but we have one important which is a remote code execution vulnerability.   Windows operating systems, Office and Dynamics AX are the affected software for this advance notification. This is relatively small update compared [...]

Share

Oracle plans to fix 40 holes in Java

Oracle is planning Critical security patch update for the Java SE that are going to be released on Tuesday, June 18, 2013. This Critical Patch Update is a collection of patches for multiple security vulnerabilities in Oracle Java SE. This Critical Patch Update contains 40 new security vulnerability fixes. 37 of these vulnerabilities may be remotely [...]

Share

Study: after one month 93% of users still vulnerable to Java attacks

Websense have released a new report about users and their practices in patching Java vulnerabilities. Having the latest update for your web browser and applying OS patches will not make users safe from Java attacks as Oracle Java needs to be updated separately from other programs. Researchers have found that: 2 days after the release of the [...]

Share

Microsoft patches IE Pwn2Own bug

Microsoft announced as part of the traditional Patch Tuesday that it will release nine security bulletins. Two of them are considered critical and the first one is issued to fix vulnerabilities revealed at the last Pwn2Own hacking contest. Multiple browsers were subject to attacks during CanSecWest March 2013. Google Chrome, Firefox and Internet Explorer. Vupen [...]

Share

PostgreSQL to release a highly critical Security fix

The PostgreSQL Global Development Group will be releasing a new security update for all versions on Thursday April 4th, 2013. This release will include a fix for a high-exposure security vulnerability and all users are strongly urged to apply the update as soon as it is available. The core committee for PostgreSQL have decided lock [...]

Share

Microsoft Patch Tuesday: Microsoft fixes critical flaws in IE

Microsoft about to release a bunch of security patches for windows operating system. Seven patches are coming to fix four critical vulnerabilities that allow an attacker to execute malicious program on remote system by redirecting victims to a malicious website. First update is for Internet explorer which is required on all windows operating systems while [...]

Share