Zero-Days Rule November’s Patch Tuesday

Microsoft today issued security updates to fix at least 19 vulnerabilities in its software, including a zero-day flaw in Internet Explorer browser that is already being actively exploited. Separately, Adobe has released a critical update that plugs at least two security holes in its Flash Player software. Three of the eight patches that Microsoft released … Читать далее

What You Need to Know About the Java Exploit

On Thursday, the world learned that attackers were breaking into computers using a previously undocumented security hole in Java, a program that is installed on hundreds of millions of computers worldwide. This post aims to answer some of the most frequently asked questions about the vulnerability, and to outline simple steps that users can take … Читать далее

Microsoft Issues Stopgap Fix for IE 0-Day Flaw

Microsoft today released a stopgap fix for a critical security flaw in most versions of Internet Explorer that hackers have been exploiting to break into Windows systems. The company said it expects to issue an official patch (MS12-063) for the vulnerability on Friday, Sept. 21. The company released a “fix it” tool, available from this … Читать далее

Exploit Released for Zero-Day in Internet Explorer

A working exploit that takes advantage of a previously unknown critical security hole in Internet Explorer has been published online. Experts say the vulnerability is being actively exploited in the wild, and that it appears to be connected to the same group of Chinese hackers responsible for unleashing a pair of Java zero-day exploits late … Читать далее

Microsoft: Exploit Published for Windows Flaw

Microsoft warned today that hackers have published instructions for attacking a previously unknown security hole in all versions of Windows that could be exploited to siphon user data or trick users into installing malicious code. Redmond published an advisory about a vulnerability in the way Windows handles MHTML code that could let attackers run Javascript … Читать далее

Exploit in the Wild for New Internet Explorer Flaw

Less than 24 hours after Microsoft acknowledged the existence of an unpatched, critical flaw in all versions of its Internet Explorer Web browser, computer code that can be used to exploit the flaw has been posted online. This was bound to happen, as dozens of researchers were poring over malicious code samples that exploited the … Читать далее

McAfee: Internet Explorer 0day Fueled Attacks on Google, Adobe

The recent targeted cyber attacks against Google, Adobe and other major companies were fueled in part by a previously unknown — and currently unpatched — security flaw in Microsoft‘s Internet Explorer Web browser, anti-virus vendor McAfee said today. McAfee said its investigation revealed that one of the malicous software samples used in the attacks exploited … Читать далее