Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Microsoft Corp. today released software updates to plug four security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by a previously unidentified Chinese cyber espionage group. The … Читать далее

Zyxel 0day Affects its Firewall Products, Too

On Monday, networking hardware maker Zyxel released security updates to plug a critical security hole in its network attached storage (NAS) devices that is being actively exploited by crooks who specialize in deploying ransomware. Today, Zyxel acknowledged the same flaw is present in many of its firewall products. This week’s story on the Zyxel patch … Читать далее

Patch Tuesday, 2016 U.S. Election Edition

Let’s get this out of the way up front: Having “2016 election” in the headline above is probably the only reason anyone might read this story today. It remains unclear whether Republicans and Democrats can patch things up after a bruising and divisive election, but thanks to a special Election Day Patch Tuesday hundreds of … Читать далее

Adobe Update Plugs Flash Player Zero-Day

Adobe on Thursday issued a critical update for its ubiquitous Flash Player software that fixes three dozen security holes in the widely-used browser plugin, including at least one vulnerability that is already being exploited for use in targeted attacks. The latest update brings Flash to v. 22.0.0.192 for Windows and Mac users alike. If you … Читать далее

‘Badlock’ Bug Tops Microsoft Patch Batch

Microsoft released fixes on Tuesday to plug critical security holes in Windows and other software. The company issued 13 patches to tackle dozens of vulnerabilities, including a much-hyped “Badlock” file-sharing bug that appears ripe for exploitation. Also, Adobe updated its Flash Player release to address at least two-dozen flaws — in addition to the zero-day vulnerability … Читать далее

Adobe To Fix Another Hacking Team Zero-Day

For the second time in a week, Adobe Systems Inc. says it plans fix a zero-day vulnerability in its Flash Player software that came to light after hackers broke into and posted online hundreds of gigabytes of data from Hacking Team, a controversial Italian company that’s long been accused of helping repressive regimes spy on … Читать далее

A Month Without Adobe Flash Player

I’ve spent the better part of the last month running a little experiment to see how much I would miss Adobe‘s buggy and insecure Flash Player software if I removed it from my systems altogether. Turns out, not so much. Browser plugins are favorite targets for malware and miscreants because they are generally full of unpatched or … Читать далее

Emergency Patch for Adobe Flash Zero-Day

Adobe Systems Inc. today released an emergency update to fix a dangerous security hole in its widely-installed Flash Player browser plugin. The company warned that the vulnerability is already being exploited in targeted attacks, and urged users to update the program as quickly as possible. In an advisory issued Tuesday morning, Adobe said the latest … Читать далее

Yet Another Emergency Flash Player Patch

For the second time in a week, Adobe has issued an emergency update to fix a critical security flaw that crooks are actively exploiting in its Flash Player software. Updates are available for Flash Player on Windows and Mac OS X. Last week, Adobe released an out-of-band Flash Patch to fix a dangerous bug that … Читать далее

Security Updates for Windows, Java, Flash & Reader

Adobe, Microsoft and Oracle today each issued security updates to fix serious vulnerabilities in their products. Adobe released patches for AIR, Acrobat, Flash and Reader, while Microsoft pushed out fixes to shore up at least a half dozen security weaknesses in Windows and Office. Oracle released an update for Java that fixes at least three dozen security holes in … Читать далее