13/07/2007

Oracle to release 46 patches next week

Oracle will release 46 patches on Tuesday for products including its Oracle Database 10g, Application Server, and E-Business Suite.

Oracle Database will get 20 fixes, two of which patch vulnerabilities that could allow remote execution of code on the network without authentication. The most serious of the database vulnerabilities is ranked "medium" in severity, according to the Common Vulnerability Scoring System, used to rank the severity of security flaws.

13/07/2007

Firefox and IE together brew up security trouble

That's the latest update from security researchers who initially laid the blame on Microsoft's Internet Explorer for the latest zero-day exploit that also can afflict those using the Firefox Web browser.

Users could face a "highly critical" risk if they have both IE and Firefox version 2.0, or later, loaded on their computer. The trouble begins when browsing a malicious site while using IE and it registers a "firefoxurl://" URI (uniform resource identifier) handler, which allows the browser to interact with specific resources on the Web. As a result, users may find their systems remotely compromised.

13/04/2007

Massive spam shot of 'Storm Trojan' reaches record proportions

A massive spam outbreak that tries to trick recipients into opening a file attachment that can hijack their computers has already broken records, security companies said today.

According to researchers at Postini Inc., the spam run is the largest in the last 12 months, and more than three times the volume of the two biggest in recent memory: a pair of blasts in December and January. "We're seeing 50 to 60 times the normal volume of spam," said Adam Swidler, senior manager of solutions marketing at Postini.

13/04/2007

Cisco fixes wireless security holes

Cisco has patched a number of security flaws in the software used to manage its wireless networking products.
The company issued two sets of patches Thursday. One fixes flaws in the Wireless Control System software used to manage the company's Aironet Lightweight Access Points, Wireless LAN Controllers, and Wireless Location Appliance. A second set of patches fixes bugs in the Wireless LAN Controller, which controls Aironet access points as well as flaws in the access points themselves, Cisco said.

13/04/2007

Microsoft Security Advisory (935964)

Microsoft is investigating new public reports of a limited attack exploiting a vulnerability in the Domain Name System (DNS) Server Service in Microsoft Windows 2000 Server Service Pack 4, Windows Server 2003 Service Pack 1, and Windows Server 2003 Service Pack 2. Microsoft Windows 2000 Professional Service Pack 4, Windows XP Service Pack 2, and Windows Vista are not affected as these versions do not contain the vulnerable code.

Back  Next