|
13/07/2007
Dangerous Java flaw threatens virtually everything
Google's Security team has discovered vulnerabilities in the Sun Java Runtime Environment that threatens the security of all platforms, browsers and even mobile devices.
"This is as bad as it gets," said Chris Gatford, a security expert from penetration testing firm Pure Hacking.
"It’s a pretty significant weakness, which will have a considerable impact if the exploit codes come to fruition quickly. It could affect a lot of organisations and users," Gatford told ZDNet Australia.
13/07/2007
Oracle to release 46 patches next week
Oracle will release 46 patches on Tuesday for products including its Oracle Database 10g, Application Server, and E-Business Suite.
Oracle Database will get 20 fixes, two of which patch vulnerabilities that could allow remote execution of code on the network without authentication. The most serious of the database vulnerabilities is ranked "medium" in severity, according to the Common Vulnerability Scoring System, used to rank the severity of security flaws.
13/07/2007
Firefox and IE together brew up security trouble
That's the latest update from security researchers who initially laid the blame on Microsoft's Internet Explorer for the latest zero-day exploit that also can afflict those using the Firefox Web browser.
Users could face a "highly critical" risk if they have both IE and Firefox version 2.0, or later, loaded on their computer. The trouble begins when browsing a malicious site while using IE and it registers a "firefoxurl://" URI (uniform resource identifier) handler, which allows the browser to interact with specific resources on the Web. As a result, users may find their systems remotely compromised.
13/04/2007
Massive spam shot of 'Storm Trojan' reaches record proportions
A massive spam outbreak that tries to trick recipients into opening a file attachment that can hijack their computers has already broken records, security companies said today.
According to researchers at Postini Inc., the spam run is the largest in the last 12 months, and more than three times the volume of the two biggest in recent memory: a pair of blasts in December and January. "We're seeing 50 to 60 times the normal volume of spam," said Adam Swidler, senior manager of solutions marketing at Postini.
13/04/2007
Cisco fixes wireless security holes
Cisco has patched a number of security flaws in the software used to manage its wireless networking products.
The company issued two sets of patches Thursday. One fixes flaws in the Wireless Control System software used to manage the company's Aironet Lightweight Access Points, Wireless LAN Controllers, and Wireless Location Appliance. A second set of patches fixes bugs in the Wireless LAN Controller, which controls Aironet access points as well as flaws in the access points themselves, Cisco said.
|
