An exploit for a previously unknown and currently unpatched vulnerability in Java is being used by cybercriminals to infect computers with malware, according to security researchers. An independent malware researcher who uses the online ...
Tags: exploit, unpatched vulnerability, Java, cybercriminals
Computerworld - Microsoft will issue an emergency update to patch a vulnerability in Internet Explorer (IE) in the next two weeks to fix a flaw criminals have been using for more than a month, researchers said Tuesday. The company will ...
Microsoft on Saturday confirmed that Internet Explorer (IE) 6, 7 and 8 contain an unpatched bug -- or "zero-day" vulnerability -- that is being used by attackers to hijack victims' Windows computers. The company is "working around the ...
Tags: Microsoft, IE, unpatched bug, vulnerability
Microsoft has responded to public reports of a zero-day vulnerability in Internet Explorer (IE) 6, 7 and 8, suggesting temporary measures to help users to mitigate the issue. The vulnerability could allow a remote attacker to hack into a ...
Tags: Microsoft, vulnerability, IE, users
Microsoft today said it will release seven security updates next week--including one rated critical for Windows 8 and Windows RT--to patch 12 vulnerabilities in Windows,Office,SharePoint Server and the company's website design software. ...
Attackers are exploiting a "zero-day" vulnerability in Microsoft's Internet Explorer (IE) and hijacking Windows PCs that cruise to malicious or compromised websites, security experts said Monday. Microsoft confirmed the IE bug, saying, ...
Tags: Hackers, IE, Computer Products
An exploit for an unpatched vulnerability in the Microsoft XML Core Services (MSXML) has been incorporated into Blackhole, one of the most widely used Web attack toolkits, according to security researchers from antivirus firm Sophos. The ...
Tags: vulnerability, Microsoft, MSXML, Blackhole, Web attack toolkits
Hackers are exploiting a zero-day vulnerability in Java 7, security experts said today. The unpatched bug can be exploited through any browser running on any operating system, from Windows and Linux to OS X, that has Java installed, said ...
Tags: vulnerability, Java 7, Macs, Windows and Linux, OS X
Microsoft today released an emergency patch for Internet Explorer (IE) to stymie active attacks that have been exploiting a bug in the browser, finishing a job it started only Monday. "Let's call it five days from advisory to patch," said ...
Tags: Microsoft, emergency patch, IE, stymie active attacks, bug
The latest Java zero-day vulnerability is already available to users of the Metasploit tool and Blackhole exploit kit, say security researchers. The Java vulnerability allows attackers to use a custom web page to force systems to download ...
Tags: Metasploit tool, custom web, coded Java, security, FireEye
Microsoft may have known about last week's Internet Explorer (IE) zero-day bug for some time, according to its security advisory. The vulnerability, which was patched Friday in an emergency, or "out-of-band," update, first became public ...
Tags: Microsoft, IE, bug, vulnerability
Microsoft has released further information on a patch for the zero-day vulnerability in Internet Explorer that affects versions IE6 to IE9. The Internet Explorer maker has made available a "fix-it" that uses its application compatibility ...
Tags: Microsoft, emergency patch, IE
Cyber criminals targeted users of Skype,Facebook and Windows using multiple Blackhole exploits in October,according to the latest threat report from security firm GFI Software. Researchers uncovered a large number of Blackhole exploits ...
Tags: Cyber criminals, Facebook, Windows users, chameleon of internet threats
Vupen, the controversial security company that specialises in finding vulnerabilities in commercial software, has claimed a zero-day vulnerability in Windows 8, the new operating system from Microsoft that was launched just one week ago. ...
It's not exactly the type of advertisement most people would understand. For sale:"Our first 0day for Win8+IE10 with HiASLR/AntiROP/DEP&Prot Mode sandbox bypass(Flash not needed)."It's part of a recent message on Twitter from Vupen,a ...
Tags: Windows 8, Zero-Day Vulnerability, Vupen, computer security research