Microsoft today said that attackers are exploiting a critical and unpatched vulnerability in Office 2007 using malformed documents to hijack Windows PCs, and that Office 2003 and Office 2010 are also vulnerable. The bug can be triggered ...
Tags: Microsoft, software, Computer Products
A Google security engineer accused Microsoft of treating outside researchers with "great hostility" just days before posting details of an unpatched vulnerability in Windows that could be used to crash PCs or gain additional access rights. ...
Tags: Google, Computer Products, Microsoft
Microsoft late Friday confirmed that a "zero-day," or unpatched, vulnerability exists in Internet Explorer 8 (IE8), the company's most popular browser. According to multiple security firms, the vulnerability has been used in active ...
Even after Oracle patched critical Java vulnerabilities on Monday, the U.S. Computer Emergency Readiness Team (US-CERT) continued urging users to disable Java browser plug-ins. "Due to the number and severity of this and prior Java ...
Oracle on Sunday issued an emergency Java update to patch two critical vulnerabilities, including one that had been exploited in ongoing and accelerating attacks. Also yesterday, a researcher noted for uncovering scores of Java bugs ...
Tags: Oracle, emergency Java, Java bugs
An exploit for a previously unknown and currently unpatched vulnerability in Java is being used by cybercriminals to infect computers with malware, according to security researchers. An independent malware researcher who uses the online ...
Tags: exploit, unpatched vulnerability, Java, cybercriminals
The attackers who recently infected the website of the Council on Foreign Relations (CFR) with an exploit for an unpatched vulnerability in Internet Explorer, also targeted the website of Capstone Turbine Corporation, a U.S.-based ...
Tags: CFR, unpatched vulnerability, Internet Explorer, U.S.
IDG News Service - Researchers from security vendor AlienVault have identified a variant of a recently discovered Internet Explorer exploit that is used to infect targeted computers with the PlugX remote access Trojan (RAT) program. The ...
Tags: IE, malware, Internet Explorer, website
An exploit for an unpatched vulnerability in the Microsoft XML Core Services (MSXML) has been incorporated into Blackhole, one of the most widely used Web attack toolkits, according to security researchers from antivirus firm Sophos. The ...
Tags: vulnerability, Microsoft, MSXML, Blackhole, Web attack toolkits
IDG News Service - Attackers are exploiting a new and unpatched vulnerability that affects the latest version of Java -- Java 7 Update 6 -- in order to infect computers with malware, according to researchers from security vendor FireEye. ...
Computerworld - Two security organizations have released online tools that let Windows users check for possible infections by Gauss, the newly-revealed cyber surveillance malware thought to have been built by one or more governments. ...
Tags: security organization, online tools, Windows, cyber surveillance
Google today announced it had wrapped up work on a stronger Flash sandbox in the Windows version of Chrome, and would soon ship the same for its OS X browser. Chrome 21, which launched July 31, completed efforts to ditch the aged NPAPI ...
Tags: Google, stronger Flash sandbox, Windows version, Chrome
Germany's cybersecurity agency on Monday urged users to drop Internet Explorer (IE) and switch to a rival, like Chrome or Firefox, until Microsoft patches a new critical bug in its browser. In an alert released Monday, Germany's Federal ...
Tags: Germany, cybersecurity agency, IE, users
Attacks targeting an unpatched vulnerability in the latest versions of Java 7 have become widespread after an exploit for the new flaw was integrated into the popular Blackhole attack toolkit, according to security researchers from ...
Tags: Java 7, unpatched vulnerability, attacks, exploit for flaw
A vulnerability in Oracle's Java software that attackers can use to remotely seize control of systems running the program is being sold for"five digits". The security hole is being sold by an established member of an ...
Tags: Oracle, Java zero-day exploit, MidiDevice, sold for'five digits'