eWeek Security Watch
Advertisement
Advertisement

Patches Archive

May 6, 2008

Tuesday, May 06, 2008 11:18 AM/CST

Big Vendors Still Very Tardy on Fixing Security Flaws

Some of the biggest names in the IT software business still are very lax when it comes to fixing security holes reported by third-party brokers. According to a list maintained by TippingPoint's Zero Day Initiative, Microsoft, Novell, Oracle, Computer Associates...

April 22, 2008

Tuesday, April 22, 2008 3:43 PM/CST

High-Profile OLPC Defections Bad for Security

There's a serious brain drain affecting the OLPC (One Laptop Per Child) initiative and it's not a good sign for security. The latest high-profile defector from the nonprofit organization is Walter Bender, a former MIT Media Lab executive who...

Tuesday, April 22, 2008 2:55 PM/CST

QuickTime Zero-Day Hits Windows XP, Vista

Security researcher Petko D. Petkov (aka pdp) has discovered a gaping hole in fully patched versions of Apple's QuickTime for Windows Media Player. The zero-day vulnerability allows an attacker to use rigged movie (.mov) files to take full control of...

Tuesday, April 22, 2008 10:12 AM/CST

Adobe Issues Warning for Unpatched Photoshop Flaw

Adobe has issued a prepatch advisory for a critical vulnerability in Photoshop Album Starter Edition 3.2, its free image-manipulation software product. The flaw, which affects Windows users, could be exploited to launch code execution attacks if the target is...

April 21, 2008

Monday, April 21, 2008 4:44 PM/CST

Windows XP SP3: NAP Among Security Goodies

Microsoft's Windows XP SP3 (Service Pack 3) is finally here, offering several subtle security goodies alongside thousands of bug fixes. The biggest security feature in this service pack is the inclusion of NAP (Network Access Protection) to help organizations...

April 19, 2008

Saturday, April 19, 2008 6:40 PM/CST

OpenOffice Bitten by Code Execution Bugs

OpenOffice has issued a high-priority update to fix at least six vulnerabilities affecting users of its free desktop productivity suite. The open-source group said the critical vulnerabilities affect OpenOffice.org suite versions prior to 2.4. An alert from Symantec's DeepSight...

April 18, 2008

Friday, April 18, 2008 12:36 PM/CST

Microsoft (Belatedly) Admits to Windows Server 2008 Token Kidnapping

[[ UPDATE: Here are the slides from Cerrudo's HiTB talk (.pdf) that prompted Microsoft's advisory. At the company's request, Cerrudo has opted not to release exploit code. ]] Last month, when I wrote about hacker Cesar Cerrudo's (left) plans to...

March 28, 2008

Friday, March 28, 2008 10:43 PM/CST

Vista Hacked with Adobe Flash Vulnerability

Using a zero-day vulnerability in Adobe's ubiquitous Flash Player, hacker Shane Macaulay hacked into a Windows Vista laptop to win a $5,000 cash prize at this year's CanSecWest Pwn2Own challenge. Macaulay, who uses the "K2" hacker moniker, also won...

February 21, 2008

Thursday, February 21, 2008 3:38 PM/CST

Firefox, Flock Recommended at Netscape Funeral

After a short stay of execution, America Online has finally pulled the plug on Netscape with an update notice encouraging users to migrate immediately to either Firefox or Flock. On the screen, Flock is listed ahead of Netscape and there's...

February 6, 2008

Wednesday, February 06, 2008 5:14 PM/CST

Adobe Confirms Critical PDF Fix, Will Issue Bulletin

Here's a quick update on the Adobe Reader silent fix I wrote about earlier today. Adobe spokesperson John Cristofano sent me a statement confirming the severity of the vulnerability fixed with Adobe Reader 8.1.2 and promising that a detailed...



RSS Syndication
Advertisement
Advertisement
Security Watch     Contact Us | Advertise | Site Map
Ziff Davis Enterprise

Ziff Davis Enterprise Home | Contact Us | Advertise | Link to Us | Reprints | Magazine Subscriptions | Newsletters
RSS Feeds | White Papers | ROI Calculators | Tech Podcasts | Tech Video |

Baseline | Careers | Channel Insider | CIO Insight | DesktopLinux | DeviceForge | DevSource | eSeminars |
eWEEK | LinuxDevices | Linux Watch | Microsoft Watch | Mid-market | Networking | PDF Zone |
Publish | eWeek Security | Strategic Partner | Web Buyer's Guide | Windows for Devices

Developer Shed | Dev Shed | ASP Free | Dev Articles | Dev Hardware | SEO Chat | Tutorialized | Scripts |
Code Walkers | Web Hosters | Dev Mechanic | Dev Archives | IT Marketplace | igrep

Use of this site is governed by our Terms of Use and Privacy Policy

Copyright ©1996-2007 Ziff Davis Enterprise, Inc. All Rights Reserved. Security Watch is a trademark of Ziff Davis Enterprise, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited.

Ziff Davis Enterprise