Tag Archives: vulnerabilities
Apple promises to pay up to $200k if you identify vulnerabilities within its software
Google: Symantec antivirus flaws are ‘as bad as it gets’
Homeland Security urges you to uninstall QuickTime on Windows
The $1 million iOS bug bounty is bad for security research
Microsoft issues security patches for Flash vulnerabilities in Windows 8 and Internet Explorer
As promised, Microsoft is issuing a security patch for a Flash vulnerability on Windows 8 in Internet Explorer 10. Though the operating system has yet to see its official public release, researchers testing the RTM version found a bug that could cause Flash to crash and allow for attackers to take control of a user's machine. Additionally, the company is rolling out an update to address a security hole in Internet Explorer versions 7 and 8 on Windows XP -- and IE 9 on Windows 7 and Windows Vista -- which left the door open for hackers to spread malware via a specially designed Flash animation. Both security patches are available via Microsoft's Windows Update service.
Filed under: Internet, Software
Microsoft issues security patches for Flash vulnerabilities in Windows 8 and Internet Explorer originally appeared on Engadget on Fri, 21 Sep 2012 22:53:00 EDT. Please see our terms for use of feeds.
Permalink | | Email this | CommentsZTE confirms the Score M has a backdoor, hopes to patch up soon
Who knew that owning a ZTE Score M would mean living life on the edge? ZTE has confirmed that the MetroPCS phone has a backdoor vulnerability which could let a less-than-scrupulous hacker get root-level control over the Android 2.3 phone -- and because it's a unique app baked into the firmware, the login credentials won't change as long as the exploit survives. Other ZTE phones, like the Skate, supposedly face the same hole as well. The company says it should have a patch ready to push over the air in the "very near future," but it hasn't said why the app existed in the first place. Either way, if you currently pocket the Score M or one of ZTE's other recent Android devices, we'd keep watch for any suspicious goings-on until a fix is in place.
ZTE confirms the Score M has a backdoor, hopes to patch up soon originally appeared on Engadget on Fri, 18 May 2012 12:29:00 EDT. Please see our terms for use of feeds.
Permalink | | Email this | CommentsAdobe changes tune on CS5 updates, won’t seek paid CS6 upgrade to patch vulnerabilities
Things have gotten interesting in the world of CS updates. Recently, Computerworld reported that Adobe had informed folks using an older version of its famed Creative Suite -- CS5 and CS5.5, to be exact -- they'd have to shell out the CS6 upgrade fee in order to get a fix for some recently discovered bugs. Apparently, Adobe took notice to its customers' dissatisfaction and updated its initial blog post with a changed tune, stating, "We are in the process of resolving these vulnerabilities in Adobe Photoshop CS5.x, and will update this Security Bulletin once the patch is available." The same is true for both Illustrator and Flash. This kerfuffle started after Adobe handed out warnings for eight "critical" vulnerabilities found in certain versions of the three applications -- some of which are said to be exploitable and could potentially be used to "take control of the affected system." We'll see how it all plays out over the upcoming days, but in the meantime hit the links below to see if you need to take any action.
James Trew and Joe Pollicino contributed to this post.
Adobe changes tune on CS5 updates, won't seek paid CS6 upgrade to patch vulnerabilities originally appeared on Engadget on Sat, 12 May 2012 23:59:00 EDT. Please see our terms for use of feeds.
Permalink | | Email this | Comments