bug

Google has revealed a security flaw with the Microsoft Edge browser before Microsoft released a patch. It's a controversial move with arguments across both the tech and security industries. The flaw in question is somewhat complicated. In very ... simplified terms, the flaw is to do with how Microsoft Edge converts website code into what users see on their computer screen when visiting a website. Google realized that it could work out precisely when the browser would access part of the computer's memory and use this knowledge to effectively set a booby trap. That could then force the computer to ... (view more)

Apple has been forced to fix a major security flaw in the latest edition of the Mac operating system. The fix makes it far easier for a thief to access a computer's files. The bug is in MacOS High Sierra, which was released two months ago. It's ... widely used as its compatible with most Mac computers released in the past eight years or so. The problem is with root access on the system. That's the highest level of access, giving complete control of the computer and even the opportunity to alter key system files. Normally only the most confident users would enable root access (which then acts a ... (view more)

T-Mobile has fixed a bug that let hackers get sensitive personal data just by using a phone number. In theory, it could have been possible to collect details on all the company's customers, though T-Mobile denies this. The problem was discovered by ... Karan Saini, a security researcher who discussed the problem with the Motherboard Vice website. The site then approached T-Mobile about the problem. It said "we were alerted to an issue that we investigated and fully resolved in less than 24 hours. There is no indication that it was shared more broadly." (Source: vice.com ) The bug had to do with T ... (view more)

A newly discovered Internet Explorer bug means rogue websites can track the next site a user visits, or even the next search the user makes. While it's not necessarily devastating in itself, the researcher who found the bug says it is a sign ... Microsoft isn't paying enough attention to its old browser. The bug means that a 'rogue' web page could access the content of whatever the user types in to the Internet Explorer address bar as soon as they press the Enter key. This would normally be another website address, but the way Internet Explorer works means it could also be a search term. Security ... (view more)

Microsoft has criticized Google for revealing details of what the search giant has dubbed a "critical" security flaw in Windows. The two companies dispute whether Google gave Microsoft enough time to fix the problem before going public. The ... controversy lies in the fact that Microsoft has yet to release a fix for the problem and has not even said if one exists. The bug applies to 32-bit editions of Windows and allows an unauthorized local privilege escalation. The effect is to undermine a security feature known as " sandboxing ," which is designed so that if a hacker ... (view more)

An estimated 11 million secure websites could be vulnerable to hackers exploiting a security bug. Amazingly, the bug has to do with technology that is over 20 years old. There's little, if anything website visitors can do as the bug needs fixing by ... site operators. However, it is possible to check if a site appears to be vulnerable. The bug has been dubbed Drown, a name rather tenuously derived from "Decrypting the RSA algorithm with Obsolete and Weakened eNcryption." Researchers who uncovered the bug aren't publishing the precise details. At the moment it's not known if ... (view more)

Google has apologized after its new Photos app for mobile devices labeled two black people as gorillas. It says it is taking both immediate and long term steps to make sure the mistake never happens again. The software bug follows a series of ... incidents in which searching for racist terms on its mapping service brought up the White House as the top result, though that particular incident was a "social prank," rather than a genuine bug in the software. The Photos app for mobile devices is designed to be a single online storage place for pictures, accessible from any computer or device ... (view more)

Microsoft has joined Apple and Google in releasing browser security updates to patch a bug dubbed FREAK. The bug could make it easier for hackers to decrypt data that intercept from website users. The vulnerability of FREAK doesn't allow hackers to ... see data in plain sight. Instead, it allows them to remotely change what's meant to be a secure website connection into an unsecure one, meaning that previously encrypted data would then travel without any encryption. To be of any use, a hacker would need to combine the FREAK exploit with another vulnerability that let them intercept data, ... (view more)

Microsoft has publicly lashed out at Google for revealing a severe security flaw in Windows 8.1 before it was able to release a fix. The public disclosure has reawakened a longstanding dispute about how to go about reporting security flaws. Comments ... on Google's website suggest that the same bug also affects Windows 7 Professional 64bit, with Service Pack 1; if true, it's equally likely the bug also affects other earlier versions of the Windows operating system, including Windows XP, which is no longer supported by Microsoft and will therefore remain unpatched. The bug involves the way ... (view more)

Microsoft has patched a security vulnerability that somehow evaded detection for roughly twenty years. The bug has reportedly existed in every single version of the Windows operating system since Windows 95. According to reports, the bug can allow a ... hacker to execute code remotely when a user visits a malicious website. IBM security expert Robert Freeman says the bug is related to a flaw in VBScript, which first debuted with Internet Explorer 3.0 in the late 1990s. Freeman says that the bug remains invulnerable to Microsoft's anti-exploitation tools, otherwise known as the Enhanced ... (view more)