flaw

Tue
28
Apr
John Lister's picture

Major Antivirus Flaw Deletes Files, Corrupts Windows

A security company says it found a simple way to turn antivirus software into a weapon for attackers. Most major manufacturers have now fixed the problem, but it's a reminder to keep such software updated. The discovery by Rack911 Labs effectively ... meant that a hacker could force the antivirus software to delete files on a computer. That would mean the hacker would need to have gained access to a computer first - whether internally on a network, or remotely using malware. The exploit is based on one of the most fundamental actions of any antivirus software: they scan files, check if they are a ... (view more)

Wed
25
Mar
John Lister's picture

Critical Security Flaw Hits Windows 7 and 8 Hardest

Microsoft has warned users of a significant unpatched security flaw in Windows. It's offered some key steps to take while the problem is being fixed. The problem affects all currently supported versions of Windows, though Windows 7 and 8 machines ... are affected 'critically' according to the Microsoft advisory bulletin. Attacks on Windows 10 machines are considerably more constrained due to its enhanced security features. Microsoft says its currently only aware of targeted attacks on Windows 7 machines, though that could change now the bug has been made public. (Source: microsoft.com ) Adobe ... (view more)

Wed
19
Jun
John Lister's picture

Firefox Users: Update Now to Patch Remote Execution Flaw

Mozilla has issued an emergency patch for the Firefox browser that is a must-install. It fixes a security gap that hackers are actively exploiting on compromised websites that serve up malicious code. How to Patch Firefox For most users, restarting ... Firefox should be enough to trigger the update. Users can also click the menu icon near the top right of the browser (the three vertical bars), then scroll all the way down near the bottom and click the "(?) Help" sub menu, then click the "About Firefox" option, which will trigger the update. Once the update has been downloaded, Firefox ... (view more)

Tue
16
Apr
John Lister's picture

Internet Explorer Bug Affects All Windows Users

A security researcher says an Internet Explorer flaw could affect people who don't even use the outdated browser. It's a reminder of the dangers of opening unexpected email attachments. John Page has published details of the bug which affects ... version 11 of Internet Explorer (the latest) on both Windows 7, 8 and 10. The bug involves a file format called MHT. It's a format that's not used much these days but used to be common back when Internet Explorer was king. It's used to download an entire web page (including images and other media) into a single file. It's not needed today as browsers can ... (view more)

Fri
08
Mar
John Lister's picture

Google: Update Chrome Immediately

Google has issued an urgent warning for Chrome users to update their browser if needed. That's because a security flaw is being actively exploited. The flaw in question is referred to as a "zero-day exploit." In an ideal world, software developers ... discover a bug and get some time before hackers find out about it and start taking advantage. In this case, the hackers did so before Google could develop a fix and get it out to users. Google is keeping the full details of the flaw secret for now to avoid giving even more criminals clues on how to exploit it. It says it won't say any more ... (view more)

Wed
29
Aug
John Lister's picture

Google Warns: Major Security Flaw in Fortnite Game

The makers of the hit video game "Fortnite" have called Google irresponsible for revealing a security flaw. The controversy follows Epic Games choosing not to use the Google Play store to distribute the game. Although it's free to download and play, ... Fortnite has proved hugely lucrative thanks to in-game purchases. Although 'buying' character costumes and animations doesn't affect gameplay, gamers - many of them children - have now spent more than a billion dollars. With so much money at stake, it appears Epic Games didn't want to go through Google Play for the Android version. Had ... (view more)

Fri
24
Nov
John Lister's picture

Windows Bugs Could Be Much More Serious

A key security feature in Windows doesn't work as planned. It's not a vulnerability in itself, but means that hackers who find bugs in software are much more likely to be able to do damage. The problem is with Address Space Layout Randomization ... (ASLR). It deals with the way a computer organizes different programs in memory. As an analogy, it's like organizing vehicles of different sizes and makes in a parking lot. Most operating systems support ASLR, which means that when a program starts up and needs to use the computer's memory, it's assigned a random location. In the analogy, think of cars ... (view more)

Thu
07
May
John Lister's picture

Lenovo Users Warned of 'System Update Flaw'

Lenovo computer users have been warned to immediately check that they have installed a security patch to plug a significant risk of malware. Ironically, the risk is related to the way that Lenovo's automated software update system is updated. ... Independent security researchers discovered a flaw in the protection that is meant to ensure that Lenovo computers only automatically download and install genuine updates. The flaw means that a hacker can remotely install malicious software on a Lenovo computer simply by being on the same unsecured wireless network. Within the security community, ... (view more)

Thu
13
Nov
Brandon Dimmel's picture

MS Patches 20 Year Old Exploit; XP Still Vulnerable

Microsoft has patched a security vulnerability that somehow evaded detection for roughly twenty years. The bug has reportedly existed in every single version of the Windows operating system since Windows 95. According to reports, the bug can allow a ... hacker to execute code remotely when a user visits a malicious website. IBM security expert Robert Freeman says the bug is related to a flaw in VBScript, which first debuted with Internet Explorer 3.0 in the late 1990s. Freeman says that the bug remains invulnerable to Microsoft's anti-exploitation tools, otherwise known as the Enhanced ... (view more)

Wed
30
Apr
John Lister's picture

Security Experts: Stop Using Internet Explorer

The United States Department of Homeland Security (DOHS) has warned that users should switch away from Internet Explorer until a serious bug has been fixed. It's the first big security scare since Microsoft stopped supporting Windows XP earlier this ... month. The bug doesn't have a glamorous nickname and is instead simply known as CVE-2014-1776. When triggered, the bug allows for remote code execution, which means a third party would have full control over a remote PC without the need for credentials or consent from the PC owner. By clicking on a malicious link or by visiting an infected ... (view more)

Pages

Subscribe to RSS - flaw