security

This week, we reported an iTunes vulnerability that exposes Windows users to over 40 different application attacks. Now, it seems that the same exploit is being used by hackers to infiltrate and drain PayPal accounts. "My account was charged over ... $4700. I called security at PayPal and was told a large number of iTunes store accounts were compromised," complained one customer in a recent post to blog TechCrunch. The same victim said he'd received almost fifty receipts from PayPal totaling $99.99 each, but was able to prevent these transactions from being recorded by his bank. Not everyone ... (view more)

Adobe will today release a patch for a critical security vulnerability in its popular Reader and Acrobat software. The issue was first identified at the Black Hat security conference in July, and has since remained without a fix. Adobe noted in ... early August that the patch would be available this week, well ahead of its next scheduled security release (based on a quarterly timetable) in mid-October. Reader, Acrobat for Windows and Mac Affected According to an advisory from Adobe, the patch is meant to fix a number of critical issues affecting Reader 9.3.3 for Windows, Unix and Mac as well as ... (view more)

Compared to Windows XP and previous Microsoft operating systems of years previous, one of the major differences of Windows Vista and Windows 7 is the User Account Control , or "UAC" for short. If you've used Windows Vista with UAC enabled (by ... default), then you know how annoying the feature can be. In fact, many users associate the failure of Windows Vista with the ill-functioning UAC simply because they felt it broke functionality and usefulness of the operating system. (Source: zdnet.com ) Recently, however, Microsoft defended its widely-criticized operating system Windows Vista, ... (view more)

User Account Control (UAC) is a technology and security infrastructure introduced with Microsoft's Windows Vista and Windows Server 2008 operating systems, with a more refined version also present in Windows 7 and Windows Server 2008 R2. The UAC ... aims to improve the security of Microsoft Windows by limiting application software to standard user privileges until an administrator authorizes an increase or elevation. In this way, only applications trusted by the user may receive administrative privileges, and malware should be kept from compromising the operating system. User Account Control (UAC ... (view more)

Microsoft has confirmed it's investigating yet another large-scale bug affecting all supported editions of Windows. At the same time, it's ruled out issuing an emergency patch for the kernel-related issue that emerged just last week. On Tuesday, ... Microsoft issued a record-breaking monthly Patch Tuesday update containing a record 14 security bulletins. When that was announced, it looked as if it would be network administrators who'd be in for a particularly busy time, while Microsoft security staff could at least have some breathing room. That turned out not to be the case. Bogus Color Data ... (view more)

Microsoft is reportedly investigating a new kernel flaw affecting all versions of the Windows operating system (OS), including the new Windows 7. The investigation began on Friday after an Israeli researcher alerted Microsoft to the issue. In ... computing, the kernel is the central component of an operating system which is responsible for bridging software programs to hardware inside the computer. Microsoft says it is working on the issue and will release a patch once it's ready. "Microsoft is investigating reports of a possible vulnerability in Windows Kernel," said the software company's Jerry ... (view more)

Microsoft has changed the its guidelines for reporting security flaws. It's a move that could bring Adobe into an industry-wide collaboration to share information about security risks. From now on, Microsoft will no longer urge security researchers ... to follow a "responsible disclosure" policy, in which it asked those who discovered flaws to keep them completely under wraps until a full fix had been found, tested and readied for distribution. Many security experts have claimed such a policy delayed Microsoft's response to security threats. They also felt not being able to talk about bugs made ... (view more)

Business users may love their BlackBerry smartphones, but governments in the Middle East are not so keen. Three countries have issued different degrees of bans on the devices' functions. The biggest conflict comes in the United Arab Emirates (UAE), ... where officials there accuse the device of breaching local laws on data security. The problem is that messages sent on a BlackBerry are encrypted and immediately sent to servers in Canada for processing and storage. BlackBerry maker Research in Motion is based in Waterloo, Ontario, Canada. The UAE frowns upon such activity because it demands the ... (view more)

Windows XP continues to represent the single biggest target for hackers , according to security experts who also suggest these threats could initiate a considerable push for home and business users to upgrade to Windows 7. The recent discussion is ... based on Microsoft's early 2010 "Security Intelligence Report Volume 8," or SIRv8, which covered the six-month period July 2009 to December 2009. The report found that the United States continues to be the top spot for malware threats, with populous China running second, just in front of Brazil. WinXP Vulnerabilities Behind Push to Windows 7 An ... (view more)

Mozilla and Google have taken an interesting approach to ensuring that flaws, bugs and other problems associated with their Internet browsers are reported on in a timely manner. The two companies are paying outside researchers as added motivation, ... with the belief being that if a bonus is attached for their efforts, more individuals will be willing to offer up their time to discover new errors. Not All Researchers Financially Motivated Microsoft employees need not get too excited with the news, as company representatives announced that no such bonuses will be given to their researchers. ... (view more)