Oracle has issued its first patch update of 2014 on Tuesday and it just so happens that it has been one of its biggest ever that includes a slew of security patches, many of which address vulnerabilities in Java. The Critical Patch Update will address 144 flaws in hundreds of Continue Reading
Microsoft disclosed four security bulletins describing a total of six vulnerabilities and released product updates to address these vulnerabilities. January Patch Tuesday repairs a privilege escalation bug in the ND Proxy Driver that manages Microsoft’s Telephony API. Microsoft had released a mitigation that would have rendered the API unusable. The Continue Reading
Malicious ads served through Yahoo’s ad network delivered malware to thousands of site visitors, according to researchers at Fox-IT, but Yahoo subsequently blocked the attack. Fox-IT’s post said that visitors who saw the ads in their browsers were redirected to a “Magnitude” exploit kit. “This exploit kit exploits vulnerabilities in Continue Reading
Security researcher Jitendra Jaiswal has identified a couple of interesting vulnerabilities in Facebook and Google. Both of them have been addressed. The security hole that plagued Facebook was an open URL redirect issue that allowed an attacker to redirect victims to any website without any restriction and without interaction on Continue Reading
Microsoft’s handy automated Windows error report feature “Dr. Watson” mostly transmits crash log data in the clear, leaving organizations that use the function vulnerable to targeted attacks, researchers say. Websense Security Labs found in a study of risks posed by some popular applications and services that Microsoft Windows Error Reporting, Continue Reading
By