After being alerted about some privilege escalation vulnerabilities in its Endpoint Protection product on July 29, Symantec immediately released an advisory with mitigation solutions, and now it has made available a patch for administrators. They need to access the FileConnect service and download the Symantec Endpoint Protection 12.1 Release Update Continue Reading
Cisco has shipped a patch for a buggy Open Shortest Path First (OSPF) routing implementation it says offers exploits that include traffic blackholing or interception. As the advisory notes, the vulnerability “could allow an unauthenticated attacker to take full control of the OSPF Autonomous System (AS) domain routing table, blackhole Continue Reading
Mozilla officially released the stable version of Firefox 31 for all supported platforms, integrating 11 security fixes, three of them being marked as critical. One of the major vulnerabilities corrected would allow exploitation of a WebGL crash with Cesium JavaScript library. Details about this glitch are not available at the Continue Reading
A security researcher is claiming to have found a set of services in iOS that appear to be a firmware-level backdoor in iOS devices. What’s more interesting is that Apple has, in a very non-Apple manner, responded to his claims by posting a support page about it. He claims that Continue Reading
Oracle has issued 113 fixes relating to products in nearly its entire services portfolio in its latest quarterly Critical Patch Update. Oracle announced the details of its July Critical Patch Update, which was released on Tuesday, via a threat advisory on its website. The advisory details fixes for key Oracle Continue Reading
By