Adobe releases critical emergency update for Flash Player
Adobe released an update for Flash Player to fix a critical remote code execution vulnerability that is actively being targeted by attackers.
Adobe released an update for Flash Player to fix a critical remote code execution vulnerability that is actively being targeted by attackers.
The software used by many wireless IP cameras manufactured by Foscam Digital Technologies have a vulnerability that allows remote users to access their video streams and take snapshots without proper authentication.
Cisco Systems has released software updates for its Cisco Secure Access Control System (ACS) in order to patch three vulnerabilities that could give remote attackers administrative access to the platform and allow them to execute OS-level commands without authorization.
Microsoft's "Patch Tuesday" set of monthly software patches is so minimal for January that at least one security firm is suggesting that IT shops first tend to recently issued patches for more severe vulnerabilities found in Oracle Java, Adobe Flash and Adobe Reader.
Cisco Systems promised to issue firmware updates removing a backdoor from a wireless access point and two of its routers later this month. The undocumented feature could allow unauthenticated remote attackers to gain administrative access to the devices.
Attackers exploited a vulnerability in Adobe ColdFusion to install data-stealing malware that works as a module for Microsoft's Internet Information Services (IIS) Web server software.
Adobe patched several vulnerabilities in its Flash Player and Shockwave Player on Tuesday, including one for which an exploit is already available.
The latest round of monthly patches from Microsoft illustrates the need for organizations to move from older versions of Microsoft software if they haven't done so already.
Ruby on Rails users are advised to upgrade to newly released versions of the Web development framework that contain important security fixes, according to the Rails development team.
Google released emergency security updates for Chrome in order to patch critical vulnerabilities demonstrated Thursday by a security researcher at the Mobile Pwn2Own hacking competition.
Adobe Systems released security updates for Flash Player, AIR and ColdFusion to fix critical vulnerabilities that could allow attackers to take control of affected systems or read information from servers without authorization.
Microsoft patched serious vulnerabilities Tuesday in Windows, Internet Explorer and Office, but also urged customers to stop using the aging RC4 cipher and SHA-1 hashing function in their systems and services.
The Intelligent Platform Management Interface (IPMI) implementation found in motherboards from server manufacturer Supermicro suffers from serious vulnerabilities that could allow attackers to remotely compromise the management controllers in servers that use them.
A new bug bounty program sponsored by Microsoft and Facebook will reward security researchers for finding and reporting vulnerabilities in widely used software that have the potential to affect a large number of Internet users.
Many open-source software developers need to improve the way in which they handle vulnerability reports, according to researchers from security firm Rapid7, who recently found and reported vulnerabilities in seven popular open-source software applications.