Over the course of the last six months, Cloudflare bled a lot of sensitive data. The reason? A bug in its HTML-Parser that in the end impacted millions of websites. Beside other things, they offer DDoS protection and a CDN service. Due to the massiv amount of affected websites its a rather important issue and it’s […]
The post Cloudflare, Cloudbleed – or 3,400 reasons of shit happens appeared first on Avira Blog.
Microsoft appears to have silently fixed a two-year-old bug in in Windows Kernel Object Manager that could have allowed for the bypass of privileges in Google’s Chrome browser.
The news of the week is discussed, including Schneier’s DDoS article, a patched IE/Edge zero day, a new OS X malware detection method, and Google’s Project Zero prize.
Security researchers have managed to launch an attack on Linux computers by targeting a physical weakness in some types of DDR memory chips, Ars Technica reports.
The post Google’s Project Zero reveals possible memory leak hack appeared first on We Live Security.
Google announced that it was adding a 14-day grace period to its 90-day vulnerability disclosure deadline if the affected vendor says it will have a patch ready inside the extension.
Google’s Project Zero has released information on three as yet unpatched vulnerabilities in Apple’s OS X operating system, reports Ars Technica.
The post Google reveals trio of security vulnerabilities in OS X appeared first on We Live Security.
Yahoo officials say that the company will disclose any new vulnerabilities that the company’s security team finds within 90 days of discovery. The new policy is the same one used by Google’s Project Zero, a team of researchers that looks for vulnerabilities in a variety of commonly used software packages and platforms. That team has […]
Details and exploit code for a vulnerability in Adobe Reader have surfaced and the bug can be used to break out of the Reader sandbox and execute arbitrary code. The bug was discovered earlier this year by a member of Google’s Project Zero and reported to Adobe, which made a change to Reader that made it […]