UPDATE–As if all of the vulnerabilities in Flash and Windows discovered in the Hacking Team document cache and the 193 bugs Oracle fixed last week weren’t enough for organizations to deal with, HP’s Zero Day Initiative has released four new zero days in Internet Explorer Mobile that can lead to remote code execution on Windows Phones. […]
Tag Archives: Vulnerabilities
Google Patches 43 Bugs in Chrome
A new version of Google Chrome is available, and it contains patches for 43 security vulnerabilities, many of them in the high-risk category. Two of the more serious vulnerabilities fixed in Chrome 44 are a pair of universal cross-site scripting bugs. One of the flaws is in blink, the Web layout engine in Chrome. The […]
Netragard Shutters Controversial Exploit Acquisition Program
Netragard, one of the small number of companies that buys and sells exploits, has shut down its exploit acquisition program in the wake of the HackingTeam breach. Among the revelations in the cache of documents leaked after the attack on HackingTeam was information about Netragard selling an exploit to the Italian maker of intrusion and surveillance […]
Threatpost News Wrap, July 17, 2015
Dennis Fisher and Mike Mimoso talk about all of the patches from Microsoft, Adobe and Oracle, the Flash security saga and the Darkode forum takedown.
Security Support Ends For Remaining Windows XP Machines
Microsoft ended security support for existing Microsoft Security Essentials customers running Windows XP, a little more than a year after support officially ended
Coalition of Security Companies Forms to Oppose Wassenaar Rules
A large group of security companies have formed a coalition to oppose the proposed rules from the Department of Commerce that would regulate the export of so-called intrusion software, a broad term that researchers and legal experts are concerned would limit security research and development. The rules proposed by the department’s Bureau of Industry and Security in […]
Oracle Patches Java Zero Day
Oracle has released its quarterly patch update, which includes fixes for nearly 200 vulnerabilities. The most notable bug fixed in this release is the Java zero day that’s been used in an ongoing attack campaign. The massive release from Oracle has patches for a long list of products, but the Java vulnerabilities are the heart […]
Microsoft Patches Hacking Team Windows Kernel Zero Day
Microsoft patched a Windows kernel zero day vulnerability uncovered among the data stolen from the controversial Hacking Team.
Flash Player Update Patches Two Hacking Team Zero Days
Adobe today patched two zero day vulnerabilities discovered in data from the Hacking Team breach. It also released updated versions of Acrobat, Reader and Shockwave.
United Airlines Hands Out Million-Mile Bug Bounty
Security researcher Jordan Wiens was awarded one million miles after submitting a remote code execution bug to United Airlines’ bug bounty program.