Archive for the 'Vulnerabilities' Category

Excel user's are not entirely safe. A new vulnerability was found in Microsoft's spreadsheet program, Excel. This vulnerability can be exploited by hackers to create a malicious Excel document, which, when opened, would compromise the system.
Even though, as Microsoft has stated, these exploits are likely to be used in targeted attacks, the risk is still […]

People tend to rely on wireless networks a lot these days, but there are things concerning the security measures employed in this method of connectivity that people don't know about, thus putting themselves in danger of being spied on.
It should first be noted, that wireless networks are less safe due to their nature: to spy […]

After patching QuickTime to version 7.3 and thus disposing of a widely-exploited bug, Apple is facing yet another vulnerability. This particular one affects Windows XP and Vista users, although it's not certain yet, whether Mac OS X is susceptible.
Attack code exploiting this vulnerability has been posted on milw0rm.com, it has to do with malware being […]

A flaw that had been patched for Mac OS X 10.4 has resurfaced again in Apple's new operating system Leopard. The vulnerability lies in Apple mail and could allow malicious software to be disguised as benign attachments.
"Files on a Mac can contain additional information, such how another program should be used to open them. The […]

On November 14 Apple released an update for its Mac OS X, patching 41 vulnerabilities at once. 15 of these vulnerabilities were critical since they were flagged as capable of "arbitrary code execution," or, in other words, these flaws could be exploited to compromise a Mac. The remainder fixes took care of bugs that could […]

Dr. Benny Pinkas from the Department of Computer Science at the University of Haifa has expressed his concern on a possible vulnerability in relation to the Windows 2000 random number generator. He said that hackers may exploit CryptGenRandom to reach sensitive personal information including banking details, email passwords and others.
Mark Miller, Microsoft's director for security […]

The 1.1.2 firmware was released last week, in an attempt to disallow third-party applications to run on the iPhone. In a matter of hours it was hacked, albeit mostly not for malicious reasons, such as unlocking the phone for other carriers. Patrik Runald, the security response manager for F-Secure Security Labs, in accordance to this, […]

Microsoft has released a patch Tuesday, for a flaw that involves third-party anti-piracy software bundled with Windows. The flaw was first found by Symantec's Elia Florio three weeks ago, when the vulnerability, which had not been documented, was being exploited on fully-patched Windows XP and Server 2003. The flaw exists in "secdrv.sys" - a file […]

Previously unknown RealPlayer exploitation was discovered last week. So far, it can be told that unpatched vulnerability affects the latest versions of RealPlayer and RealPlayer 11 BETA, although older versions may also be vulnerable. Furthermore, an ActiveX object in the RealPlayer component ierpplug.dll is affected. This is not the first case of exploitation of this […]

Australia’s finally realizing the threats of cyber attacks to the country’s government institutions and business sector, which were attacked dozens of times this year, and now it’s raising concerns about the safety of personal and financial data of users.
A hacker’s website tells about numerous security breaches of government websites. Although it doesn’t say anything about […]