Maximum PC vulnerability RSS Feed

Microsoft Patches Critical Vulnerability for XP, Vista, Windows 7, and Others

Mark Edward Soper — Fri, 24 Oct 2008 10:53:38 -0500

Redmond usually releases security patches once a month, on Patch Tuesday, but Microsoft's security experts are worried enough about a newly reported vulnerability in the Server service to post an "out-of-band" security update, MS08-067, yesterday for all versions of Windows from Windows 2000 SP4 through Windows Server 2008 and Windows 7 pre-beta. Microsoft hasn't issued a security update between Patch Tuesday releases since April 2007, so this is a significant security issue.

Although all supported versions of Windows are vulnerable, Windows 2000 SP4, Windows XP, and Windows Server 2003 versions are especially vulnerable to this flaw, which can permit remote code execution via a specially crafted RFC request.

To find out what makes this vulnerability so critical, and to learn how to get the update, join us after the jump.

Google Patches Chrome Security Vulnerabilities

Pulkit Chandna — Wed, 10 Sep 2008 19:11:23 -0500

Several security vulnerabilities were reported in Google’s Chrome web browser after its beta version was launched earlier this month with much ado. Google has quickly responded with a security update that fixes four vulnerabilities. The update addresses two buffer overflow vulnerabilities, both rated critical by Google, and two other minor bugs. However, the carpet-bombing threat, first brought to light by security researcher Aviv Raff, still looms.

Weekend Security News: Opera Patches Multiple Bugs in Browser, Critical Vulnerability Found in VLC Media Player

Paul Lilly — Sat, 05 Jul 2008 01:38:29 -0500

This holiday weekend many of you will be kicking back with a cold one, firing up the grill, spectating your local fireworks display, and perhaps catching up on a videogame or two when the festivities all come to an end. But while you're busy unwinding, hackers continue to look for ways to distribute malicious code and exploit vulnerabilities. Don't let what's supposed to be a relaxing weekend turn into a hair-pulling experience because you were caught off guard.

Update to Opera 9.5.1

Opera Software unveiled version 9.5 of its flagship browser less than a month ago, and the first major update is now available. Patching Opera to version 9.5.1 addresses several bugs and stability issues, and at least one "highly critical" vulnerability that could be used to execute arbitrary code. And it's not just Windows users that should install the update, but Mac OS X and Linux lovers too. Areas addressed in the update include:

User Interface
Mail/News
Display and Scripting
Security
Miscellaneous

View the 9.5.1 changelog for a detailed list of changes, and then hit the jump to see why you should be extra cautious about using the VLC Media Player.

IE (and You) Vulnerable to iFrame Vulnerability

Mark Edward Soper — Wed, 02 Jul 2008 15:38:58 -0500

Framed web pages are everywhere - but IE isn't ready to handle iFrame hijacking. ZDNet's Zero Day blog repots that exploit code is now available online to demonstrate how to perform malicious attacks against IE7 as well as IE6 and even IE8 beta 1. Even if your version of IE is fully patched, it's not ready to handle this vulnerability.

To find out how the threat works, join us after the break.

Firefox 3 Ships, Vulnerability Discovery Follows

Mark Edward Soper — Fri, 20 Jun 2008 15:41:46 -0500

TippingPoint's Zero Day Initiative rewards researchers for discovering vulnerabilities - but the timing of a report on a Firefox vulnerability seems suspicious. Learn how to protect yourself - now.

Just five hours after Firefox 3 was released to a waiting world, TippingPoint's Zero Day Initiative was informed of a serious vulnerability in the brand-new browser, IDG News Service reports. That's fast work, but some are wondering about the timing of the information...

Browser Wars, Part II

Mark Soper — Wed, 26 Mar 2008 22:36:00 -0500

Find out who's king of the browser rendering sweepstakes, and which browser-come-lately has an "impossible" end-user license agreement - not to mention a couple of serious security flaws.

Microsoft Stops URI Threats to Windows XP - Protect Yourself Today!

Mark Soper — Wed, 14 Nov 2007 13:19:10 -0600

Why you need to run, not walk, to your Windows XP systems and grab the latest Windows security update before the bad guys can attack your system.

Got Adobe Acrobat or Reader 8.1? The "Fix" Is In

Mark 'Marcus Soperus' Soper — Mon, 22 Oct 2007 22:55:31 -0500

... the "Mailto" URI vulnerability fix, that is. Find out how to get the updates and learn which Acrobat and Reader users are still at risk.