security update
Drupal moves to fix flaws in update process
After IOActive researcher Fernando Arnaboldi publicly revealed three crucial vulnerabilities in Drupal’s update process last Thursday, the Drupal Security Team published …
After two fixes, OAuth standard deemed secure
OAuth 2.0 is one of the most used single sign-on systems on the web: it is used by Facebook, Google, Microsoft, GitHub and other big Internet companies. A group of researchers …
PostgreSQL 9.5: Row level security, Big Data and UPSERT
PostgreSQL 9.5 adds UPSERT capability, Row Level Security, and multiple Big Data features, which will broaden the user base for the world’s most advanced database. …
January Android security update fixes 5 critical flaws, removes unneeded component
Google has released the January security update for Android (for its Nexus devices). The update fixes 12 issues, five of which are critical. The most important hole …
Oracle agrees to settle FTC charges it deceived consumers about Java updates
Oracle has agreed to settle Federal Trade Commission charges that it deceived consumers about the security provided by updates to its Java Platform, Standard Edition software …
Critical RCE bug in FireEye’s security appliances exploitable via email
Last week, FireEye has silently pushed out a patch for an extremely easy-to-exploit remote code execution bug affecting its NX, EX, FX and AX Series security appliances in …
Critical Joomla RCE bug actively exploited, patch immediately!
An eight-year-old Joomla critical remote code execution vulnerability, which is being actively exploited in attacks in the wild, has been patched by the developers of the …
Microsoft kills many critical flaws, some 0-days, un-trusts one wildcard cert
For this December Patch Tuesday, Microsoft has released twelve security bulletins, eight of which have been rated critical.Those refer to the cumulative security updates for …
Apple releases security updates for every major product
Apple has released security updates for the operating systems running on the company’s iPhones, computers, Apple TV and various versions of smartwatches, as well as …
Four critical Android bugs patched, one could lead to permanent device compromise
Google’s December security update for Android has been pushed out to Nexus devices on Monday, and it contains fixes for 19 vulnerabilities, four of which are deemed …
Microsoft warns of imminent end of support for all but the latest Internet Explorer versions
Windows users who still prefer Internet Explorer to all other browsers have been urged by Microsoft to update to the latest (and last) version of the browser (v11), as the …
High-impact DoS flaw patched in Node.js, update as soon as possible
The Node.js Foundation has pushed out a patch for its eponymous open source, cross-platform runtime environment for developing server-side web applications. The fix plugs two …