security update
Critical Samba flaw allows unauthorized remote code execution
Samba, the popular free software that allows file and print sharing between computers running Windows and those running Unix or Linux, has been found sporting a critical flaw …
Flaw makes Cisco routing hardware vulnerable to DoS attacks
A serious vulnerability affecting the software of some of Cisco’s routing hardware systems for telecommunications and Internet service providers could be exploited to …
Microsoft fixes critical remotely exploitable Windows root-level design bug
In this month’s Patch Tuesday, Microsoft has released nine security bulletins to address 56 unique vulnerabilities in Microsoft Windows, Microsoft Office, Internet …
Adobe patches latest Flash Player zero-day
Adobe has released Flash Player 16.0.0.305, a new version that fixes the latest zero-day flaw (CVE-2015-0313) that is currently exploited in mass malvertising campaigns. An …
New OS X Yosemite version fixes critical security issues, including Thunderstrike
Apple has released the latest version of OS X Yosemite (v10.10.2) and the first security update (2015-001) for this year, and among the problems fixed is one affecting the CPU …
Why Google won’t be updating pre-KitKat WebKit anymore
Two weeks ago, Rapid 7 researchers discovered that Google will no longer be providing security patches for WebView used in pre-KitKat (v4.4) Android versions, meaning that …
Adobe updates Flash Player again, plugs 0-day exploited by Angler
Adobe made good on its promise to make available by this week a fix for the recently discovered critical zero-day Flash Player vulnerability (CVE-2015-0311) preyed on by the …
Critical Flash Player hole plugged, another still unpatched and exploited
Adobe has released an out-of-band update for Flash Player, which fixes a security flaw (CVE-2015-0310) that could be used to circumvent memory randomization mitigations on the …
GoDaddy fixes domain-hijacking vulnerability
Security engineer Dylan Saccomanni has discovered a critical CSRF vulnerability that can be exploited to take over domains registered with Go Daddy, and has forced the popular …
Oracle patches 169 vulns across its products, many are critical
On Tuesday Oracle released its quarterly Critical Patch Update, which addressed a total of 169 vulnerabilities across multiple products, including Java SE (Standard Edition). …
January’s Patch Tuesday marks the start of a new era
Microsoft’s January 2015 patch Tuesday marks the start of a new era. It seems that Microsoft’s trend towards openness in security has reversed and the company that …
Over 930M Android users in danger as Google stops delivering critical patches
Nearly a billion of Android users – over half of the total number of worldwide users – are in danger of being targeted by cyber attackers exploiting …