Next Tuesday, Microsoft plans to ship six bulletins with patches for a wide swathe of vulnerabilities in Windows, Internet Explorer, Outlook Express, Windows Mail, Office and Visio.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years. He was most recently Editorial Director of BYTE, Dark Reading and Network Computing at UBM Tech. Prior to that he spent over a decade consulting and writing on technology subjects, primarily in the area of security. He is the author of three books and thousands of published articles and many more unpublished, private reports. Larry has been Technical Director at several test laboratories where he both directed and ran product testing, with a special interest in test automation. Larry began his career as a Software Engineer at the now-defunct Desktop Software Corporation in Princeton, NJ, on the team that wrote the NPL 4GL query language. He also worked on corporate IT and software development at Chase Econometrics. Larry is a graduate of the University of Pennsylvania with a degree in Public Policy.
Ms. Violet Blue (tinynibbles.com, @violetblue) is a freelance investigative reporter on hacking and cybercrime at Zero Day/ZDNet, CNET and CBS News, as well as a noted sex columnist. She has made regular appearances on CNN and The Oprah Winfrey Show and is regularly interviewed, quoted, and featured in a variety of publications that includes ABC News and the Wall Street Journal. She has authored and edited award-winning, best selling books in eight translations and has been a sex columnist for the San Francisco Chronicle. She has given keynote talks at such conferences as ETech, LeWeb, and the Forbes Brand Leadership Conference, and has given two Tech Talks at Google. In 2010, the London Times named Blue one of “40 bloggers who really count.” Ms. Blue is the author of The Smart Girl's Guide to Privacy. Violet Blue bio courtesy of TTI Vanguard.
An unknown hacker has published exploit code for dangerous holes in two ActiveX controls installed by default by the Yahoo Messenger package.
Jeff Jones has expanded his project to count security flaws (publicly reported and fixed) in the major workstation operating systems and his latest numbers show Windows Vista has by far the best security profile when compared to the major Linux distributions.
Researchers at eEye Digital Security has found several high-risk code execution holes in the Yahoo Messenger instant messaging program.
Research from Google's new anti-malware team suggests that Microsoft's IIS server features "twice as often" as a server firing drive-by malware downloads.
Mozilla security chief Window Snyder is pouring cold water on a claim by an independent researcher that there's a major security hole in the Firefox browser.
This morning on the Howard Stern radio show, 'Baba Booey' came into the studio to help with a live commercial for Lifelock, an identity theft anti-fraud service that makes an eye-opening guarantee to its customers.After hearing the ad, I scribbled a note to check it out for a possible story down the road when I saw Wired's Kim Zetter pointing to an investigative piece by the Phoenix New Times on the troubling background of Robert J.
Microsoft security whiz Michael Howard is urging developers in the Windows ecosystem to adopt fuzz testing as a critical part of the software creation process, stressing that the use of fuzzers can dramatically reduce the number of potential security vulnerabilities.
Polish hacker Michal Zalewski's has ratcheted up his ongoing assault on Web browser security models, releasing details on serious flaws in fully patched versions of IE 6, IE 7 and Firefox 2.0.
A Web application security specialist has figured out a way to launch sophisticated man-in-the-middle attacks against a computer with a fully patched Google Desktop installed.
Google has hurriedly fixed a gaping hole in its Web page removal request tool after outsiders discovered they could traverse up the directory root, browse folders and find weak database passwords.
Mozilla has released a new version of its flagship Firefox browser with fixes for five security vulnerabilities, one carrying a "critical" rating.
Even after you install the latest security updates from Mozilla, those browser extensions you use and love could put you at risk of code execution attacks.
Apple has slapped another patch on its QuickTime media player to plug two serious security vulnerabilities.
Google has quietly made its first anti-malware acquisition, snapping up GreenBorder Technologies, a venture-backed company that sells browser virtualization security software.