While Microsoft has declined to comment on the IE-to-Firefox flaw drama (beyond an "it's not our fault" statement), a former security strategist is coming to the company's defense, arguing that there's no real way for Internet Explorer to validate the code being passed to Firefox.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Ryan Naraine is a journalist and social media enthusiast specializing in Internet and computer security issues.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response.
Apple today shipped its fifth QuickTime security update for 2007, patching at least eight vulnerabilities that could cause code execution attacks on Mac OS X, Windows XP and Windows Vista systems.
Patch Tuesday is no longer an exclusive Microsoft event. Slowly but surely, it's beginning to look like more and more big-name software vendors are piggybacking on Microsoft's scheduled patch day to roll out critical software fixes.
The ongoing confusion over the IE -> Firefox security vulnerability that introduces a nasty attack vector for Windows users with both browsers installed has raised a serious question about the responsibility of software vendors to protect its customers.
A quartet of former Microsoft employees have launched an anti-malware start-up, joining an established list of companies using browser plugins to thwart drive-by exploits.
Microsoft's Patch Tuesday train arrived today with six bulletins covering at least 11 vulnerabilities, most carrying the company's highest severity rating.
Hackers attending next month's Hack in the Box conference in Kuala Lumpur are pitching in to raise funds for the Malaysian National Cancer Council.
Experts agree that Windows machines with both Internet Explorer and Firefox installed are vulnerable to a serious security vulnerability but there's all kinds of confusion over which browser is hosting the vulnerability.
The following configuration changes, recommended by CERT/CC, can disable various features and set up Firefox to run in a secure state, limiting the damage from malware attacks.
Google has announced its second acquisition in the computer security space, shelling out a whopping $625 million in cash to snap up enterprise e-mail security vendor Postini.