Microsoft on Thursday previewed three critical bulletins for Microsoft Office and Windows and a moderate denial of service vulnerability for the company's security software.According to Microsoft's advance notification, the software giant will address the following in its Patch Tuesday update May 13:A critical remote code execution vulnerability primarily affecting Microsoft Office (Word) and another critical remote code execution flaw in Publisher.
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Mozilla is warning that a Vietnamese language pack for Firefox 2 is carrying malware.In her blog, Mozilla security chief Window Snyder writes:The Vietnamese language pack for Firefox 2 contains inserted code to load remote content.
Hey all,I was fortunate enough to be invited to attend Microsoft Blue Hat v 7 as I had some research that Microsoft was interested in bringing me in to talk about. Microsoft got to have co-worker and fellow researcher Rob Carter and I in to talk to product security teams about some of the things we'd found, and we got a free pass to an invite only conference that had some great talks.
From Paul Miller at Engadget:"At last the moment you've been waiting for. Microsoft wants to hit your version of Windows with an update, and this time you don't have to go rummaging around the internet to find it: just fire up Windows Update and let Microsoft do all the work.
PDP, the leader of the Gnucitizen White Hat Hacker outfit announced the opening of the House of Hackers social community yesterday. The House of Hackers is intended to enable its members to exchange ideas with each other, communicate, form groups, elite circles and tiger/red teams, conglomerate around projects, and participate in a hacker recruitment market.
Google on Tuesday detailed plans for oCERT, a volunteer workforce that will remediate security issues in open source applications.The move makes a ton of sense.
The CORE Security Team released an advisory to the Full-Disclosure mailing list today that documented a stack overflow in NASA's Common Data Format libs.Looking at this bug, the tech details aren't overwhelming, I think I'm mostly excited about it due to the high profile of hacking NASA libs.
SAP has forged an agreement with Research in Motion to run its customer relationship management software on the BlackBerry platform. Just don't expect SAP to roll out to other platforms anytime soon.
In the security research world, getting Rickrolled has become a global epidemic. If you've been to any of the recent conferences, you're sure to have been Rickrolled at least once...
PHP Group delivered release 5.2.6 to fix multiple security vulnerabilities.