I'm still working on that follow-up story on how Yahoo completely screwed up the flaw disclosure process (waiting to give Yahoo a chance to comment) and caused exploit code to be publicly released but, in the meantime, Yahoo Messenger users should know that a patch is now available and ready for download.Over the next several weeks, users worldwide will be prompted to update to a new version of Yahoo!
Staying on top of the latest in software/hardware security research, vulnerabilities, threats and computer attacks.
Violet Blue is the author of The Smart Girl's Guide to Privacy. She contributes to ZDNet, CNET, CBS News, and SF Appeal.
Larry Seltzer has long been a recognized expert in technology, with a focus on mobile technology and security in recent years
Next Tuesday, Microsoft plans to ship six bulletins with patches for a wide swathe of vulnerabilities in Windows, Internet Explorer, Outlook Express, Windows Mail, Office and Visio.
An unknown hacker has published exploit code for dangerous holes in two ActiveX controls installed by default by the Yahoo Messenger package.
Jeff Jones has expanded his project to count security flaws (publicly reported and fixed) in the major workstation operating systems and his latest numbers show Windows Vista has by far the best security profile when compared to the major Linux distributions.
Researchers at eEye Digital Security has found several high-risk code execution holes in the Yahoo Messenger instant messaging program.
Research from Google's new anti-malware team suggests that Microsoft's IIS server features "twice as often" as a server firing drive-by malware downloads.
Mozilla security chief Window Snyder is pouring cold water on a claim by an independent researcher that there's a major security hole in the Firefox browser.
This morning on the Howard Stern radio show, 'Baba Booey' came into the studio to help with a live commercial for Lifelock, an identity theft anti-fraud service that makes an eye-opening guarantee to its customers.After hearing the ad, I scribbled a note to check it out for a possible story down the road when I saw Wired's Kim Zetter pointing to an investigative piece by the Phoenix New Times on the troubling background of Robert J.
Microsoft security whiz Michael Howard is urging developers in the Windows ecosystem to adopt fuzz testing as a critical part of the software creation process, stressing that the use of fuzzers can dramatically reduce the number of potential security vulnerabilities.
Polish hacker Michal Zalewski's has ratcheted up his ongoing assault on Web browser security models, releasing details on serious flaws in fully patched versions of IE 6, IE 7 and Firefox 2.0.