UPDATED. I ran the numbers and vulnerabilities in browsers are up this year, as is their severity. We know more about this for Internet Explorer because Microsoft provides the most data.
Showing results 1 to 20 of 492
iSight says the "Sandworm" team has targeted NATO, the European Union, Ukraine and industry through a previously unrecognized Windows zero-day exploit.
Despite their ages, the crimes are serious: breaking into both the US Army and Microsoft's servers to steal everything from unreleased games to military software.
Apple has patched an exploit with its Find My iPhone online service that may have been used by hackers to gain access to personal photos stored on iCloud accounts belonging to some 100 celebrities.
UPDATED. This Patch Tuesday brings six updates but the first, a Cumulative Update for Internet Explorer, fixes 24 of the vulnerabilities.
The exploit attempt targeted the Visual Basic Scripting for Applications feature in Microsoft Word.
Australian businesses in the resource and mining, financial services, and telecommunications sector are the latest targets of hackers exploiting Internet Explorer zero day.
Microsoft might want to draw a line under Windows XP; hackers and users will be reluctant to let it off the hook.
Windows XP's next-to-last Patch Tuesday saw four updates to it. Office 2003 is also going off support, but no updates were released today for it.
So is Microsoft right to pull the plug on Windows XP support? I think it is. The line has to be drawn somewhere, and I think April is as good a time as any.
The zero day exploit reported last week as affecting only Internet Explorer 10 also affects IE 9. Microsoft has released a "Fix it".
By running users under standard, non-admin accounts, IT can prevent a very high percentage of Microsoft vulnerabilities from being exploited.
A new zero-day exploit within IE 10 has been discovered in what is called "Operation Snowman," resulting in rapid investigation by Microsoft.
[UPDATED] 24 vulnerabilities in total are patched in today's round of updates, but four of them are already being exploited in the wild.
Security high-hats from Microsoft, Facebook and others have launched HackerOne: an open call for hackers to submit Internet bugs for cash. Hackers can remain anonymous, while all vulns are made public.
Microsoft wants to take a bite out of the exploit market, and has opened its Bug Bounty Program up beyond the usual scope of hackers and researchers.
Microsoft has updated one of their security bulletins with the news that one of the vulnerabilities listed in it wasn't actually patched.
October's patches are described in eight bulletins and address problems in Windows, Office, SharePoint Server, Silverlight, and Internet Explorer. One of the IE bugs has been exploited in the wild for some time now.
Three separate targeted attack campaigns have been using the vulnerability, and now an exploit has been released on Metasploit. Microsoft has released a Fix it but not a patch.
Microsoft has released 13 security updates for Internet Explorer, Outlook, SharePoint and Windows. 47 vulnerabilities in all are patched, but perhaps the scariest affects Outlook 2007 and 2010.
The best of ZDNet, delivered
- 1 Perfectly legal ways you can still get Windows 7 cheap (or even free)
- 2 How much does an iPhone 6 really cost? (Hint: It's way more than $199)
- 3 31 ways to improve your iPhone's battery life
- 4 Seven privacy settings you should change immediately in iOS 8
- 5 Review: Tile Bluetooth tag (verdict: Great)