Follow via:: RSS; Email Alert

Vulnerability

Let's face it. Software has holes. And hackers love to exploit them. New vulnerabilities appear almost daily. If you have software---we all do---you need to keep tabs on the latest vulnerabilities.

Should we be focusing on vulnerabilities or exploits?

Mitja Kolsek argues that there's a hidden danger in focusing on limiting exploitability instead of exterminating vulnerabilities.

Read More »
Mozilla patches 'critical' Firefox security hole

Mozilla rates this a "critical" vulnerability that can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.

Read More »
Patch Tuesday heads-up: 21 vulnerabilities, including 'critical' IE bulletin

Fixes coming for dangerous security holes in Microsoft Windows, Microsoft Office, the Internet Explorer browser and .NET/Silverlight.

Read More »
Which are the most commonly observed Web exploits in the wild?

M86Security's newly released report "Security Labs Report - July â€“ December 2011 Recap", details some of the most commonly observed Web exploits currently in the wild.

Read More »
Researchers spot a fake version of Temple Run on Android's Market

Security researchers from TrendMicro have spotted a fake version of popular game Temple Run, currently available at Android's Market.

Read More »

TechRepublic Discussions

ZDNet’s Tech Community

Related Topics

Security, Microsoft Windows, Software, Microsoft Corp., Ryan Naraine, Operating Systems, Internet, Web Browsers, Microsoft Internet Explorer, Flaw, Attacker, Microsoft Office, Attack, Patches, Larry Dignan, Microsoft Windows 2000, Office Suites, Web Browser, Hardware

Sort By
Content Type

View All (804 results)
Blog posts (474 results)
Software downloads (260 results)
News items (64 results)
Image galleries (5 results)
Videos (1 results)

Should we be focusing on vulnerabilities or exploits?

Mitja Kolsek argues that there's a hidden danger in focusing on limiting exploitability instead of exterminating vulnerabilities.

Blog posts | February 13, 2012 9:19am PST
Mozilla patches 'critical' Firefox security hole

Mozilla rates this a "critical" vulnerability that can be used to run attacker code and install software, requiring no user interaction beyond normal browsing.

Blog posts | February 12, 2012 1:16pm PST
Patch Tuesday heads-up: 21 vulnerabilities, including 'critical' IE bulletin

Fixes coming for dangerous security holes in Microsoft Windows, Microsoft Office, the Internet Explorer browser and .NET/Silverlight.

Blog posts | February 9, 2012 1:24pm PST
Hackers pounce on just-patched Windows Media vulnerability

The end result is a malicious Trojan with rootkit capabilities. The attack happens silently in the background and all the user sees is a blank WMP application playing a file.

Blog posts | January 27, 2012 12:07pm PST
How SCADA highlights the futility of finding security vulnerabilities

Pete Lindstrom argues that 'irresponsible' disclosure of security holes in SCADA systems could put human lives at risk and calls on the security research community to start thinking about the...

Blog posts | January 27, 2012 8:45am PST
Attack tool published for WiFi setup flaw; Cisco issues warning

A working attack tool for this vulnerability is publicly available so it's important for affected users to heed all vendor warnings.

Blog posts | January 16, 2012 8:05am PST
Oracle to patch 79 DB server vulnerabilities

The most serious of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.

Blog posts | January 12, 2012 3:39pm PST
'Critical' Windows Media flaws put millions at risk

Pay special attention to MS12-004, a "critical" bulletin that provides fixes for two serious flaws in the way Windows Media handles certain media files.

Blog posts | January 10, 2012 12:04pm PST
iPhone date glitch exposes photo albums

If your iOS device's clock is rolled back, your entire photo album is visible even if the device is locked with a passcode.

Blog posts | January 4, 2012 9:44am PST
Microsoft releases out-of-band security update to plug .NET hole

Just in time for the new year, Microsoft released a rare out-of-band security update, its 100th of the year. The update represents "holiday heroics" for the team that sacrificed Christmas to plug...

Blog posts | December 29, 2011 11:41am PST
Windows Phone hit by SMS vulnerability

SMS message causes device to reboot and disables access to the messaging hub.

Blog posts | December 13, 2011 5:32am PST
Adobe PDF Reader zero-day under attack

According to a warning from Adobe, the attacks have been observed in the wild against Windows users running Adobe Reader version 9.4.6. An emergency fix is coming next week.

Blog posts | December 6, 2011 12:49pm PST
Apple fixes iOS vulnerability exposed by Charlie Miller

Apple fixes the security vulnerability that was at the center of its decision to dismiss Charlie Miller from the iOS developer program.

Blog posts | November 10, 2011 9:49pm PST
Microsoft fixes gaping hole in Windows TCP/IP stack

An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. Microsoft urges Windows users to treat this update with the utmost priority.

Blog posts | November 8, 2011 10:39pm PST
Windows kernel 'zero-day' found in Duqu attack

One version of the attack was triggered by a rigged Microsoft Word .doc that probably included some social engineering and required the target to open the booby-trapped file.

Blog posts | November 1, 2011 10:54am PDT
Opera denies ignoring critical font manipulation vulnerability

Opera Software spars with a security researcher over (ir)responsible disclosure of a critical security vulnerability.

Blog posts | October 20, 2011 1:59pm PDT
Apple slaps another security band-aid on iTunes

Apple patches 79 gaping security holes in the iTunes for Windows software.

Blog posts | October 11, 2011 1:09pm PDT
Complex IT security risks can only be treated with comprehensive response, not point products

There are so many different points at which security incidents can occur; the real trick is getting your arms around all of them and focusing your attention on those that are most likely to cause...

Blog posts | October 11, 2011 6:17am PDT
If your PC picks up a virus, whose fault is it?

Want to avoid being attacked by viruses and other malware? Two recent studies reveal the secret: regular patching. A fully patched system with a firewall enabled offers almost complete protection...

Blog posts | October 7, 2011 3:00am PDT
27 of 100 tested Chrome extensions contain 51 vulnerabilities

A group of security researchers have analyzed 100 Chrome extensions and found out that 27 of the 100 extensions contain one or more vulnerabilities in their cores, for a total of 51 vulnerabilities.

Blog posts | October 4, 2011 1:20am PDT

Page 1 of 28

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Media Gallery

Patch Tuesday's make investors jittery

Images: How to run Internet Explorer securely

Facebook Activity

White Papers, Webcasts, & Resources

Live Webcast: Fast and Efficient Business Security Strategies Check out this webcast to learn more about fast and efficient business security strategies. You're in the midst of an arms race, make sure you win it. Download Now
Live Webcast: Top Considerations for Effective Managed Security for 2012 and Beyond Register for this webcast, Top Considerations for Effective Managed Security for 2012 and Beyond, to learn more about what you can do to keep your network protected for years to come. Download Now
eBook "Real-World Virtualization for Your Business" The next revolution has arrived, and this time it's all about virtualization. Check out this ebook, Real-World Virtualization For Your Business, to see what the big deal is. Download Now