Researchers from the respected malware research firm FireEye today reported a zero-day flaw that is actively being exploited in the wild. They reportedly observed successful exploitation of the latest Adobe PDF Reader 9.5.3, 10.1.5, and 11.0.1. It is assumed that earlier versions are also vulnerable though this has not been confirmed. In the words of […]
Tag Archives: zero-day
Today, a Security Bulletin (APSB13-04) has been posted to address security issues in Adobe Flash Player 11.5.502.146 and earlier versions for Windows and Macintosh, Adobe Flash Player 11.2.202.261 and earlier versions for Linux, Adobe Flash Player 11.1.115.36 and earlier versions for Android 4.x, and Adobe Flash Player 11.1.111.31 and earlier versions for Android 3.x and […]
Oracle has released a sizable number of patches for Java to address 50 vulnerabilities affecting both the browser versions as well as the server. The “Critical Patch Update February 2013” (CPU) for Java had been scheduled for February 19th, but due to one of the vulnerabilities being exploited in the wild, the company brought the […]
The Department of Homeland Security urged computer users on Tuesday to disable a common networking technology feature, after researchers warned that hackers could exploit flaws to gain access to tens of millions of vulnerable devices. The U.S. government’s Computer Emergency Readiness Team, on its website, advised consumers and businesses to disable a feature known as […]
I’m not kidding. Heck, I might even be wrong. But it appears as though the administrator of a hacker forum has sold weaponized and full source code versions of the new zero-day exploit. There are reasons for doubt, however. According to Brian Krebs, the exploit was purportedly limited in its sale to only two buyers […]
For crying out loud… How did this happen? You’re just surfing along, minding your own business and BAM – some bogus-looking thing pops up claiming you have 300 infected files and you need to pay $70 to get your computer cleaned. Or, like my elderly neighbor over the past weekend, you get a scary full-screen […]
After announcing a fix was coming just yesterday, Oracle on Sunday released Java 7 Update 11 to address the recently disclosed security vulnerability. If you use Java, you should download the latest update now from the Java Control Panel or directly from Oracle’s website here: Java SE 7u11. Always visit the Programs and Features app […]
Security experts worldwide are raising the alarm about the recently disclosed zero-day exploit affecting all versions of Java. The latest Java version, Java 7 Update 10 contains a critical security vulnerability which is reportedly already being used for large scale cyber attacks. Users who have Java installed on their computers should consider removing it unless […]
Microsoft has released a rare out-of-band critical update that appears to address the zero-day exploit announced on January 5th. The software giant previously released a manual “fixit” for this vulnerability but researchers soon found ways around the patch. This update addresses the original problem and is slated for release on January 14th, 2013
Oracle has announced that the end-of-life (EOL) of Java SE 6 has been moved from November 2012 to February 2013. This is to give organizations small and large more time to transition to Java SE 7. This is the second EOL extension given to Java SE 6, the original EOL date being July 2012. The […]