An unnamed security researcher released information Monday on a discovered Windows vulnerability that could be used to perform remote code execution.
Microsoft explained its "silent fix" patching rationale on Monday, but it's no cause for alarm for IT pros practicing good patch-testing techniques, according to security researchers.
Cyber war has emerged as the hot topic at annual RSA Security Conference being held this week.
- By William Jackson
- 02/14/2011
Microsoft filed a motion with a Washington State Superior Court on Thursday that accuses Matt Miszewski, former market development manager for Microsoft's government group, of stealing 600 MB of documents the company considered confidential when taking a new position at Salesforce.com.
A Microsoft official briefly noted on Thursday that Microsoft is planning two new options for IT organizations using Windows 7 -- but the catch is that Software Assurance (SA) licensing needs to be in place.
In an "important, non-security update" released on Tuesday, Microsoft is offering a more convenient way to plug an Autorun hole for Windows XP and Vista users.
Two entries in this month's security update, released Tuesday, blocks Windows 7 users from connecting to VMware's View Connection Servers, according to a VMware security bulletin.
Patch Tuesday reminds us once again that hackers will always be a step ahead. Plus: Outlook issue to be fixed out of band; Intel's intentions with McAfee buy seem questionable.
- By Jabulani Leffall
- 02/09/2011
As expected, Microsoft today released 12 security bulletins in its February security update, targeting more than 20 software vulnerabilities.
- By Jabulani Leffall
- 02/08/2011
Officials in the United Kingdom now suggest that a cyberattack from purported White House e-mail accounts actually originated from China, and the perpetrator used a hoax e-mail address that resembled a White House account.
- By Alice Lipowicz
- 02/08/2011
Microsoft began 2011 with a light touch, but IT pros can expect a decidedly heavy February security update next Tuesday.
- By Jabulani Leffall
- 02/03/2011
Google is looking to reward those who can find a vulnerability in its Chrome browser.
Sentrigo Hedgehog DBscanner offers enterprise-class vulnerability assessment and security scanning for databases.
- By J. Peter Bruzzese
- 02/01/2011
Should IT support token-generated, one-time passwords for users on a network?
- By Readers of Redmond magazine
- 01/31/2011
Cloud backup is simple, if you remember to set it up in the first place.
Hackers go after your browsing sessions. Plus: Conficker worm is gone, but not forgotten; unrest in Egypt worries Microsoft, Cisco.
- By Jabulani Leffall
- 01/31/2011
Microsoft released Security Advisory 2501696 in response a scripting vulnerability in Internet Explorer that affects all versions of Windows.
A demonstration of an attack against an Apple iPhone at the Black Hat Technical Security DC 2011 Conference in Arlington, Va., demonstrated that software in many GSM-based smart phones contains vulnerabilities that could open the phones to remote exploits.
- By William Jackson
- 01/21/2011
Scammers have set their sights on tablets and smartphones, and away from Windows desktops, in response to rising consumer demand for mobile devices.
The cloud is the current Next Big Thing in computing, and the Next Big Thing in attacks could be a new breed of economic denial-of-service attacks intended to use up resources and drive up the cost of cloud computing, warns a senior security researcher at Adobe Systems.
- By William Jackson
- 01/20/2011