zero day

Tue
03
May
John Lister's picture

Report: Zero Day Bugs On The Rise

Two separate reports point to a spike in zero-day bugs . That's when would-be attackers trying to exploit a bug have a head-start over developers who are trying to fix and patch it. When software developers discover a security vulnerability (or are ... told about it by responsible researchers), they are in a race against time to find and roll out a fix before attackers discover it and start trying to take advantage. Often they'll only have a matter of days. A zero-day bug is defined as one whose existence is (or was) discovered by hackers before it is known to the software developers. That means ... (view more)

Sat
23
Apr
John Lister's picture

Chrome Gets Urgent Patch for Zero-Day Exploit

Google has issued a third zero-day bug warning for Chrome this year. While the browser will auto-update, it's a reminder not to leave it open indefinitely. In short, a zero-day bug refers to the time developers discovered the problem and were able ... to roll out a fix. Ideally, they'll have a head start and can either get the patch in place before would-be attackers even start working on exploiting it. In this case, however, attackers not only know about the bug but are already taking advantage before developers can roll out a fix. Memory Compromised This particular bug is described as a "type ... (view more)

Mon
25
Oct
John Lister's picture

Apple Patches Major iPhone Bug linked to Gov't Spying

Apple has released a patch for a potentially serious iPhone bug. It's worth double-checking the patch was installed automatically and forcing it to do so if it has not. The fix comes in version 15.0.2 of iOS and patches an actively exploited ... zero-day bug. That means attackers not only know about the security hole but were already using it before Apple could release a fix. In other words, Apple had a "zero days" head start in the battle between patching and hacking. The bug involves memory corruption and means a correctly-targeted attack could allow malware to access parts of the memory that ... (view more)

Mon
20
Sep
John Lister's picture

Apple Patches Critical Image Preview Bug

Apple has patched a security flaw that could compromise phones and tablets just by users receiving a message. The exploit would use an attachment in iMessages but wouldn't require the user to click or open it. It's a potentially very serious flaw ... though ironically that may be the saving factor for most ordinary users. Because it's so serious, experts believe it's most likely to be used for highly targeted attacks. The bug was discovered by researchers at the University of Toronto, who say it's an example of "zero-click spyware". While they've seen similar attacks on Apple devices before, it's ... (view more)

Tue
14
Sep
John Lister's picture

MS Office, Internet Explorer Form Zero Day Attack

Security experts have warned users to take extra care opening Microsoft Office files. An unpatched bug in Internet Explorer can affect users regardless of their preferred browser. The bug takes advantage of the way Office files can open links in ... Internet Explorer. It means that attackers can craft Office files that, once opened, automatically load an "attack" page in Internet Explorer that installs malware. Exactly what malware to install is up to the attacker. There is some protection for some users. In many cases, Office will by default open a document in Protected View, which blocks links ... (view more)

Thu
04
Mar
John Lister's picture

Chrome Zero-Day Bug: Update Now

If you use Chrome, you need to make sure it's up to date. The browser has been hit by a dreaded zero-day flaw . In this case, hackers are aware of the bug and are actively exploiting it before Google has a chance to issue a security patch. The name ... comes from the fact that Google has "zero days" head start in getting the patches out. Google confirmed that it "is aware of reports that an exploit for CVE-2021-21166 [the bug in question] exists in the wild." (Source: googleblog.com ) High Severity Flaw The security flaw is rated as "high severity" on Google's rankings of how much ... (view more)

Tue
12
Jan
John Lister's picture

100M Users Still Using Windows 7

As many as 100 million PCs could still be running Windows 7 according to a newly-published estimate. That's despite Microsoft withdrawing support for the 11-year old system last year. The estimate comes from Ed Bott of ZDNet and is based on data ... published at analytics.usa.gov. That brings together site visitor data from most US government agencies. It means the figures will primarily represent visitors from the United States. (Source: zdnet.com ) Bott notes that across the agencies, 8.5 per cent of visitors in the past 90 days were running Windows 7 and 3.4 percent running Windows 8 or 8.1. ... (view more)

Wed
26
Feb
John Lister's picture

Chrome Users: Update Now to Patch Critical Bug

Google has issued a critically important update to its Chrome browser due to a nasty zero day bug. The browser should update automatically for most users, but the bug is serious enough that it's a case of checking to ensure that the update has been ... successfully applied. The update fixes three security problems, one of which is a critical. It means hackers were actively exploiting the problem before Google fixed it - meaning the update process gave users a zero day head start on the bad guys (hence the term, ' zero day exploit '). Perhaps unsurprisingly, Google isn't saying much at all about ... (view more)

Thu
26
Sep
John Lister's picture

Latest Internet Explorer Bug a Massive Risk

Microsoft has issued an emergency patch for Internet Explorer. In the most extreme circumstances, a user simply visiting a website could give a hacker complete remote control of a computer. Between Chrome's dominance and Edge becoming the default on ... new Windows machines, Internet Explorer is far from popular and is now used on around 8 percent of desktop computers. However, that still means around a hundred million machines could be affected by this bug. (Source: bbc.co.uk ) It's a sign of how serious the problem is that Microsoft has issued an emergency patch, or as it calls it, an out-of- ... (view more)

Wed
31
Jul
John Lister's picture

iPhone/iPad Users: Update Immediately

Google says it has found half a dozen major security flaws in Apple's iPhone messaging system. A new iOS update fixes five of the problems, but Google says one remains unpatched. The flaws were discovered by Google's Project Zero, a department that ... takes its name from the idea of "zero day" bugs . That's where would-be hackers become aware of a security issue before the relevant software developers are able to patch the bug. The zero day bugs are then exploited which often results in elevated privileged access levels given to a rogue program. The problems are with iMessage, the instant ... (view more)

Pages

Subscribe to RSS - zero day