bug

Thu
28
Sep
John Lister's picture

New Internet Explorer Security Bug Exposes Search

A newly discovered Internet Explorer bug means rogue websites can track the next site a user visits, or even the next search the user makes. While it's not necessarily devastating in itself, the researcher who found the bug says it is a sign ... Microsoft isn't paying enough attention to its old browser. The bug means that a 'rogue' web page could access the content of whatever the user types in to the Internet Explorer address bar as soon as they press the Enter key. This would normally be another website address, but the way Internet Explorer works means it could also be a search term. Security ... (view more)

Wed
02
Nov
John Lister's picture

Microsoft Slams Google for Unveiling 'Critical' Windows Bug

Microsoft has criticized Google for revealing details of what the search giant has dubbed a "critical" security flaw in Windows. The two companies dispute whether Google gave Microsoft enough time to fix the problem before going public. The ... controversy lies in the fact that Microsoft has yet to release a fix for the problem and has not even said if one exists. The bug applies to 32-bit editions of Windows and allows an unauthorized local privilege escalation. The effect is to undermine a security feature known as " sandboxing ," which is designed so that if a hacker ... (view more)

Thu
03
Mar
John Lister's picture

New 'Drown' Bug: Millions of Secure Sites Could be at Risk

An estimated 11 million secure websites could be vulnerable to hackers exploiting a security bug. Amazingly, the bug has to do with technology that is over 20 years old. There's little, if anything website visitors can do as the bug needs fixing by ... site operators. However, it is possible to check if a site appears to be vulnerable. The bug has been dubbed Drown, a name rather tenuously derived from "Decrypting the RSA algorithm with Obsolete and Weakened eNcryption." Researchers who uncovered the bug aren't publishing the precise details. At the moment it's not known if ... (view more)

Thu
02
Jul
John Lister's picture

Google App Mistakenly Labels Black Couple as Gorillas

Google has apologized after its new Photos app for mobile devices labeled two black people as gorillas. It says it is taking both immediate and long term steps to make sure the mistake never happens again. The software bug follows a series of ... incidents in which searching for racist terms on its mapping service brought up the White House as the top result, though that particular incident was a "social prank," rather than a genuine bug in the software. The Photos app for mobile devices is designed to be a single online storage place for pictures, accessible from any computer or device ... (view more)

Thu
12
Mar
John Lister's picture

Patch To Fix FREAK Bug is a Must-Install

Microsoft has joined Apple and Google in releasing browser security updates to patch a bug dubbed FREAK. The bug could make it easier for hackers to decrypt data that intercept from website users. The vulnerability of FREAK doesn't allow hackers to ... see data in plain sight. Instead, it allows them to remotely change what's meant to be a secure website connection into an unsecure one, meaning that previously encrypted data would then travel without any encryption. To be of any use, a hacker would need to combine the FREAK exploit with another vulnerability that let them intercept data, ... (view more)

Tue
13
Jan
John Lister's picture

Google Exposes Severe Windows Flaw Before Fix Due

Microsoft has publicly lashed out at Google for revealing a severe security flaw in Windows 8.1 before it was able to release a fix. The public disclosure has reawakened a longstanding dispute about how to go about reporting security flaws. Comments ... on Google's website suggest that the same bug also affects Windows 7 Professional 64bit, with Service Pack 1; if true, it's equally likely the bug also affects other earlier versions of the Windows operating system, including Windows XP, which is no longer supported by Microsoft and will therefore remain unpatched. The bug involves the way ... (view more)

Thu
13
Nov
Brandon Dimmel's picture

MS Patches 20 Year Old Exploit; XP Still Vulnerable

Microsoft has patched a security vulnerability that somehow evaded detection for roughly twenty years. The bug has reportedly existed in every single version of the Windows operating system since Windows 95. According to reports, the bug can allow a ... hacker to execute code remotely when a user visits a malicious website. IBM security expert Robert Freeman says the bug is related to a flaw in VBScript, which first debuted with Internet Explorer 3.0 in the late 1990s. Freeman says that the bug remains invulnerable to Microsoft's anti-exploitation tools, otherwise known as the Enhanced ... (view more)

Wed
30
Apr
John Lister's picture

Security Experts: Stop Using Internet Explorer

The United States Department of Homeland Security (DOHS) has warned that users should switch away from Internet Explorer until a serious bug has been fixed. It's the first big security scare since Microsoft stopped supporting Windows XP earlier this ... month. The bug doesn't have a glamorous nickname and is instead simply known as CVE-2014-1776. When triggered, the bug allows for remote code execution, which means a third party would have full control over a remote PC without the need for credentials or consent from the PC owner. By clicking on a malicious link or by visiting an infected ... (view more)

Fri
21
Feb
John Lister's picture

Microsoft Issues Emergency Fix for IE 9, 10 Users

Microsoft has released a temporary fix to an important security bug affecting two recent versions of Internet Explorer. The exploit has been linked to attacks that compromised a website for US military veterans. The bug affects Internet Explorer ... versions 9 and 10. It does not affect version 11, nor anything previous to version 9. That said, using an earlier version Internet Explorer less than what is currently available (depending on which version of Windows you're running) is definitely not advised. JavaScript Bug Exploits Drive-by Download Attack The exploit involves JavaScript, a ... (view more)

Thu
10
Oct
Dennis Faas's picture

Microsoft Issues Massive Reward to Security Expert

If you've got the skills, it can certainly pay to be a security researcher. One expert recently earned more than $100,000 after discovering a major security flaw in Microsoft's Windows 8.1 operating system. The award is part of Microsoft's "bug ... bounty" program, which the Redmond, Washington-based firm unveiled earlier this year. Google and Mozilla also employ similar programs , which allow major tech firms to save money by effectively outsourcing their security tasks to independent experts. "Mitigation Bypass Bounty" Includes $100,000 Prize The $100,000 award is part of Microsoft's ... (view more)

Pages

Subscribe to RSS - bug