Tag Archives: zdi

Microsoft Patch Tuesday, May 2021 Edition

May 11, 2021

Microsoft today released fixes to plug at least 55 security holes in its Windows operating systems and other software. Four of these weaknesses can be exploited by malware and malcontents to seize complete, remote control over vulnerable systems without any help from users. On deck this month are patches to quash a wormable flaw, a creepy wireless bug, and yet another reason to call for the death of Microsoft’s Internet Explorer (IE) web browser.

US-CERT to Windows Users: Dump Apple Quicktime

April 18, 2016

67 Comments

Microsoft Windows users who still have Apple Quicktime installed should ditch the program now that Apple has stopped shipping security updates for the platform, warns the Department of Homeland Security’s U.S. Computer Emergency Readiness Team (US-CERT). The advice came just as researchers are reporting two new critical security holes in Quicktime that likely won’t be patched.

How to Break Into Security, Miller Edition

August 7, 2012

23 Comments

For this fifth edition in a series of advice columns for folks interested in learning more about security as a craft or profession, I interviewed Charlie Miller, a software bug-finder extraordinaire and principal research consultant with Accuvant LABS.

Probably best known for his skills at hacking Apple’s products, Miller spent five years at the National Security Agency as a “global network exploitation analyst.” After leaving the NSA, Miller carved out a niche for himself as an independent security consultant before joining Accuvant in May 2011.

Firm to Release Database & Web Server 0days

January 11, 2010

63 Comments

January promises to be a busy month for Web server and database administrators alike: A security research firm in Russia says it plans to release information about a slew of vulnerabilities in widely-used commercial software products.