Flash Update Plugs 18 Security Holes
Adobe on Thursday released an update to its Flash Player software that fixes at least 18 security vulnerabilities, including one that is being exploited in targeted attacks.
Category Archives: Time to Patch
‘Evilgrade’ Gets an Upgrade
“Evilgrade,” a toolkit that makes it simple for attackers to install malicious software by exploiting weaknesses in the auto-update feature of many popular software titles, recently received an upgrade of its own and is now capable of hijacking the update process of more than 60 legitimate programs.
Critical Fixes for Shockwave, Firefox
Adobe Systems pushed out critical security update for its Shockwave Player that fixes nearly a dozen security vulnerabilities. The software maker also is warning that attackers are targeting a previously unidentified security hole in its Acrobat and PDF Reader products.
Demystifying KB976902, a.k.a. Microsoft’s “Blackhole” Update
I’ve received several e-mails from readers concerned about a mysterious, undocumented software patch that Microsoft began offering to Windows 7 users through Windows Update this week. Readers were nervous about this patch because it lacks any real description of its function, and what little documentation there is about it says that it cannot be removed once installed, and that it may be required as a prerequisite for installing future updates.
Koobface Worm Targets Java on Mac OS X
A new version of the infamous Koobface worm designed to attack Mac OS X computers is spreading through Facebook and other social networking sites, security experts warn.
Security software maker Intego says this Mac OS X version of the Koobface worm is being served as part of a multi-platform attack that uses a malicious Java applet to attack users. According to Intego, the apple includes a prompt to install the malicious software:
Critical RealPlayer Update
Real Networks Inc. has released a new version of RealPlayer that fixes at least seven critical vulnerabilities that could be used to compromise host systems remotely if left unpatched. I’ve never hidden my distaste for this program, mainly due to… Read More »
Microsoft: ‘Unprecedented Wave of Java Exploitation’
Microsoft Corp. today warned that it is seeing a huge uptick in attacks against security holes in Java, a software package that is installed on the majority of the world’s desktop computers. In a posting to the Microsoft Malware Protection… Read More »
Java Update Clobbers 29 Security Flaws
Oracle today released a critical update to its widely-installed Java software, fixing at least 29 security vulnerabilities in the program. Most consumers on Microsoft Windows PCs will have some version of Java installed (if you’re not sure whether you have… Read More »
Microsoft Plugs a Record 49 Security Holes
Microsoft today issued 16 update bundles to fix a record-breaking 49 separate security vulnerabilities in computers powered by its Windows operating systems and other software.
Reader, Acrobat Patches Plug 23 Security Holes
A new security update from Adobe plugs at least 23 security holes in its PDF Reader and Acrobat software, including two vulnerabilities that attackers are actively exploiting to break into computers. Adobe is urging Reader and Acrobat users of versions… Read More »
