Security Patches

WordPress update fixes XSS issues

By

Bloggers using the WordPress platform are "strongly encouraged" to update their sites immediately to address persistent XSS issues.

Adobe issued hotfix for critical information disclosure vulnerability in ColdFusion

By

Adobe has released security hotfixes for a critical information disclosure vulnerability that exists in ColdFusion versions 10 and 11, across all platforms.

Cisco updates advisory: "We have started publishing fixes" for NSA-linked exploits

By

Cisco updated a security advisory for a remote code execution vulnerability affecting the SNMP application-layer protocol.

Cisco flags five product vulnerabilities that could trigger denial of service

Cisco flags five product vulnerabilities that could trigger denial of service

By

Cisco issued five security alerts last week, issuing software updates to patch a series of vulnerabilities, any of which could potentially trigger a denial of service condition.

Google patches Chrome 49 vulnerabilities

By

Google released a patch for vulnerabilities affecting the latest version of Chrome for Windows, Mac, and Linux, including several high-risk issues.

Silverlight exploit now used in Angler Exploit Kit

By

As Kaspersky Labs researchers predicted, exploits of Silverlight vulnerability are now in the Angler Exploit Kit.

Several bugs detected in IBM Java Runtime

By

Multiple vulnerabilities that could enable a remote attacker to launch a denial-of-service attack have been detected in the IBM Runtime Environment Java Technology Edition v6.

Mozilla patches 11 issues with Firefox, three rated critical

By

Mozilla released 11 patches for Firefox 44 and Firefox ESR 38.6 with three being rated as critical.

Nest, other IoT devices, sent user info in the clear

Nest, other IoT devices, sent user info in the clear

By

Researchers at Princeton University's Center for Information Technology Policy (CITP) found security vulnerabilities in many of the most popular IoT devices that they looked at, including Google's Nest Thermostat.

Apple updates iOS, OS X and Safari

By

Apple released patches for iOS, OS X and Safari after Synack's Patrick Wardle demonstrated that it was still possible for attackers to bypass Apple's Gatekeeper program.

Kernel bug allows full takeover of Linux devices

By

Researchers discovered a serious vulnerability in the Linux operating system kernel that could allow attackers to take full control of Linux devices, including PCs, Android phones and servers.

Gatekeeper flaw opens Apple systems to intrusion

By

Mac users who have long felt secure from cyber-attacks may now be susceptible owing to a reported flaw.

'High risk' for users of FRITZ!Box routers

By

A number of remote code execution bugs in several models of FRITZ!Box broadband routers could allow intruders to place phone calls through the device.

WordPress 4.4.1 patches 52 security issues

By

WordPress issued its latest security release, version 4.4.1, to patch more than 50 problems, including a cross-site scripting vulnerability affecting versions 4.4 and earlier.

Adobe addresses vulnerabilities in Flash Player, Acrobat and Reader

By

Adobe on Tuesday released security updates for Flash Player, AIR, Acrobat and Reader that address numerous bugs, some of which are considered critical.

WordPress 4.3.1 released, fixes three security issues

By

WordPress 4.3.1 was made available on Tuesday, and users are strongly encouraged to upgrade since it comes with fixes for a few security issues.

Adobe addresses critical Shockwave Player vulnerabilities

By

The update addresses critical memory corruption vulnerabilities that could be exploited by an attacker to take control of an affected Windows system.

Samsung will now release monthly security patches

Samsung will issue monthly Android patches through various agreements with carriers and partners around the world.

WordPress 4.2.3 released, addresses critical XSS vulnerability

WordPress 4.2.3 released, addresses critical XSS vulnerability

By

WordPress 4.2.3 was made available on Thursday - the update comes with fixes for a number of bugs, including a potentially dangerous cross-site scripting (XSS) vulnerability.

Cisco addresses denial-of-service vulnerability in Videoscape products

By

The updates address a DoS vulnerability in Videoscape Distribution Suite for Internet Streaming and Videoscape Distribution Suite Service Broker.

Apple fixes dozens of vulnerabilities in iOS and OS X

Apple fixes dozens of vulnerabilities in iOS and OS X

By

Security flaws would have allowed remote code execution and Man-in-the-Middle attacks

How to get IT to eat its vegetables

How to get IT to eat its vegetables

Patching can be a significant pain for organisations. Similar to eating our vegetables, it's something we know we should do but is still hard to swallow for various reasons, says Rob Juncker.

SC Webcasts UK

Sign up to our newsletters

FOLLOW US