Severity: High Summary: These vulnerabilities affect: Microsoft Office related products, including Word, Works, Sharepoint, InfoPack, Communicator, Lync, Groove, and more How an attacker exploits them: Multiple vectors of attack, including enticing users to click specially crafted links, or to open specially crafted documents Impact: In the worst case, an attacker can gain … [Read more...]
Final IE 0day Update: Microsoft Out-of-Cycle Patch Available
If you've read my two posts [ 1 / 2 ], and watched this week's video, you already know all about the zero day vulnerability plaguing Internet Explorer (IE) this week. In my last update, I mentioned Microsoft promised to release a full, out-of-cycle patch for this serious vulnerability today. True to their word, they did just that. Since you know all about this flaw already, I … [Read more...]
IE 0day Update: Microsoft Releases a FixIt Patch
A few days ago, I posted an alert about a zero day Internet Explorer (IE) vulnerability that attackers were exploiting in the wild. By luring you to a web site containing malicious code, a remote attacker can exploit this flaw to execute code on your computer, with your privileges. To most Windows users, this means the attacker gains complete control of your computer. Today, … [Read more...]
Attackers Exploit Serious Zero Day Internet Explorer Vulnerability
Yesterday, Microsoft released a critical security advisory warning customers of a serious new zero day vulnerability in Internet Explorer (IE), which attackers are exploiting in the wild. According to a blog post, a security researcher named Eric Romang first discovered the zero day IE exploit as he was poking around a web server hijacked by the Nitro gang. Romang found four … [Read more...]
iTunes 10.7 Update: Heavy On Security Fixes, Short On Details
Yesterday, Apple released an updated version of their popular media player and mobile syncing software, iTunes 10.7. The update adds new features (like support for upcoming iOS 6) and fixes security vulnerabilities. I must admit, I pretty much ignored Apple's email about this update at first. After all, iTunes is a media player. Not really your typical business critical … [Read more...]