Threat Center Security News
Security News
Community feedback helped build fortified IE8 Print E-mail
Written by Rebecca Mints   
Tuesday, 24 March 2009 01:21
Microsoft Corporation’s security team has applauded its colleagues in the security community for giving factual and accurate feedback that help them develop their products. The latest case is that of the Internet Explorer which the security community had reported to be vulnerable to attacks using the .NET framework DLL files. Jonathan Ness of the Microsoft Security Response Center Engineering posted on the latest MSRC bulletin that the IE team was able to install mitigating measures on the IE version 8 owing mainly from the security community’s feedback. 

The new IE8 on Windows Vista is now capable of blocking the .NET DEP+ASLR bypass mechanism from malicious websites on the Internet. 
Read more...
 
Durable rootkits for BIOS key to surviving attacks Print E-mail
Written by Rebecca Mints   
Sunday, 22 March 2009 23:48
The basic input/output system or BIOS which makes up a computer’s low-level operating instructions can be used to create rootkits that will shield the system from various attacks.

This was revealed by security researchers during the CanSecWest security conference on Thursday as they demonstrated a new way of overwriting BIOS to create a durable rootkit which prevents an attack to wipe out hard-disk data.
Read more...
 
Breakthrough security software from Microsoft out this week Print E-mail
Written by Rebecca Mints   
Friday, 20 March 2009 00:44
Software magnate Microsoft Corporation is due to release this Friday a breakthrough software that will help developers identify and categorize bugs and ward off exploitation.

Microsoft calls the new utility software !exploitable (pronounced ‘bang exploitable) and describes it as a ‘plugin for the Windows debugger that categorizes crash information using major and minor hashes.
Read more...
 
PcAnywhere may cause denial of service Print E-mail
Written by Rebecca Mints   
Thursday, 19 March 2009 01:16

A new vulnerability has been discovered in Symantec PcAnywhere version 10 up to 12.1 related to its format strings within .chf remote control file names or associated file path.

Reported to the vendor by Deral Heiland, the hole has been categorized by Symantec as low but still advises PcAnywhere 10 users to upgrade to version 12.5 SP 1.

Read more...
 
Prevention-based technology answer to browser holes, says expert Print E-mail
Written by Rebecca Mints   
Wednesday, 18 March 2009 01:02

There can be a permanent solution to the recurrent flaws and threats to security that had been discovered in many browsers, including the most popular Internet Explorer.

This is according to COMODO CEO and chief security architect Melih Abdulhayoglu who analyzed the security threats recently found in Opera, Mozilla and IE.

Read more...
 
More Articles...


Page 6 of 33

WTW Threat Level